Nettoyage ordi
Résolu/Fermé
touptigus
Messages postés
107
Date d'inscription
mardi 22 juin 2010
Statut
Membre
Dernière intervention
18 juin 2013
-
23 nov. 2010 à 20:24
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 24 nov. 2010 à 18:11
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 24 nov. 2010 à 18:11
A voir également:
- Nettoyage ordi
- Nettoyage mac - Guide
- Mon ordi rame que faire - Guide
- Nettoyage pc gratuit - Guide
- Nettoyage de disque - Guide
- Comment reinitialiser un ordi - Guide
9 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 631
Modifié par Malekal_morte- le 23/11/2010 à 20:26
Modifié par Malekal_morte- le 23/11/2010 à 20:26
Salut,
Paye ta poubelle à malwares....
Sauvegarde tes documents importants.
Désactive les logiciels de protection (Antivirus, Antispywares) puis :
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.
Eventuellement, installe la console de récupération comme cela est conseillé
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Si le rapport ne passe pas, envoie le sur ce site : http://www.cijoint.fr/
et donne le lien ici :)
Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.
Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.
Proverbe Chinois : "Si tu sais mettre un bonnet sur la tete, tu sais mettre une capote"
Paye ta poubelle à malwares....
Sauvegarde tes documents importants.
Désactive les logiciels de protection (Antivirus, Antispywares) puis :
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.
Eventuellement, installe la console de récupération comme cela est conseillé
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Si le rapport ne passe pas, envoie le sur ce site : http://www.cijoint.fr/
et donne le lien ici :)
Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.
Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.
Proverbe Chinois : "Si tu sais mettre un bonnet sur la tete, tu sais mettre une capote"
touptigus
Messages postés
107
Date d'inscription
mardi 22 juin 2010
Statut
Membre
Dernière intervention
18 juin 2013
4
23 nov. 2010 à 20:56
23 nov. 2010 à 20:56
oki merci je fais ça tout de suite... et oui c'est une poubelle, je pensait que j'aurais eu plus le droit au terme decharge. Afin je suis surpris au'il fonctionne sans trop de problême....
touptigus
Messages postés
107
Date d'inscription
mardi 22 juin 2010
Statut
Membre
Dernière intervention
18 juin 2013
4
23 nov. 2010 à 21:37
23 nov. 2010 à 21:37
voici le rapport :
ComboFix 10-11-23.01 - Bruno1 23/11/2010 21:16:17.1.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.751.413 [GMT 1:00]
Lancé depuis: c:\documents and settings\Bruno1\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: VirusKeeper 2010 Pro antivirus *On-access scanning enabled* (Updated) {165EE528-D666-4745-B14E-AA998BBEC191}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Bruno1\Cookies\felusyt.ban
c:\documents and settings\Bruno1\Cookies\fujyziv.bin
c:\documents and settings\Bruno1\Cookies\otapy.inf
E:\AUTORUN.INF
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_usnjsvc
((((((((((((((((((((((((((((( Fichiers créés du 2010-10-23 au 2010-11-23 ))))))))))))))))))))))))))))))))))))
.
