athaneos53

OK c'est fait je l'ai gard de côté. Le plus compliqué était de trouver le bon logiciel pour bloquer le maleware. Merci pour votre aide. Ce sujet est maintenant clos. Et bonnes fêtes de fin d'année.

Donc oui j'ai supprimé les fichiers infectés. Ensuite le pc redémarré. Ci dessous le rapport. Il fonctionne à nouveau très bien, j'ai pu installé antivir. Dernière question, je dois supprimer les fichiers de la quarantaine dans malwarebytes ? je peux désinstaller malwarebytes ? Merci. Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3449 Windows 5.1.2600 Service Pack 1 Internet Explorer 6.0.2800.1106 29/12/2009 14:53:25 mbam-log-2009-12-29 (14-53-25).txt Type de recherche: Examen complet (C:\|E:\|) Eléments examinés: 170970 Temps écoulé: 44 minute(s), 58 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 15 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\malware defense (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\H8SRT (Rootkit.TDSS) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malware defense (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cryptographic service (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\richtx64.exe (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Start Menu\Programs\malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\Malware Defense\mdefense.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{B3675813-51EC-4F91-81F9-89204506E761}\RP351\A0150307.sys (Malware.Packer) -> Quarantined and deleted successfully. C:\WINDOWS\system32\H8SRTnfolwklrbw.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\H8SRTnqedgofucr.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\Malware Defense\mdext.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\Malware Defense\uninstall.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\malware Defense\help.ico (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Program Files\malware Defense\md.db (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Start Menu\Programs\malware Defense\Malware Defense Support.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Start Menu\Programs\malware Defense\Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Start Menu\Programs\malware Defense\Uninstall Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\WINDOWS\system32\krl32mainweq.dll (Trojan.DNSChanger) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\WINDOWS\system32\H8SRTqwhxidwyrb.dat (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\H8SRTb850.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.

Alors Malwarebyes vient de terminer l'analyse complète : 25 menaces Voici le compte rendu Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3449 Windows 5.1.2600 Service Pack 1 Internet Explorer 6.0.2800.1106 29/12/2009 14:49:49 mbam-log-2009-12-29 (14-49-43).txt Type de recherche: Examen complet (C:\|E:\|) Eléments examinés: 170970 Temps écoulé: 44 minute(s), 58 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 15 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\malware defense (Trojan.FakeAlert) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\H8SRT (Rootkit.TDSS) -> No action taken. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malware defense (Trojan.FakeAlert) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cryptographic service (Backdoor.Bot) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\richtx64.exe (Trojan.Agent) -> No action taken. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\malware Defense (Rogue.MalwareDefense) -> No action taken. C:\Documents and Settings\Administrator\Start Menu\Programs\malware Defense (Rogue.MalwareDefense) -> No action taken. Fichier(s) infecté(s): C:\Program Files\Malware Defense\mdefense.exe (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{B3675813-51EC-4F91-81F9-89204506E761}\RP351\A0150307.sys (Malware.Packer) -> No action taken. C:\WINDOWS\system32\H8SRTnfolwklrbw.dll (Trojan.FakeAlert) -> No action taken. C:\WINDOWS\system32\H8SRTnqedgofucr.dll (Trojan.FakeAlert) -> No action taken. C:\Program Files\Malware Defense\mdext.dll (Trojan.FakeAlert) -> No action taken. C:\Program Files\Malware Defense\uninstall.exe (Trojan.FakeAlert) -> No action taken. C:\Program Files\malware Defense\help.ico (Rogue.MalwareDefense) -> No action taken. C:\Program Files\malware Defense\md.db (Rogue.MalwareDefense) -> No action taken. C:\Documents and Settings\Administrator\Start Menu\Programs\malware Defense\Malware Defense Support.lnk (Rogue.MalwareDefense) -> No action taken. C:\Documents and Settings\Administrator\Start Menu\Programs\malware Defense\Malware Defense.lnk (Rogue.MalwareDefense) -> No action taken. C:\Documents and Settings\Administrator\Start Menu\Programs\malware Defense\Uninstall Malware Defense.lnk (Rogue.MalwareDefense) -> No action taken. C:\WINDOWS\system32\krl32mainweq.dll (Trojan.DNSChanger) -> No action taken. C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Defense.lnk (Rogue.MalwareDefense) -> No action taken. C:\WINDOWS\system32\H8SRTqwhxidwyrb.dat (Rootkit.TDSS) -> No action taken. C:\Documents and Settings\Administrator\Local Settings\Temp\H8SRTb850.tmp (Rootkit.TDSS) -> No action taken.

