Aller au contenu

schwartz

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    6

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par schwartz

  1. schwartz
    Bonsoir charles J'ai fait ce que tu as dit et voila le rapport Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Zone Labs Client"="C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe" "AVGCtrl"="\"C:\\Program Files\\AVPersonal\\AVGNT.EXE\" /min" "AVSCHED32"="C:\\Program Files\\AVPersonal\\AVSched32.EXE /min" "AdslTaskBar"="rundll32.exe stmctrl.dll,TaskBar" "IntelliType"="\"C:\\Program Files\\Microsoft Hardware\\Keyboard\\type32.exe\"" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" Pour le scan en ligne merci pour l'explication mais le fichier TheBestMP3[1].exe n'est plus à cet emplacement car je ne l'ai pas trouvé. Bonne soiré à plus tard
  2. schwartz
    Bonsoir Charles J'ai fait ce que tu m'as dit j'ai télécharger SpyBot-Search & Destroy je l'ai paramétré et il à fait trois scan pour éliminer les problèmes. Par contre cette version est légèrement différente de celle du tutorial. Dans le menu outil et démarrage du système j'ai tout décoché mais je ne sais pas ce que je doit remettre --- Spybot - Search & Destroy version: 1.4 (build: 20050523) --- 2005-05-31 blindman.exe (1.0.0.1) 2005-05-31 SpybotSD.exe (1.4.0.3) 2005-05-31 TeaTimer.exe (1.4.0.2) 2006-01-26 unins000.exe (51.41.0.0) 2005-05-31 Update.exe (1.4.0.0) 2005-05-31 advcheck.dll (1.0.2.0) 2005-05-31 aports.dll (2.1.0.0) 2005-05-31 borlndmm.dll (7.0.4.453) 2005-05-31 delphimm.dll (7.0.4.453) 2005-05-31 SDHelper.dll (1.4.0.0) 2005-05-31 Tools.dll (2.0.0.2) 2005-05-31 UnzDll.dll (1.73.1.1) 2005-05-31 ZipDll.dll (1.73.2.0) 2006-01-20 Includes\Cookies.sbi 2006-01-20 Includes\Dialer.sbi 2006-01-20 Includes\Hijackers.sbi 2006-01-20 Includes\Keyloggers.sbi 2004-11-29 Includes\LSP.sbi 2006-01-20 Includes\Malware.sbi 2006-01-20 Includes\PUPS.sbi 2006-01-20 Includes\Revision.sbi 2006-01-20 Includes\Security.sbi 2006-01-20 Includes\Spybots.sbi 2005-02-17 Includes\Tracks.uti 2006-01-20 Includes\Trojans.sbi Located: HK_LM:Run, AdslTaskBar command: rundll32.exe stmctrl.dll,TaskBar file: C:\WINDOWS\system32\rundll32.exe size: 32256 MD5: ac0f912ea7571e9c1ad7b64c83f72bd9 Located: HK_LM:Run, AVGCtrl command: "C:\Program Files\AVPersonal\AVGNT.EXE" /min file: C:\Program Files\AVPersonal\AVGNT.EXE size: 180327 MD5: a9f455a03fa0fef8b85c68b123a5bb99 Located: HK_LM:Run, AVSCHED32 command: C:\Program Files\AVPersonal\AVSched32.EXE /min file: Located: HK_LM:Run, IntelliType command: "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" file: C:\Program Files\Microsoft Hardware\Keyboard\type32.exe size: 94208 MD5: b5eca5948d7f8eaa00333231f33ea31a Located: HK_LM:Run, Zone Labs Client command: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe file: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe size: 755472 MD5: e85c5dc2659f562c496e839649aa7200 Located: HK_LM:Run, Cmaudio (DISABLED) command: RunDll32 cmicnfg.cpl,CMICtrlWnd file: Located: HK_LM:Run, POINTER (DISABLED) command: point32.exe file: Located: HK_LM:Run, QuickTime Task (DISABLED) command: "C:\Program Files\QuickTime\qttask.exe" -atboottime file: C:\Program Files\QuickTime\qttask.exe size: 98304 MD5: 