2010-11-23 17:33 . 2010-11-23 17:33 -------- d-----w- c:\documents and settings\Bruno1\Application Data\Malwarebytes
2010-11-23 17:33 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-23 17:33 . 2010-11-23 17:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-11-23 17:33 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-23 17:32 . 2010-11-23 17:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-20 15:36 . 2009-07-20 15:36 19180 ----a-w- c:\program files\Fichiers communs\yxepe.pif
2008-11-05 20:26 . 2008-11-05 20:26 16435 ----a-w- c:\program files\Fichiers communs\etuvumu.dll
2008-11-05 20:26 . 2008-11-05 20:26 13765 ----a-w- c:\program files\Fichiers communs\egygicu.exe
2004-10-01 13:00 . 2007-09-29 15:40 40960 -c--a-w- c:\program files\Uninstall_CDS.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MoneyAgent"="c:\program files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 204800]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-04 23975720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tpwrtray"="TPWRTRAY.EXE" [2003-05-07 217088]
"TouchED"="c:\program files\TOSHIBA\TouchED\TouchED.Exe" [2003-03-11 122880]
"TI WLAN"="c:\program files\Wireless LAN Utility\TIWLANCu.exe" [2005-03-14 1150976]
"TFNF5"="TFNF5.exe" [2001-09-04 69632]
"PmProxy"="c:\program files\Analog Devices\SoundMAX\PmProxy.exe" [2003-02-28 40960]
"Norton Ghost 12.0"="c:\program files\Norton Ghost\Agent\VProTray.exe" [2007-07-31 2037088]
"LTSMMSG"="LTSMMSG.exe" [2003-04-18 32768]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-23 1398272]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-04-06 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-04-06 114688]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-02 249896]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2002-12-25 159744]
"00THotkey"="c:\windows\System32\00THotkey.exe" [2003-05-23 253952]
"000StTHK"="000StTHK.exe" [2001-06-23 24576]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
ExifLauncher2.lnk - c:\program files\FinePixViewer\QuickDCF2.exe [2009-4-19 303104]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Zattoo\\Zattoo2.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8445:TCP"= 8445:TCP:BitComet 8445 TCP
"8445:UDP"= 8445:UDP:BitComet 8445 UDP
S3 ATMELWinXPPCMCIAFVNETR(2ARE)(R);ATMEL WinXP PCMCIAFVNETR(2ARE)(R) Service for ATMEL PCMCIA FastVNET (502A-E);c:\windows\system32\DRIVERS\fvnete51.sys --> c:\windows\system32\DRIVERS\fvnete51.sys [?]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\DRIVERS\wg111v2.sys --> c:\windows\system32\DRIVERS\wg111v2.sys [?]
S3 TNET1130;802.11 WLAN;c:\windows\system32\drivers\TNET1130.sys [07/08/2007 11:22 438912]
S3 wlags48b;Wireless LAN PCCard Driver;c:\windows\system32\drivers\wlags48b.sys [08/05/2003 10:29 156672]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 16:34 451872 ----a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Bruno1\Application Data\Mozilla\Firefox\Profiles\9icpinsg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-veoh&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig
FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-veoh&p=
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-PowerBar - (no file)
HKCU-Run-DscProcUi - c:\windows\system32\uhgnijyd.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-23 21:27
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
PowerBar = ????????????l?@?l?@?D?????9~??????????????9~l?@?l?@????? ???????????W?<~??9~??????9~K?9~x???????[?9~???????? ??????????????|x???0???????????? jt??9~????????????????A???????W???????l?@?l?@?????Q?:~????t?@?????l?@?8?@?l?@?3??s????????????????????8?@?_??s8?@?8?@
Recherche de fichiers cachés ...
c:\documents and settings\Bruno1\Application Data\Skype\famillewarouxauperou\main.db-journal 12824 bytes
Scan terminé avec succès
Fichiers cachés: 1
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(2164)
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Ahead\InCD\InCDsrv.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\Norton Ghost\Agent\VProSvc.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Wireless LAN Utility\tiwlnsvc.exe
c:\windows\system32\TPWRTRAY.EXE
c:\windows\system32\TFNF5.exe
c:\windows\LTSMMSG.exe
c:\program files\Apoint2K\Apntex.exe
c:\windows\hh.exe
c:\windows\system32\wscntfy.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Java\jre1.6.0_07\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2010-11-23 21:35:42 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-11-23 20:35
Avant-CF: 1 862 542 336 octets libres
Après-CF: 1 758 992 384 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn
- - End Of File - - D464E3DBF49AFB78CAB38AD42E92108D
ComboFix 10-11-23.01 - Bruno1 23/11/2010 21:16:17.1.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.751.413 [GMT 1:00]
Lancé depuis: c:\documents and settings\Bruno1\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: VirusKeeper 2010 Pro antivirus *On-access scanning enabled* (Updated) {165EE528-D666-4745-B14E-AA998BBEC191}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Bruno1\Cookies\felusyt.ban
c:\documents and settings\Bruno1\Cookies\fujyziv.bin
c:\documents and settings\Bruno1\Cookies\otapy.inf
E:\AUTORUN.INF
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_usnjsvc
((((((((((((((((((((((((((((( Fichiers créés du 2010-10-23 au 2010-11-23 ))))))))))))))))))))))))))))))))))))
.