Oh grand soulagement Malwarebytes s'installe et fonctionne. Je fais un scan complet déjà 2 éléments infectés. A tout à l'heure pour le rapport complet et merci.

le rapport tdsskiller : 13:51:04:428 0840 TDSSKiller 2.1.1 Dec 20 2009 02:40:02 13:51:04:428 0840 ================================================================================ 13:51:04:428 0840 SystemInfo: 13:51:04:428 0840 OS Version: 5.1.2600 ServicePack: 1.0 13:51:04:428 0840 Product type: Workstation 13:51:04:428 0840 ComputerName: HP31335626715 13:51:04:438 0840 UserName: Administrator 13:51:04:438 0840 Windows directory: C:\WINDOWS 13:51:04:438 0840 Processor architecture: Intel x86 13:51:04:438 0840 Number of processors: 1 13:51:04:438 0840 Page size: 0x1000 13:51:04:438 0840 Boot type: Normal boot 13:51:04:438 0840 ================================================================================ 13:51:04:538 0840 ForceUnloadDriver: NtUnloadDriver error 2 13:51:04:538 0840 main: Driver KLMD_Boot successfully unloaded 13:51:05:039 0840 ForceUnloadDriver: NtUnloadDriver error 2 13:51:05:089 0840 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\System32\Drivers\KLMD.sys) returned status 0 13:51:05:089 0840 main: Driver KLMD successfully dropped 13:51:05:179 0840 main: Driver KLMD successfully loaded 13:51:05:179 0840 Scanning Registry ... 13:51:05:209 0840 ScanServices: Searching service UACd.sys 13:51:05:209 0840 ScanServices: Open/Create key error 2 13:51:05:209 0840 ScanServices: Searching service TDSSserv.sys 13:51:05:219 0840 ScanServices: Open/Create key error 2 13:51:05:219 0840 ScanServices: Searching service gaopdxserv.sys 13:51:05:219 0840 ScanServices: Open/Create key error 2 13:51:05:219 0840 ScanServices: Searching service gxvxcserv.sys 13:51:05:219 0840 ScanServices: Open/Create key error 2 13:51:05:219 0840 ScanServices: Searching service MSIVXserv.sys 13:51:05:219 0840 ScanServices: Open/Create key error 2 13:51:05:499 0840 UnhookRegistry: Kernel module file name: C:\windows\system32\ntoskrnl.exe, base addr: 804D4000 13:51:05:499 0840 UnhookRegistry: Kernel local addr: 9B0000 13:51:05:499 0840 UnhookRegistry: KeServiceDescriptorTable addr: A26EC0 13:51:05:509 0840 UnhookRegistry: KiServiceTable addr: 9DE588 13:51:05:509 0840 UnhookRegistry: NtEnumerateKey service number (local): 47 13:51:05:509 0840 UnhookRegistry: NtEnumerateKey local addr: A59323 13:51:05:519 0840 KLMD_OpenDevice: Trying to open KLMD device 13:51:05:519 0840 KLMD_GetSystemRoutineAddressA: Trying to get system routine address ZwEnumerateKey 13:51:05:519 0840 KLMD_GetSystemRoutineAddressW: Trying to get system routine address ZwEnumerateKey 13:51:05:519 0840 KLMD_ReadMem: Trying to ReadMemory 0x8050F0A1[0x4] 13:51:05:519 0840 UnhookRegistry: NtEnumerateKey service number (kernel): 47 13:51:05:519 0840 KLMD_ReadMem: Trying to ReadMemory 0x805026A4[0x4] 13:51:05:519 0840 UnhookRegistry: NtEnumerateKey real addr: 8057D323 13:51:05:519 0840 UnhookRegistry: NtEnumerateKey calc addr: 8057D323 13:51:05:519 0840 UnhookRegistry: No SDT hooks found on NtEnumerateKey 13:51:05:519 0840 KLMD_ReadMem: Trying to ReadMemory 0x8057D323[0xA] 13:51:05:519 0840 UnhookRegistry: No splicing found on NtEnumerateKey 13:51:05:529 0840 Scanning Kernel memory ... 13:51:05:529 0840 KLMD_OpenDevice: Trying to open KLMD device 13:51:05:529 0840 KLMD_GetSystemObjectAddressByNameA: Trying to get system object address by name \Driver\Disk 13:51:05:529 0840 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk 13:51:05:529 0840 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 84375F38 13:51:05:529 0840 DetectCureTDL3: KLMD_GetDeviceObjectList returned 2 DevObjects 13:51:05:529 0840 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 843742B8 13:51:05:529 0840 KLMD_GetLowerDeviceObject: Trying to get lower device object for 843742B8 13:51:05:529 0840 KLMD_ReadMem: Trying to ReadMemory 0x843742B8[0x38] 13:51:05:529 0840 DetectCureTDL3: DRIVER_OBJECT addr: 84375F38 13:51:05:529 0840 KLMD_ReadMem: Trying to ReadMemory 0x84375F38[0xA8] 13:51:05:529 0840 KLMD_ReadMem: Trying to ReadMemory 0xE1515150[0x208] 13:51:05:529 0840 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 13:51:05:529 0840 DetectCureTDL3: IrpHandler (0) addr: F75A32CD 13:51:05:529 0840 DetectCureTDL3: IrpHandler (1) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (2) addr: F75A32CD 13:51:05:529 0840 DetectCureTDL3: IrpHandler (3) addr: F759DAAE 13:51:05:529 0840 DetectCureTDL3: IrpHandler (4) addr: F759DAAE 13:51:05:529 0840 DetectCureTDL3: IrpHandler (5) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (6) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (7) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler ( addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (9) addr: F759E34C 13:51:05:529 0840 DetectCureTDL3: IrpHandler (10) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (11) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (12) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (13) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (14) addr: F759E3D4 13:51:05:529 0840 DetectCureTDL3: IrpHandler (15) addr: F75A1AAC 13:51:05:529 0840 DetectCureTDL3: IrpHandler (16) addr: F759E34C 13:51:05:529 0840 DetectCureTDL3: IrpHandler (17) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (18) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (19) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (20) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (21) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (22) addr: F759F08F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (23) addr: F75A3E61 13:51:05:529 0840 DetectCureTDL3: IrpHandler (24) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (25) addr: 804F886F 13:51:05:529 0840 DetectCureTDL3: IrpHandler (26) addr: 804F886F 13:51:05:529 0840 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400] 13:51:05:529 0840 KLMD_ReadMem: DeviceIoControl error 1 13:51:05:529 0840 TDL3_StartIoHookDetect: Unable to get StartIo handler code 13:51:05:529 0840 TDL3_FileDetect: Processing driver: Disk 13:51:05:529 0840 TDL3_FileDetect: Parameters: C:\WINDOWS\System32\drivers\disk.sys, C:\WINDOWS\System32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk 13:51:05:529 0840 TDL3_FileDetect: Processing driver file: C:\WINDOWS\System32\drivers\disk.sys 13:51:05:529 0840 KLMD_CreateFileW: Trying to open file C:\WINDOWS\System32\drivers\disk.sys 13:51:05:579 0840 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 84375958 13:51:05:579 0840 KLMD_GetLowerDeviceObject: Trying to get lower device object for 84375958 13:51:05:579 0840 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 843761E0 13:51:05:579 0840 KLMD_GetLowerDeviceObject: Trying to get lower device object for 843761E0 13:51:05:579 0840 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 84376490 13:51:05:579 0840 KLMD_GetLowerDeviceObject: Trying to get lower device object for 84376490 13:51:05:579 0840 KLMD_ReadMem: Trying to ReadMemory 0x84376490[0x38] 13:51:05:579 0840 DetectCureTDL3: DRIVER_OBJECT addr: 843D0030 13:51:05:579 0840 KLMD_ReadMem: Trying to ReadMemory 0x843D0030[0xA8] 13:51:05:579 0840 KLMD_ReadMem: Trying to ReadMemory 0xE1526F70[0x208] 13:51:05:579 0840 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi 13:51:05:579 0840 DetectCureTDL3: IrpHandler (0) addr: F74B786C 13:51:05:579 0840 DetectCureTDL3: IrpHandler (1) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (2) addr: F74B786C 13:51:05:579 0840 DetectCureTDL3: IrpHandler (3) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (4) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (5) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (6) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (7) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler ( addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (9) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (10) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (11) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (12) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (13) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (14) addr: F74B7882 13:51:05:579 0840 DetectCureTDL3: IrpHandler (15) addr: F74B403C 13:51:05:579 0840 DetectCureTDL3: IrpHandler (16) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (17) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (18) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (19) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (20) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (21) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (22) addr: F74B78A2 13:51:05:579 0840 DetectCureTDL3: IrpHandler (23) addr: F74BDBE0 13:51:05:579 0840 DetectCureTDL3: IrpHandler (24) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (25) addr: 804F886F 13:51:05:579 0840 DetectCureTDL3: IrpHandler (26) addr: 804F886F 13:51:05:579 0840 KLMD_ReadMem: Trying to ReadMemory 0xF74B502E[0x400] 13:51:05:579 0840 TDL3_StartIoHookDetect: CheckParameters: 0, 0, 224, 0 13:51:05:579 0840 TDL3_FileDetect: Processing driver: atapi 13:51:05:590 0840 TDL3_FileDetect: Parameters: C:\WINDOWS\System32\drivers\atapi.sys, C:\WINDOWS\System32\Drivers\atapi.tsk, SYSTEM\CurrentControlSet\Services\atapi, system32\Drivers\atapi.tsk 13:51:05:590 0840 TDL3_FileDetect: Processing driver file: C:\WINDOWS\System32\drivers\atapi.sys 13:51:05:590 0840 KLMD_CreateFileW: Trying to open file C:\WINDOWS\System32\drivers\atapi.sys 13:51:05:620 0840 Completed Results: 13:51:05:620 0840 Infected objects in memory: 0 13:51:05:620 0840 Cured objects in memory: 0 13:51:05:620 0840 Infected objects on disk: 0 13:51:05:620 0840 Objects on disk cured on reboot: 0 13:51:05:620 0840 Objects on disk deleted on reboot: 0 13:51:05:620 0840 Registry nodes deleted on reboot: 0 13:51:05:620 0840