9b4c1812595c389ab9ccf1ff3b315248 Located: HK_LM:Run, RealTray (DISABLED) command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER file: Located: HK_LM:Run, SpywareStrike (DISABLED) command: C:\Program Files\SpywareStrike\SpywareStrike.exe /h file: Located: HK_CU:Run, CTFMON.EXE (DISABLED) command: C:\WINDOWS\System32\ctfmon.exe file: C:\WINDOWS\System32\ctfmon.exe size: 13312 MD5: f95275cf5e7c30cea58b0b1b7b40210f Located: HK_CU:Run, MSMSGS (DISABLED) command: "C:\Program Files\Messenger\msmsgs.exe" /background file: C:\Program Files\Messenger\msmsgs.exe size: 1458448 MD5: c6bd67d9380a9ee1ef0abfef86cb4259 Located: HK_CU:Run, TheBestMP3 (DISABLED) command: C:\Documents and Settings\PAPA\Application Data\TheBestMP3[1].exe t file: Located: Démarrage (tous utilisateurs), Adobe Gamma Loader.exe.lnk (DISABLED) command: C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe file: C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe size: 113664 MD5: c2ff17734176cd15221c10044ef0ba1a Located: Démarrage (tous utilisateurs), Microsoft Office.lnk (DISABLED) command: C:\Program Files\Microsoft Office\Office10\OSA.EXE file: C:\Program Files\Microsoft Office\Office10\OSA.EXE size: 83360 MD5: 5bc65464354a9fd3beaa28e18839734a Located: Démarrage (tous utilisateurs), NkvMon.exe.lnk (DISABLED) command: C:\Program Files\Nikon\NkView6\NkvMon.exe file: C:\Program Files\Nikon\NkView6\NkvMon.exe size: 241664 MD5: 29ab460bb765ee9289407b1b1532b4a6 Located: WinLogon, AtiExtEvent (DISABLED) command: Ati2evxx.dll file: Ati2evxx.dll Located: WinLogon, crypt32chain (DISABLED) command: crypt32.dll file: crypt32.dll Located: WinLogon, cryptnet (DISABLED) command: cryptnet.dll file: cryptnet.dll Located: WinLogon, cscdll (DISABLED) command: cscdll.dll file: cscdll.dll Located: WinLogon, ScCertProp (DISABLED) command: wlnotify.dll file: wlnotify.dll Located: WinLogon, Schedule (DISABLED) command: wlnotify.dll file: wlnotify.dll Located: WinLogon, sclgntfy (DISABLED) command: sclgntfy.dll file: sclgntfy.dll Located: WinLogon, SensLogn (DISABLED) command: WlNotify.dll file: WlNotify.dll Located: WinLogon, termsrv (DISABLED) command: wlnotify.dll file: wlnotify.dll Located: WinLogon, wlballoon (DISABLED) command: wlnotify.dll file: wlnotify.dll Located: WinLogon, WRNotifier (DISABLED) command: WRLogonNTF.dll file: WRLogonNTF.dll Comme tu peu le voir il reste un bout de TheBestMP3 et SpywareStrike. Pour répondre à ta question je n'ai pas pu faire analyser C:\Documents and Settings\PAPA\Application Data\TheBestMP3[1].exe car il n'est pas visible dans le répertoire. Je n'ai pas compris ce que tu me demande ici => 1- Jotti: http://virusscan.jotti.org/de/ 2- http://www.virustotal.com/flash/index_en.html communiquer les 2 rapports. De plus le premier lien te fait télécharger Spyware doctor qui fait un scan trouve 58 infections et te demande de payer trente dollar pour t'enregistrer et nettyer ton Pc. Sur le deuxième lien je n'ai rien compris car mon niveau en anglais est très faible. L''icône du ficier reg représenter bien un cube de couleur verte mais cela ne marche pas? Bien je te remercie encore pour ton aide efficace et je te dis à bientôt. Schwartz Apparemment je n'ai plus de problème avec spyware strike pour l'instant.