2010-11-23 17:33 . 2010-11-23 17:33 -------- d-----w- c:\documents and settings\Bruno1\Application Data\Malwarebytes
2010-11-23 17:33 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-23 17:33 . 2010-11-23 17:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-11-23 17:33 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-23 17:32 . 2010-11-23 17:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-20 15:36 . 2009-07-20 15:36 19180 ----a-w- c:\program files\Fichiers communs\yxepe.pif
2008-11-05 20:26 . 2008-11-05 20:26 16435 ----a-w- c:\program files\Fichiers communs\etuvumu.dll
2008-11-05 20:26 . 2008-11-05 20:26 13765 ----a-w- c:\program files\Fichiers communs\egygicu.exe
2004-10-01 13:00 . 2007-09-29 15:40 40960 -c--a-w- c:\program files\Uninstall_CDS.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MoneyAgent"="c:\program files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 204800]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-04 23975720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tpwrtray"="TPWRTRAY.EXE" [2003-05-07 217088]
"TouchED"="c:\program files\TOSHIBA\TouchED\TouchED.Exe" [2003-03-11 122880]
"TI WLAN"="c:\program files\Wireless LAN Utility\TIWLANCu.exe" [2005-03-14 1150976]
"TFNF5"="TFNF5.exe" [2001-09-04 69632]
"PmProxy"="c:\program files\Analog Devices\SoundMAX\PmProxy.exe" [2003-02-28 40960]
"Norton Ghost 12.0"="c:\program files\Norton Ghost\Agent\VProTray.exe" [2007-07-31 2037088]
"LTSMMSG"="LTSMMSG.exe" [2003-04-18 32768]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-23 1398272]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-04-06 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-04-06 114688]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-02 249896]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2002-12-25 159744]
"00THotkey"="c:\windows\System32\00THotkey.exe" [2003-05-23 253952]
"000StTHK"="000StTHK.exe" [2001-06-23 24576]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
ExifLauncher2.lnk - c:\program files\FinePixViewer\QuickDCF2.exe [2009-4-19 303104]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Zattoo\\Zattoo2.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8445:TCP"= 8445:TCP:BitComet 8445 TCP
"8445:UDP"= 8445:UDP:BitComet 8445 UDP
S3 ATMELWinXPPCMCIAFVNETR(2ARE)(R);ATMEL WinXP PCMCIAFVNETR(2ARE)(R) Service for ATMEL PCMCIA FastVNET (502A-E);c:\windows\system32\DRIVERS\fvnete51.sys --> c:\windows\system32\DRIVERS\fvnete51.sys [?]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\DRIVERS\wg111v2.sys --> c:\windows\system32\DRIVERS\wg111v2.sys [?]
S3 TNET1130;802.11 WLAN;c:\windows\system32\drivers\TNET1130.sys [07/08/2007 11:22 438912]
S3 wlags48b;Wireless LAN PCCard Driver;c:\windows\system32\drivers\wlags48b.sys [08/05/2003 10:29 156672]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 16:34 451872 ----a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Bruno1\Application Data\Mozilla\Firefox\Profiles\9icpinsg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-veoh&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig
FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-veoh&p=
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-PowerBar - (no file)
HKCU-Run-DscProcUi - c:\windows\system32\uhgnijyd.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-23 21:27
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
PowerBar = ????????????l?@?l?@?D?????9~??????????????9~l?@?l?@????? ???????????W?<~??9~??????9~K?9~x???????[?9~???????? ??????????????|x???0???????????? jt??9~????????????????A???????W???????l?@?l?@?????Q?:~????t?@?????l?@?8?@?l?@?3??s????????????????????8?@?_??s8?@?8?@
Recherche de fichiers cachés ...
c:\documents and settings\Bruno1\Application Data\Skype\famillewarouxauperou\main.db-journal 12824 bytes
Scan terminé avec succès
Fichiers cachés: 1
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(2164)
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Ahead\InCD\InCDsrv.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\Norton Ghost\Agent\VProSvc.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Wireless LAN Utility\tiwlnsvc.exe
c:\windows\system32\TPWRTRAY.EXE
c:\windows\system32\TFNF5.exe
c:\windows\LTSMMSG.exe
c:\program files\Apoint2K\Apntex.exe
c:\windows\hh.exe
c:\windows\system32\wscntfy.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Java\jre1.6.0_07\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2010-11-23 21:35:42 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-11-23 20:35
Avant-CF: 1 862 542 336 octets libres
Après-CF: 1 758 992 384 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn
- - End Of File - - D464E3DBF49AFB78CAB38AD42E92108D
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 631
Modifié par Malekal_morte- le 23/11/2010 à 21:41
Modifié par Malekal_morte- le 23/11/2010 à 21:41
C'est quoi ton lecteur E:\ ?
