ma clé désinfectée après usbfix? 2014-06-28T08:27:50+00:00
  • Auteur
    Messages
  • Photo du profil de soniasbzsoniasbz
    Participant
    Post count: 2

    Bonjour,
    1-est ce que je peux considérer ma clé USb comme désinfectée après passage par USBFIX?
    ci joint le rapport
    2-Par ailleurs mon antivirus me signale la présence d’une menace autorun. est-ce normal?
    Merci

    [############################## | UsbFix V 7.172 | [Recherche]

    Utilisateur: s.k (Administrateur) # MOI
    Mis à jour le 23/06/2014 par El Desaparecido – SosVirus
    Lancé à 07:36:03 | 28/06/2014

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Upload Malware : https://www.sosvirus.net/upload_malware.php
    Contact : http://www.usbfix.net/contact/

    ################## | System information |

    CPU: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
    RAM -> [Total : 2932 Mo | Free : 1173 Mo]
    Boot: Normal boot

    OS: Microsoft Windows XP (5.1.2600 32-Bit) Service Pack 3
    WB: Internet Explorer : 8.00.6001.18702
    WB: Google Chrome : 35.0.1916.153
    WB: Mozilla Firefox : 29.0.1

    ################## | Security Information |

    FW: Windows Firewall [(!) Désactivé]
    SC: Security Center [(!) Désactivé]
    WU: Windows Update [Actif]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Disque fixe # 195 Go (169 Go libre(s) – 86%) [] # NTFS
    D: -> Disque fixe # 103 Go (102 Go libre(s) – 100%) [] # NTFS
    F: -> Disque amovible # 3 Go (3 Go libre(s) – 97%) [SANA_CEVA] # FAT32