  3. schwartz
    Bonsoir Charles ce soir avant de faire ce que tu m'as demandé j'ai redemarré en mode sans échec puis j'ai lancé ADWARE qui as trouves un certains nombre d'intrus je te joins le log de son scan. puis le log de HijackThis. Je n'ai pas trouvé winfixer dans le menu installer desinstaller. Par contre je n'ai pas compris ce que me demandais de faire angélique. Ad-Aware SE Build 1.06r1 Logfile Created on:mercredi 25 janvier 2006 19:20:01 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R89 24.01.2006 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Malware.SpywareStrike(TAC index:4):8 total references MRU List(TAC index:0):13 total references Tracking Cookie(TAC index:3):18 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 25-01-2006 19:20:01 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : C:\Documents and Settings\PAPA\recent Description : list of recently opened documents MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-1454471165-1767777339-725345543-1003\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1454471165-1767777339-725345543-1003\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1454471165-1767777339-725345543-1003\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1454471165-1767777339-725345543-1003\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-1454471165-1767777339-725345543-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-1454471165-1767777339-725345543-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-1454471165-1767777339-725345543-1003\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-1454471165-1767777339-725345543-1003\software\microsoft\windows\currentversion\explorer\runmru Description : mru list for items opened in start | run MRU List Object Recognized! Location: : S-1-5-21-1454471165-1767777339-725345543-1003\software\microsoft\windows media\wmsdk\general Description : windows media sdk Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 148 ThreadCreationTime : 25-01-2006 18:17:59 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 196 ThreadCreationTime : 25-01-2006 18:18:08 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 220 ThreadCreationTime : 25-01-2006 18:18:10 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 264 ThreadCreationTime : 25-01-2006 18:18:13 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Applications Services et Contrôleur InternalName : services.exe LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 276 ThreadCreationTime : 25-01-2006 18:18:13 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 440 ThreadCreationTime : 25-01-2006 18:18:15 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 464 ThreadCreationTime : 25-01-2006 18:18:16 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 728 ThreadCreationTime : 25-01-2006 18:18:31 BasePriority : Normal FileVersion : 6.00.2600.0000 (xpclient.010817-1148) ProductVersion : 6.00.2600.0000 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Explorateur Windows InternalName : explorer LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : EXPLORER.EXE #:9 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 960 ThreadCreationTime : 25-01-2006 18:19:47 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 13 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Malware.SpywareStrike Object Recognized! Type : Regkey Data : TAC Rating : 4 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{0f25878f-f8ae-5d5d-2bb7-31b5f803290d} Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 1 Objects found so far: 14 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 14 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 14 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : fille 1@as1.falkag[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\fille 1\Cookies\fille 1@as1.falkag[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : fille 1@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\fille 1\Cookies\fille 1@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : fille 1@doubleclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\fille 1\Cookies\fille 1@doubleclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : fille 1@estat[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\fille 1\Cookies\fille 1@estat[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : fille 1@serving-sys[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\fille 1\Cookies\fille 1@serving-sys[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : fille 1@statse.webtrendslive[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\fille 1\Cookies\fille 1@statse.webtrendslive[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : fille 1@weborama[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\fille 1\Cookies\fille 1@weborama[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : fille 1@www.smartadserver[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\fille 1\Cookies\fille 1@www.smartadserver[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : maman@2o7[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\MAMAN\Cookies\maman@2o7[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : maman@adrevolver[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\MAMAN\Cookies\maman@adrevolver[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : maman@adtech[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\MAMAN\Cookies\maman@adtech[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : maman@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\MAMAN\Cookies\maman@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : maman@bluestreak[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\MAMAN\Cookies\maman@bluestreak[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : maman@cgi-bin[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\MAMAN\Cookies\maman@cgi-bin[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : maman@doubleclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\MAMAN\Cookies\maman@doubleclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : maman@estat[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\MAMAN\Cookies\maman@estat[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : maman@tradedoubler[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\MAMAN\Cookies\maman@tradedoubler[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : maman@weborama[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\MAMAN\Cookies\maman@weborama[2].txt Malware.SpywareStrike Object Recognized! Type : File Data : uninst.exe TAC Rating : 4 Category : Malware Comment : Object : C:\Documents and Settings\PAPA\Local Settings\Temp\temp.fr279A\ FileVersion : 3.0.0.0 ProductName : SpywareStrike 2.5 CompanyName : SpywareStrike FileDescription : SpywareStrike Software Installer LegalCopyright : 2004, All rights reserverd © SpywareStrike. OriginalFilename : SpywareStrike_Setup.exe Comments : Anti-Spyware Software Malware.SpywareStrike Object Recognized! Type : File Data : Au_.exe TAC Rating : 4 Category : Malware Comment : Object : C:\Documents and Settings\PAPA\Local Settings\Temp\~nsu.tmp\ FileVersion : 3.0.0.0 ProductName : SpywareStrike 2.5 CompanyName : SpywareStrike FileDescription : SpywareStrike Software Installer LegalCopyright : 2004, All rights reserverd © SpywareStrike. OriginalFilename : SpywareStrike_Setup.exe Comments : Anti-Spyware Software Malware.SpywareStrike Object Recognized! Type : File Data : A0059161.exe TAC Rating : 4 Category : Malware Comment : Object : C:\System Volume Information\_restore{B97B605D-5595-41F1-A72C-6676E150EB0B}\RP74\ FileVersion : 3.0.0.0 ProductName : SpywareStrike 2.5 CompanyName : SpywareStrike FileDescription : SpywareStrike Software Installer LegalCopyright : 2004, All rights reserverd © SpywareStrike. OriginalFilename : SpywareStrike_Setup.exe Comments : Anti-Spyware Software Malware.SpywareStrike Object Recognized! Type : File Data : A0059174.exe TAC Rating : 4 Category : Malware Comment : Object : C:\System Volume Information\_restore{B97B605D-5595-41F1-A72C-6676E150EB0B}\RP74\ FileVersion : 3.0.0.0 ProductName : SpywareStrike 2.5 CompanyName : SpywareStrike FileDescription : SpywareStrike Software Installer LegalCopyright : 2004, All rights reserverd © SpywareStrike. OriginalFilename : SpywareStrike_Setup.exe Comments : Anti-Spyware Software Malware.SpywareStrike Object Recognized! Type : File Data : A0059590.exe TAC Rating : 4 Category : Malware Comment : Object : C:\System Volume Information\_restore{B97B605D-5595-41F1-A72C-6676E150EB0B}\RP74\ FileVersion : 3.0.0.0 ProductName : SpywareStrike 2.5 CompanyName : SpywareStrike FileDescription : SpywareStrike Software Installer LegalCopyright : 2004, All rights reserverd © SpywareStrike. OriginalFilename : SpywareStrike_Setup.exe Comments : Anti-Spyware Software Malware.SpywareStrike Object Recognized! Type : File Data : A0059621.exe TAC Rating : 4 Category : Malware Comment : Object : C:\System Volume Information\_restore{B97B605D-5595-41F1-A72C-6676E150EB0B}\RP74\ FileVersion : 3.0.0.0 ProductName : SpywareStrike 2.5 CompanyName : SpywareStrike FileDescription : SpywareStrike Software Installer LegalCopyright : 2004, All rights reserverd © SpywareStrike. OriginalFilename : SpywareStrike_Setup.exe Comments : Anti-Spyware Software Malware.SpywareStrike Object Recognized! Type : File Data : A0059744.exe TAC Rating : 4 Category : Malware Comment : Object : C:\System Volume Information\_restore{B97B605D-5595-41F1-A72C-6676E150EB0B}\RP74\ FileVersion : 3.0.0.0 ProductName : SpywareStrike 2.5 CompanyName : SpywareStrike FileDescription : SpywareStrike Software Installer LegalCopyright : 2004, All rights reserverd © SpywareStrike. OriginalFilename : SpywareStrike_Setup.exe Comments : Anti-Spyware Software Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 39 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 39 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 39 19:26:35 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:06:33.468 Objects scanned:92281 Objects identified:26 Objects ignored:0 New critical objects:26 Logfile of HijackThis v1.99.1 Scan saved at 19:33:24, on 25/01/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\WINDOWS\System32\cmd.exe C:\Program Files\HijackThis\hijackthis\HijackThis.exe O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32.EXE /min O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [TheBestMP3] C:\Documents and Settings\PAPA\Application Data\TheBestMP3[1].exe t O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .WAV: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe doesn't exist HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iexplore.exe doesn't exist HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run doesn't exist HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe ----------------------- ----------------------- REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers] [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\AntiVir/Win] @="{a7cda720-84ee-11d0-b5c0-00001b3ca278}" [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files] @="{750fdf0e-2a26-11d1-a3ea-080036587f03}" [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With] @="{09799AFB-AD67-11d1-ABCD-00C04FC30936}" [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu] @="{A470F8CF-A1E8-4f65-8335-227475AA5C46}" [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}] @="Épingle du menu Démarrer" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" "{D81E2FC4-B0A2-11D3-21AC-07C04C21A18A}"="Replay for WindowsXP" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd" "POINTER"="point32.exe" "IntelliType"="\"C:\\Program Files\\Microsoft Hardware\\Keyboard\\type32.