Car apparemment t'as un C:\ E:\ et F:\
C'est un truc branché ? style disque dur externe ?
Envoie ces fichiers sur http://upload.malekal.com :
c:\program files\Fichiers communs\yxepe.pif
c:\program files\Fichiers communs\etuvumu.dll
c:\program files\Fichiers communs\egygicu.exe
Vois si tu peux les supprimer.
Si tu n'y arrives pas, dis le moi.
Proverbe Chinois : "Si tu sais mettre un bonnet sur la tete, tu sais mettre une capote"
Car apparemment t'as un C:\ E:\ et F:\
C'est un truc branché ? style disque dur externe ?
Envoie ces fichiers sur http://upload.malekal.com :
c:\program files\Fichiers communs\yxepe.pif
c:\program files\Fichiers communs\etuvumu.dll
c:\program files\Fichiers communs\egygicu.exe
Vois si tu peux les supprimer.
Si tu n'y arrives pas, dis le moi.
Proverbe Chinois : "Si tu sais mettre un bonnet sur la tete, tu sais mettre une capote"
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
touptigus
Messages postés
107
Date d'inscription
mardi 22 juin 2010
Statut
Membre
Dernière intervention
18 juin 2013
4
23 nov. 2010 à 21:44
23 nov. 2010 à 21:44
e: est une partition et f: est une clé usb....
j'envoie les fichiers et je supprime et ensuite?
et je te tiens au courant...
j'envoie les fichiers et je supprime et ensuite?
et je te tiens au courant...
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 631
23 nov. 2010 à 21:44
23 nov. 2010 à 21:44
oki.
oui fais ça.
oui fais ça.
touptigus
Messages postés
107
Date d'inscription
mardi 22 juin 2010
Statut
Membre
Dernière intervention
18 juin 2013
4
23 nov. 2010 à 21:50
23 nov. 2010 à 21:50
je n'ai pas pu envoyer le fichier yxepe.pif, il me dit au'il est impossible d'envoyer un fichier au format .pif
je suppose que je le supprime de toute façon? pour les deux autres, ça y est ils n'existent plus...
alors je supprime?
je suppose que je le supprime de toute façon? pour les deux autres, ça y est ils n'existent plus...
alors je supprime?
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 631
23 nov. 2010 à 21:53
23 nov. 2010 à 21:53
renomme le .pif en .exe
Si tu sais pas faire laisse tomber.
Par contre t'as pas l'air d'avoir d'antivirus.......
Installe Antivir : https://www.malekal.com/avira-free-security-antivirus-gratuit/
Fais un scan complet et poste le rapport ici.
Si tu sais pas faire laisse tomber.
Par contre t'as pas l'air d'avoir d'antivirus.......
Installe Antivir : https://www.malekal.com/avira-free-security-antivirus-gratuit/
Fais un scan complet et poste le rapport ici.
touptigus
Messages postés
107
Date d'inscription
mardi 22 juin 2010
Statut
Membre
Dernière intervention
18 juin 2013
4
24 nov. 2010 à 16:53
24 nov. 2010 à 16:53
voici le rapport, désolé j'ai été un peu long....