    ################## | Processus Actif |

    C:WINDOWSsystem32smss.exe (ID: 1612|ParentID: 4|SYSTEM)
    C:PROGRA~1AVGAVG2014avgrsx.exe (ID: 1648|ParentID: 1636|SYSTEM)
    C:Program FilesAVGAVG2014avgcsrvx.exe (ID: 1684|ParentID: 1648|SYSTEM)
    C:WINDOWSsystem32csrss.exe (ID: 1976|ParentID: 1612|SYSTEM)
    C:WINDOWSsystem32winlogon.exe (ID: 2000|ParentID: 1612|SYSTEM)
    C:WINDOWSsystem32services.exe (ID: 2044|ParentID: 2000|SYSTEM)
    C:WINDOWSsystem32lsass.exe (ID: 132|ParentID: 2000|SYSTEM)
    C:WINDOWSsystem32svchost.exe (ID: 308|ParentID: 2044|SYSTEM)
    C:WINDOWSsystem32svchost.exe (ID: 476|ParentID: 2044|SERVICE RÉSEAU)
    C:WINDOWSsystem32svchost.exe (ID: 568|ParentID: 2044|SYSTEM)
    C:WINDOWSsystem32svchost.exe (ID: 760|ParentID: 2044|SERVICE RÉSEAU)
    C:WINDOWSsystem32svchost.exe (ID: 792|ParentID: 2044|SERVICE LOCAL)
    C:WINDOWSsystem32spoolsv.exe (ID: 1188|ParentID: 2044|SYSTEM)
    C:WINDOWSsystem32svchost.exe (ID: 1272|ParentID: 2044|SERVICE LOCAL)
    C:Program FilesAVGAVG2014avgfws.exe (ID: 1304|ParentID: 2044|SYSTEM)
    C:Program FilesAVGAVG2014avgidsagent.exe (ID: 772|ParentID: 2044|SYSTEM)
    C:Program FilesAVGAVG2014avgwdsvc.exe (ID: 1336|ParentID: 2044|SYSTEM)
    C:Program FilesAVGAVG2014avgnsx.exe (ID: 956|ParentID: 1336|SYSTEM)
    C:Program FilesAVGAVG2014avgemcx.exe (ID: 964|ParentID: 1336|SYSTEM)
    C:WINDOWSexplorer.exe (ID: 1964|ParentID: 1592|s.k)
    C:Documents and SettingsAll UsersApplication DataGinyasBrowserCompaniontbhcn.exe (ID: 352|ParentID: 568|s.k)
    C:Program FilesGoogleUpdate1.3.24.15GoogleCrashHandler.exe (ID: 740|ParentID: 1628|SYSTEM)
    C:Documents and SettingsAll UsersApplication DataDatacardServiceHWDeviceService.exe (ID: 724|ParentID: 2044|SYSTEM)
    C:WINDOWSsystem32lxdncoms.exe (ID: 1432|ParentID: 2044|SYSTEM)
    C:WINDOWSsystem32svchost.exe (ID: 2156|ParentID: 2044|SYSTEM)
    C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe (ID: 2212|ParentID: 2044|SYSTEM)
    C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe (ID: 2896|ParentID: 2044|SYSTEM)
    C:Documents and Settingss.kApplication DataAgence-ExclusiveAgence-Exclusiveautoupdater.exe (ID: 3380|ParentID: 1964|s.k)
    C:WINDOWSRTHDCPL.EXE (ID: 3428|ParentID: 1964|s.k)
    C:WINDOWSsystem32igfxpers.exe (ID: 3476|ParentID: 1964|s.k)
    C:Program FilesAgence-Exclusivepctuto.exe (ID: 3576|ParentID: 1964|s.k)
    C:Program FilesLexmark 2600 Serieslxdnmon.exe (ID: 3608|ParentID: 1964|s.k)
    C:WINDOWSsystem32igfxtray.exe (ID: 3700|ParentID: 1964|s.k)
    C:Program FilesLexmark 2600 Serieslxdnmsdmon.exe (ID: 3780|ParentID: 3660|s.k)
    C:WINDOWSsystem32hkcmd.exe (ID: 3868|ParentID: 1964|s.k)
    C:Program FilesAVGAVG2014avgui.exe (ID: 3996|ParentID: 1964|s.k)
    C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (ID: 1556|ParentID: 1964|s.k)
    C:Program FilesSuperCopier2SuperCopier2.exe (ID: 2084|ParentID: 1964|s.k)
    C:Program FilesSkypePhoneSkype.exe (ID: 2236|ParentID: 1964|s.k)
    C:Program FilesAVGAVG2014avgcsrvx.exe (ID: 2288|ParentID: 956|SYSTEM)
    C:Documents and Settingss.kApplication DataSkypEmoticonsSE.exe (ID: 3620|ParentID: 1964|s.k)
    C:WINDOWSsystem32ctfmon.exe (ID: 328|ParentID: 1964|s.k)
    C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe (ID: 2312|ParentID: 1964|s.k)
    C:Program FilesSRS LabsSRS Premium SoundSRSPremiumSound_XP.exe (ID: 2700|ParentID: 1964|s.k)
    C:PROGRA~1WIDCOMMBLUETO~1BTSTAC~1.EXE (ID: 2264|ParentID: 308|s.k)
    C:system32SystemProtection.exe (ID: 3160|ParentID: 3172|s.k)
    C:WINDOWSsystem32wscript.exe (ID: 2432|ParentID: 3160|s.k)
    C:PROGRA~1Yahoo!MessengerYmsgr_tray.exe (ID: 4392|ParentID: 3320|s.k)
    C:WINDOWSsystem32wuauclt.exe (ID: 3260|ParentID: 568|s.k)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5988|ParentID: 1964|s.k)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4580|ParentID: 5988|s.k)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3536|ParentID: 5988|s.k)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 672|ParentID: 5988|s.k)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 2172|ParentID: 5988|s.k)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5304|ParentID: 5988|s.k)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 2224|ParentID: 5988|s.k)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4660|ParentID: 5988|s.k)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5328|ParentID: 5988|s.k)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3760|ParentID: 5988|s.k)
    C:UsbFixUsbFix.exe (ID: 5176|ParentID: 6012|s.k)
    C:WINDOWSsystem32msfeedssync.exe (ID: 5728|ParentID: 568|s.k)