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "AdslTaskBar"="rundll32.exe stmctrl.dll,TaskBar" "AVGCtrl"="\"C:\\Program Files\\AVPersonal\\AVGNT.EXE\" /min" "RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER" "AVSCHED32"="C:\\Program Files\\AVPersonal\\AVSched32.EXE /min" "Zone Labs Client"="C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe" "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "TheBestMP3"="C:\\Documents and Settings\\PAPA\\Application Data\\TheBestMP3[1].exe t" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] Scheduled Tasks Folder Contents * C:\WINDOWS\Tasks\desktop.ini C:\WINDOWS\Tasks\SA.DAT A plus tard schwartz
  4. schwartz
    lorsque j'ai lancer le fichier remove.reg windows me met le message suivant "impossibilité d'importer le fichier, la fichier n'est pas un script du registre. apparement il ne peu importer que des fichiers du registre binaire de l'éditeur de registre. en revenant au mode normale de windows spywarestrike est toujours là. Je reprendrais les procédures demain car je vais me coucher. Encore merci et peu être à demain bonne nuit
  5. schwartz
    Charle je te joint les deux fichiers txt d'abord celui de SmitfraudFix SmitFraudFix v2.15 Rapport fait à 22:54:55,56 le 24/01/2006 Executé à partir de C:\Program Files\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\system32\hp????.tmp supprimé C:\WINDOWS\system32\ld????.tmp supprimé C:\WINDOWS\system32\mscornet.exe supprimé C:\WINDOWS\system32\msvol.tlb supprimé C:\WINDOWS\system32\ncompat.tlb supprimé C:\WINDOWS\system32\nvctrl.exe supprimé C:\WINDOWS\system32\ot.ico supprimé C:\WINDOWS\system32\ts.ico supprimé C:\WINDOWS\system32\1024\ supprimé C:\Documents and Settings\PAPA\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareStrike 2.5.lnk supprimé C:\Documents and Settings\PAPA\Bureau\SpywareStrike.lnk supprimé C:\Documents and Settings\PAPA\Menu Démarrer\Programmes\SpywareStrike supprimé C:\Documents and Settings\PAPA\Menu Démarrer\SpywareStrike 2.5.lnk supprimé C:\Program Files\SpywareStrike\ supprimé »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport puis celui HijackThis Logfile of HijackThis v1.99.1 Scan saved at 22:57:22, on 24/01/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\HijackThis\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HomepageBHO - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - C:\WINDOWS\System32\hpD5D9.tmp (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32.EXE /min O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [NI.UWFX5V_0001_N57M1412] "C:\WINDOWS\Downloaded Program Files\UWFX5V_0001_N57M1412NetInstaller.exe" -nag O4 - HKLM\..\Run: [spyFighterMonitor] "C:\Program Files\SpyFighter\SpyFighter.exe" monitor O4 - HKLM\..\Run: [spyFighterUpdate] "C:\Program Files\SpyFighter\AutoUpdate.exe" silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [TheBestMP3] C:\Documents and Settings\PAPA\Application Data\TheBestMP3[1].exe t O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: TheBestMP3 - {EF6D6AE3-2625-40D6-A5AB-920DFD2DAF8C} - C:\Documents and Settings\PAPA\Application Data\TheBestMP3[1].exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .WAV: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/161038b65e3e41...RdxIE601_fr.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Est ce que Winfixer est un virus car il se lance à chaque démarrage. Au fait j'ai désinstaller SpywareStrike comme tu me l'a dit mais quand je suis passé en mode sans échec il était revenu le bougre. Merci pour ton ton aide
  6. schwartz
    ci joint premier rapport j'avais effectué les préliminaires auparavant SmitFraudFix v2.15 Rapport fait à 22:46:54,79 le 24/01/2006 Executé à partir de C:\Program Files\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\ »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32 C:\WINDOWS\system32\hp????.tmp PRESENT ! C:\WINDOWS\system32\ld????.tmp PRESENT ! C:\WINDOWS\system32\mscornet.exe PRESENT ! C:\WINDOWS\system32\msvol.tlb PRESENT ! C:\WINDOWS\system32\ncompat.tlb PRESENT ! C:\WINDOWS\system32\nvctrl.exe PRESENT ! C:\WINDOWS\system32\ot.ico PRESENT ! C:\WINDOWS\system32\ts.ico PRESENT ! C:\WINDOWS\system32\1024\ PRESENT! »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\PAPA\Application Data C:\Documents and Settings\PAPA\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareStrike 2.5.lnk PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer C:\Documents and Settings\PAPA\Menu Démarrer\Programmes\SpywareStrike PRESENT ! C:\Documents and Settings\PAPA\Menu Démarrer\SpywareStrike 2.5.lnk PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pr‚-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="D‚mon de cache des cat‚gories de composant" "{D81E2FC4-B0A2-11D3-21AC-07C04C21A18A}"="Replay for WindowsXP" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
×
×
  • Créer...