Avira AntiVir Personal
Report file date: mercredi 24 novembre 2010 14:38
Scanning for 3086742 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : BRUNO
Version information:
BUILD.DAT : 10.0.0.596 31825 Bytes 16/11/2010 15:57:00
AVSCAN.EXE : 10.0.3.1 434344 Bytes 02/08/2010 15:09:56
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 02/08/2010 15:10:00
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 19:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 17:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 16:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 11:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 15:10:03
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 15:10:04
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 15:10:06
VBASE008.VDF : 7.10.11.133 3454464 Bytes 13/09/2010 13:29:39
VBASE009.VDF : 7.10.13.80 2265600 Bytes 02/11/2010 13:29:58
VBASE010.VDF : 7.10.13.81 2048 Bytes 02/11/2010 13:29:59
VBASE011.VDF : 7.10.13.82 2048 Bytes 02/11/2010 13:29:59
VBASE012.VDF : 7.10.13.83 2048 Bytes 02/11/2010 13:30:00
VBASE013.VDF : 7.10.13.116 147968 Bytes 04/11/2010 13:30:01
VBASE014.VDF : 7.10.13.147 146944 Bytes 07/11/2010 13:30:06
VBASE015.VDF : 7.10.13.180 123904 Bytes 09/11/2010 13:30:08
VBASE016.VDF : 7.10.13.211 122368 Bytes 11/11/2010 13:30:09
VBASE017.VDF : 7.10.13.243 147456 Bytes 15/11/2010 13:30:11
VBASE018.VDF : 7.10.14.15 142848 Bytes 17/11/2010 13:30:12
VBASE019.VDF : 7.10.14.41 134144 Bytes 19/11/2010 13:30:14
VBASE020.VDF : 7.10.14.63 128000 Bytes 22/11/2010 13:30:16
VBASE021.VDF : 7.10.14.64 2048 Bytes 22/11/2010 13:30:16
VBASE022.VDF : 7.10.14.65 2048 Bytes 22/11/2010 13:30:16
VBASE023.VDF : 7.10.14.66 2048 Bytes 22/11/2010 13:30:17
VBASE024.VDF : 7.10.14.67 2048 Bytes 22/11/2010 13:30:17
VBASE025.VDF : 7.10.14.68 2048 Bytes 22/11/2010 13:30:18
VBASE026.VDF : 7.10.14.69 2048 Bytes 22/11/2010 13:30:18
VBASE027.VDF : 7.10.14.70 2048 Bytes 22/11/2010 13:30:18
VBASE028.VDF : 7.10.14.71 2048 Bytes 22/11/2010 13:30:19
VBASE029.VDF : 7.10.14.72 2048 Bytes 22/11/2010 13:30:19
VBASE030.VDF : 7.10.14.73 2048 Bytes 22/11/2010 13:30:19
VBASE031.VDF : 7.10.14.85 128000 Bytes 24/11/2010 13:30:22
Engineversion : 8.2.4.112
AEVDF.DLL : 8.1.2.1 106868 Bytes 02/08/2010 15:09:54
AESCRIPT.DLL : 8.1.3.47 1294716 Bytes 24/11/2010 13:30:59
AESCN.DLL : 8.1.7.2 127349 Bytes 24/11/2010 13:30:52
AESBX.DLL : 8.1.3.2 254324 Bytes 24/11/2010 13:31:01
AERDL.DLL : 8.1.9.2 635252 Bytes 24/11/2010 13:30:51
AEPACK.DLL : 8.2.3.11 471416 Bytes 24/11/2010 13:30:47
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 24/11/2010 13:30:44
AEHEUR.DLL : 8.1.2.44 3076471 Bytes 24/11/2010 13:30:42
AEHELP.DLL : 8.1.14.0 246134 Bytes 24/11/2010 13:30:31
AEGEN.DLL : 8.1.4.2 401781 Bytes 24/11/2010 13:30:30
AEEMU.DLL : 8.1.3.0 393589 Bytes 24/11/2010 13:30:27
AECORE.DLL : 8.1.18.1 196984 Bytes 24/11/2010 13:30:25
AEBB.DLL : 8.1.1.0 53618 Bytes 02/08/2010 15:09:48
AVWINLL.DLL : 10.0.0.0 19304 Bytes 02/08/2010 15:09:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 02/08/2010 15:09:55
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 14:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 02/08/2010 15:09:55
AVSCPLR.DLL : 10.0.3.1 83816 Bytes 02/08/2010 15:09:56
AVARKT.DLL : 10.0.0.14 227176 Bytes 02/08/2010 15:09:54
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 02/08/2010 15:09:55
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 14:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 02/08/2010 15:09:56
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 14:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 02/08/2010 15:10:08
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, E:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: mercredi 24 novembre 2010 14:38
Starting search for hidden objects.
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\parseautoexec
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\1\imagelist
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System.Drawing.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\RNG\seed
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\ilusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\niusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\latestindex
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index61\niusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index61\ilusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index62\niusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index62\ilusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Setup\loglevel
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Prefetcher\tracesprocessed
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\pendingfilerenameoperations
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.