    ################## | Autorun |

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] Explorer.exe
    F2 – HKLM..Winlogon : [TaskMan] C:RECYCLERS-1-5-21-0243556031-888888379-781863308-19449463ababbdq.exe
    F2 – HKLM..Winlogon : [Userinit] C:WINDOWSsystem32userinit.exe,
    04 – HKCU..Run : [Xdnonl] C:Documents and Settingss.kApplication DataIdentitiesXdnonl.exe
    04 – HKCU..Run : [swg] “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKCU..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
    04 – HKCU..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKCU..Run : [se] “C:Documents and Settingss.kApplication DataSkypEmoticonsSE.exe” /minimized
    04 – HKCU..Run : [Messenger (Yahoo!)] “C:PROGRA~1Yahoo!MessengerYahooMessenger.exe” -quiet
    04 – HKCU..Run : [MediaFire Tray] “C:Documents and Settingss.kApplication DataMediaFire Expressmf_systray.exe” –boot-start
    04 – HKCU..Run : [iLivid] “C:Documents and Settingss.kLocal SettingsApplication DataiLividiLivid.exe” -autorun
    04 – HKCU..Run : [Facebook Update] “C:Documents and Settingss.kLocal SettingsApplication DataFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKCU..Run : [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
    04 – HKLM..Run : [autoupdater] C:Documents and Settingss.kApplication DataAgence-ExclusiveAgence-Exclusiveautoupdater.exe
    04 – HKLM..Run : [RTHDCPL] RTHDCPL.EXE
    04 – HKLM..Run : [Persistence] C:WINDOWSsystem32igfxpers.exe
    04 – HKLM..Run : [pctuto] “C:Program FilesAgence-Exclusivepctuto.exe”
    04 – HKLM..Run : [lxdnmon.exe] “C:Program FilesLexmark 2600 Serieslxdnmon.exe”
    04 – HKLM..Run : [lxdnamon] “C:Program FilesLexmark 2600 Serieslxdnamon.exe”
    04 – HKLM..Run : [IgfxTray] C:WINDOWSsystem32igfxtray.exe
    04 – HKLM..Run : [HPWQTOOLBOX] C:Program FilesHewlett-PackardHP Deskjet 9800 SeriesToolboxHPWQTBX.exe “-i”
    04 – HKLM..Run : [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
    04 – HKLM..Run : [FaxCenterServer] “C:Program FilesLexmark Fax Solutionsfm3032.exe” /s
    04 – HKLM..Run : [AVG_UI] “C:Program FilesAVGAVG2014avgui.exe” /TRAYONLY
    04 – HKLM..Run : [Adobe ARM] “C:Program FilesFichiers communsAdobeARM1.0AdobeARM.exe”
    04 – HKLM..PoliciesExplorerrun : [Updates] “C:system32SystemProtection.exe” /e:VBScript.Encode “C:kernelr00t3r”
    04 – HKUS-1-5-19..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
    04 – HKUS-1-5-20..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [Xdnonl] C:Documents and Settingss.kApplication DataIdentitiesXdnonl.exe
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [swg] “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [se] “C:Documents and Settingss.kApplication DataSkypEmoticonsSE.exe” /minimized
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [Messenger (Yahoo!)] “C:PROGRA~1Yahoo!MessengerYahooMessenger.exe” -quiet
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [MediaFire Tray] “C:Documents and Settingss.kApplication DataMediaFire Expressmf_systray.exe” –boot-start
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [iLivid] “C:Documents and Settingss.kLocal SettingsApplication DataiLividiLivid.exe” -autorun
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [Facebook Update] “C:Documents and Settingss.kLocal SettingsApplication DataFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
    04 – HKUS-1-5-18..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
    04 – HKUS-1-5-19..RunOnce : [nltide_2] regsvr32 /s /n /i:U shell32
    04 – HKUS-1-5-19..RunOnce : [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
    04 – HKUS-1-5-20..RunOnce : [nltide_2] regsvr32 /s /n /i:U shell32
    04 – HKUS-1-5-20..RunOnce : [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
    04 – HKUS-1-5-18..RunOnce : [nltide_2] regsvr32 /s /n /i:U shell32
    04 – HKUS-1-5-18..RunOnce : [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