La je fais un windows update j'essaye de passer le SP2 et IE7.

Bonjour, J'ai un pc portable qui tourne sous windows XP PRO SP1. Depuis quelques jours les fameuses fenêtres malware defense apparaissent sans arrêt. Ce que j'ai essayé : - SpyBoth - AntiSpyware - Antivir - AVG - Avast - RKILL - Hijackthis - mbam setup Vous allez rire mais le seul avec lequel j'arrive à quelque chose est Avast qui réussi à faire une analyse lorsque windows tourne et au démarrage, il me trouve les 5 fichiers infecté avec Malware Defense (dans C:\windows\system32\drivers) je ne trouve pas les fichiers infectés pour les supprimer, et avast n'arrive pas à les supprimer. Résulat toujours le problème. Sinon Rkill fonctionne et bloque bien les fenêtres malware défense. Le reste sans résultat, SpyBoth, Antispyware, Antivir, AVG, mbam setup, lorsque je double clique dessus aucun résultat. J'ai désinstallé l'ensemble des antivirus et antispyware, et retenté rkill et mbam, sans résulat. Merci pour votre aide.

OK c'est noté.

Bonjour, J'ai un pc portable qui tourne sous windows xp pro édition Service Pack 1 qui est infecté avec Malware défense, sans arrêt des alertes apparaissent à l'écran. J'ai suivi le tutoriel qui est très bien fait. Téléchargement de rkill, j'exécute le fichier, il bloque bien le fonctionnement de malware défense, je n'ai plus les alertes à l'écran. Ensuite lorsque j'exécute mbam-setup rien ne se passe, j'attends 10 / 20 min et toujours rien. J'ai donc essayé Hijackthis, idem il ne se lance pas, et même chose pour spyboth, antivir, AVG, antispyware. Cerise sur le gateau seul avast arrive à se lancer et faire une analyse complète du pc. Résultat de l'analyse il trouve le Malware Defense mais ne peut rien faire. Une piste ? Merci