The scan of running processes will be started
Scan process 'mscorsvw.exe' - '38' Module(s) have been scanned
Scan process 'mrtstub.exe' - '11' Module(s) have been scanned
Scan process 'windows-kb890830-v3.13.exe' - '25' Module(s) have been scanned
Scan process 'wuauclt.exe' - '42' Module(s) have been scanned
Scan process 'mscorsvw.exe' - '27' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '59' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '66' Module(s) have been scanned
Scan process 'netfxupdate.exe' - '11' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '54' Module(s) have been scanned
Scan process 'jucheck.exe' - '44' Module(s) have been scanned
Scan process 'avcenter.exe' - '98' Module(s) have been scanned
Scan process 'wuauclt.exe' - '44' Module(s) have been scanned
Scan process 'wscntfy.exe' - '18' Module(s) have been scanned
Scan process 'QuickDCF2.exe' - '28' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'avgnt.exe' - '45' Module(s) have been scanned
Scan process 'Apntex.exe' - '15' Module(s) have been scanned
Scan process 'vVX1000.exe' - '23' Module(s) have been scanned
Scan process 'jusched.exe' - '26' Module(s) have been scanned
Scan process '00THotkey.exe' - '31' Module(s) have been scanned
Scan process 'Apoint.exe' - '39' Module(s) have been scanned
Scan process 'hkcmd.exe' - '39' Module(s) have been scanned
Scan process 'igfxtray.exe' - '39' Module(s) have been scanned
Scan process 'InCD.exe' - '27' Module(s) have been scanned
Scan process 'LTSMMSG.exe' - '19' Module(s) have been scanned
Scan process 'VProTray.exe' - '29' Module(s) have been scanned
Scan process 'PmProxy.exe' - '16' Module(s) have been scanned
Scan process 'TFNF5.exe' - '17' Module(s) have been scanned
Scan process 'TIWLANCu.exe' - '31' Module(s) have been scanned
Scan process 'TouchED.Exe' - '18' Module(s) have been scanned
Scan process 'TPWRTRAY.EXE' - '33' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'tiwlnsvc.exe' - '11' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'SMAgent.exe' - '14' Module(s) have been scanned
Scan process 'VProSvc.exe' - '48' Module(s) have been scanned
Scan process 'MSCamS32.exe' - '20' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '19' Module(s) have been scanned
Scan process 'ALUSchedulerSvc.exe' - '27' Module(s) have been scanned
Scan process 'sched.exe' - '46' Module(s) have been scanned
Scan process 'spoolsv.exe' - '50' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'Explorer.EXE' - '90' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '172' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '65' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '468' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP1\A0000249.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP1\A0000250.dll
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
Begin scan in 'E:\' <disque restauration>
Beginning disinfection:
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP1\A0000250.dll
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to the quarantine directory under the name '47999277.qua'.
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP1\A0000249.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '5f0ebdd0.qua'.
End of the scan: mercredi 24 novembre 2010 17:00
Used time: 2:21:20 Hour(s)
The scan has been done completely.
5168 Scanned directories
245302 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
2 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
245300 Files not concerned
6856 Archives were scanned
0 Warnings
2 Notes
374697 Objects were scanned with rootkit scan
20 Hidden objects were found
Avira AntiVir Personal
Report file date: mercredi 24 novembre 2010 14:38
Scanning for 3086742 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : BRUNO
Version information:
BUILD.DAT : 10.0.0.596 31825 Bytes 16/11/2010 15:57:00
AVSCAN.EXE : 10.0.3.1 434344 Bytes 02/08/2010 15:09:56
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 02/08/2010 15:10:00
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 19:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 17:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 16:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 11:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 15:10:03
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 15:10:04
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 15:10:06
VBASE008.VDF : 7.10.11.133 3454464 Bytes 13/09/2010 13:29:39
VBASE009.VDF : 7.10.13.80 2265600 Bytes 02/11/2010 13:29:58
VBASE010.VDF : 7.10.13.81 2048 Bytes 02/11/2010 13:29:59
VBASE011.VDF : 7.10.13.82 2048 Bytes 02/11/2010 13:29:59
VBASE012.VDF : 7.10.13.83 2048 Bytes 02/11/2010 13:30:00
VBASE013.VDF : 7.10.13.116 147968 Bytes 04/11/2010 13:30:01
VBASE014.VDF : 7.10.13.147 146944 Bytes 07/11/2010 13:30:06
VBASE015.VDF : 7.10.13.180 123904 Bytes 09/11/2010 13:30:08
VBASE016.VDF : 7.10.13.211 122368 Bytes 11/11/2010 13:30:09
VBASE017.VDF : 7.10.13.243 147456 Bytes 15/11/2010 13:30:11
VBASE018.VDF : 7.10.14.15 142848 Bytes 17/11/2010 13:30:12
VBASE019.VDF : 7.10.14.41 134144 Bytes 19/11/2010 13:30:14
VBASE020.VDF : 7.10.14.63 128000 Bytes 22/11/2010 13:30:16
VBASE021.VDF : 7.10.14.64 2048 Bytes 22/11/2010 13:30:16
VBASE022.VDF : 7.10.14.65 2048 Bytes 22/11/2010 13:30:16
VBASE023.VDF : 7.10.14.66 2048 Bytes 22/11/2010 13:30:17
VBASE024.VDF : 7.10.14.67 2048 Bytes 22/11/2010 13:30:17
VBASE025.VDF : 7.10.14.68 2048 Bytes 22/11/2010 13:30:18
VBASE026.VDF : 7.10.14.69 2048 Bytes 22/11/2010 13:30:18
VBASE027.VDF : 7.10.14.70 2048 Bytes 22/11/2010 13:30:18
VBASE028.VDF : 7.10.14.71 2048 Bytes 22/11/2010 13:30:19
VBASE029.VDF : 7.10.14.72 2048 Bytes 22/11/2010 13:30:19
VBASE030.VDF : 7.10.14.73 2048 Bytes 22/11/2010 13:30:19
VBASE031.VDF : 7.10.14.85 128000 Bytes 24/11/2010 13:30:22
Engineversion : 8.2.4.112
AEVDF.DLL : 8.1.2.1 106868 Bytes 02/08/2010 15:09:54
AESCRIPT.DLL : 8.1.3.47 1294716 Bytes 24/11/2010 13:30:59
AESCN.DLL : 8.1.7.2 127349 Bytes 24/11/2010 13:30:52
AESBX.DLL : 8.1.3.2 254324 Bytes 24/11/2010 13:31:01
AERDL.DLL : 8.1.9.2 635252 Bytes 24/11/2010 13:30:51
AEPACK.DLL : 8.2.3.11 471416 Bytes 24/11/2010 13:30:47
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 24/11/2010 13:30:44
AEHEUR.DLL : 8.1.2.44 3076471 Bytes 24/11/2010 13:30:42
AEHELP.DLL : 8.1.14.0 246134 Bytes 24/11/2010 13:30:31
AEGEN.DLL : 8.1.4.2 401781 Bytes 24/11/2010 13:30:30
AEEMU.DLL : 8.1.3.0 393589 Bytes 24/11/2010 13:30:27
AECORE.DLL : 8.1.18.1 196984 Bytes 24/11/2010 13:30:25
AEBB.DLL : 8.1.1.0 53618 Bytes 02/08/2010 15:09:48
AVWINLL.DLL : 10.0.0.0 19304 Bytes 02/08/2010 15:09:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 02/08/2010 15:09:55
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 14:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 02/08/2010 15:09:55
AVSCPLR.DLL : 10.0.3.1 83816 Bytes 02/08/2010 15:09:56
AVARKT.DLL : 10.0.0.14 227176 Bytes 02/08/2010 15:09:54
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 02/08/2010 15:09:55
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 14:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 02/08/2010 15:09:56
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 14:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 02/08/2010 15:10:08
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, E:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: mercredi 24 novembre 2010 14:38
Starting search for hidden objects.
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\parseautoexec
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\1\imagelist
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System.Drawing.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\1\status
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\RNG\seed
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\ilusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\niusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\latestindex
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index61\niusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index61\ilusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index62\niusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index62\ilusagemask
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Setup\loglevel
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Prefetcher\tracesprocessed
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\pendingfilerenameoperations
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.
The scan of running processes will be started
Scan process 'mscorsvw.exe' - '38' Module(s) have been scanned
Scan process 'mrtstub.exe' - '11' Module(s) have been scanned
Scan process 'windows-kb890830-v3.13.exe' - '25' Module(s) have been scanned
Scan process 'wuauclt.exe' - '42' Module(s) have been scanned
Scan process 'mscorsvw.exe' - '27' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '59' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '66' Module(s) have been scanned
Scan process 'netfxupdate.exe' - '11' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '54' Module(s) have been scanned
Scan process 'jucheck.exe' - '44' Module(s) have been scanned
Scan process 'avcenter.exe' - '98' Module(s) have been scanned
Scan process 'wuauclt.exe' - '44' Module(s) have been scanned
Scan process 'wscntfy.exe' - '18' Module(s) have been scanned
Scan process 'QuickDCF2.exe' - '28' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'avgnt.exe' - '45' Module(s) have been scanned
Scan process 'Apntex.exe' - '15' Module(s) have been scanned
Scan process 'vVX1000.exe' - '23' Module(s) have been scanned
Scan process 'jusched.exe' - '26' Module(s) have been scanned
Scan process '00THotkey.exe' - '31' Module(s) have been scanned
Scan process 'Apoint.exe' - '39' Module(s) have been scanned
Scan process 'hkcmd.exe' - '39' Module(s) have been scanned
Scan process 'igfxtray.exe' - '39' Module(s) have been scanned
Scan process 'InCD.exe' - '27' Module(s) have been scanned
Scan process 'LTSMMSG.exe' - '19' Module(s) have been scanned
Scan process 'VProTray.exe' - '29' Module(s) have been scanned
Scan process 'PmProxy.exe' - '16' Module(s) have been scanned
Scan process 'TFNF5.exe' - '17' Module(s) have been scanned
Scan process 'TIWLANCu.exe' - '31' Module(s) have been scanned
Scan process 'TouchED.Exe' - '18' Module(s) have been scanned
Scan process 'TPWRTRAY.EXE' - '33' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'tiwlnsvc.exe' - '11' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'SMAgent.exe' - '14' Module(s) have been scanned
Scan process 'VProSvc.exe' - '48' Module(s) have been scanned
Scan process 'MSCamS32.exe' - '20' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '19' Module(s) have been scanned
Scan process 'ALUSchedulerSvc.exe' - '27' Module(s) have been scanned
Scan process 'sched.exe' - '46' Module(s) have been scanned
Scan process 'spoolsv.exe' - '50' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'Explorer.EXE' - '90' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '172' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '65' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '468' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP1\A0000249.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP1\A0000250.dll
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
Begin scan in 'E:\' <disque restauration>
Beginning disinfection:
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP1\A0000250.dll
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to the quarantine directory under the name '47999277.qua'.
C:\System Volume Information\_restore{FE32DDCA-30FF-4C2F-A021-39EAE75462BD}\RP1\A0000249.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '5f0ebdd0.qua'.
End of the scan: mercredi 24 novembre 2010 17:00
Used time: 2:21:20 Hour(s)
The scan has been done completely.
5168 Scanned directories
245302 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
2 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
245300 Files not concerned
6856 Archives were scanned
0 Warnings
2 Notes
374697 Objects were scanned with rootkit scan
20 Hidden objects were found
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 631
24 nov. 2010 à 17:42
24 nov. 2010 à 17:42
Ca semble OK.
Si tu n'as plus de soucis, on peut cloturer.
Fais plus attention à l'avenir....
Maintiens tes logiciel à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.
Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.
Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese
Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1
Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus
Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.
Si tu n'as plus de soucis, on peut cloturer.
Fais plus attention à l'avenir....
Maintiens tes logiciel à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.
Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.
Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese
Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1
Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus
Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.
touptigus
Messages postés
107
Date d'inscription
mardi 22 juin 2010
Statut
Membre
Dernière intervention
18 juin 2013
4
24 nov. 2010 à 18:02
24 nov. 2010 à 18:02
oki merci, le truc c'est que cette machine n'est pas connecté a internet, que je vis au pérou et que ici les virus c'est comme un fichier doc, tu en trouves a chaque coin de rue, que ça fait deux ans que je n'ai pas fait de chek up de cette machine et qu'un nombre incalculable de clé ont été connecté.
bref... je ne connecte plus rien....
merci encore
bref... je ne connecte plus rien....
merci encore
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 631
24 nov. 2010 à 18:11
24 nov. 2010 à 18:11
ha bha bon courage alors :)