    ################## | Recherche générique |

    Présent! F:LOL TOP 5.lnk
    Présent! C:kernellpt1
    Présent! C:kernelr00t3r
    Présent! C:kernel
    Présent! C:system32SystemProtection.exe
    Présent! F:config.dat
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-120221Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-120221
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-121151Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-121151
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-19449463Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-19449463
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-19714475Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-19714475
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-3313547Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-3313547
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5618147819Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5618147819
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56813Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56813
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56814Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56814
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-568145Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-568145
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-568146Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-568146
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681477Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681477
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681478Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681478
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56814789Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56814789
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-825347Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-825347
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-82971975Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-82971975
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8325143Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8325143
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345143Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345143
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345543Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345543
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345546Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345546
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345547Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345547
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-839714475Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-839714475
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-83971975Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-83971975
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-9861447Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-9861447
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-98614471Desktop.ini
    Présent! C:RecyclerS-1-5-21-0243556031-888888379-781863308-98614471

    ################## | Registre |

    Présent! HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon|Taskman (C:RECYCLERS-1-5-21-0243556031-888888379-781863308-19449463ababbdq.exe)
    Présent! HKLMSoftwareMicrosoftSecurity Center|AntiVirusDisableNotify -> 1
    Présent! HKLMSoftwareMicrosoftSecurity Center|FirewallDisableNotify -> 1
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|DisableTaskMgr -> 1
    Présent! HKLMSoftware8322898
    Présent! HKCUSoftwarePowerPack
    Présent! HKUS-1-5-21-1123561945-1284227242-1801674531-1003SoftwarePowerPack
    Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionstaskmgr.exe
    Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun|Updates

    ################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |

  • Photo du profil de g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8305

    Bonjour relance USBFix , clique sur Nettoyage , puis poste le nouveau rapport

  • Photo du profil de soniasbzsoniasbz
    Participant
    Post count: 2

    re
    voici le rapport obtenu après nettoyage et merci

    ############################## | UsbFix V 7.172 | [Nettoyage]

    Utilisateur: s.kk (Administrateur) # MOI
    Mis à jour le 23/06/2014 par El Desaparecido – SosVirus
    Lancé à 09:56:24 | 28/06/2014

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Upload Malware : https://www.sosvirus.net/upload_malware.php
    Contact : http://www.usbfix.net/contact/

    ################## | System information |

    CPU: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
    RAM -> [Total : 2932 Mo | Free : 1496 Mo]
    Boot: Normal boot

    OS: Microsoft Windows XP (5.1.2600 32-Bit) Service Pack 3
    WB: Internet Explorer : 8.00.6001.18702
    WB: Google Chrome : 35.0.1916.153
    WB: Mozilla Firefox : 29.0.1

    ################## | Security Information |

    FW: Windows Firewall [(!) Désactivé]
    SC: Security Center [(!) Désactivé]
    WU: Windows Update [Actif]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Disque fixe # 195 Go (169 Go libre(s) – 87%) [] # NTFS
    D: -> Disque fixe # 103 Go (102 Go libre(s) – 100%) [] # NTFS
    F: -> Disque amovible # 3 Go (3 Go libre(s) – 97%) [s.k_CEVA] # FAT32

    ################## | Processus Stoppés |

    C:PROGRA~1AVGAVG2014avgrsx.exe (ID: 1652|ParentID: 1640|SYSTEM)
    C:Program FilesAVGAVG2014avgcsrvx.exe (ID: 1688|ParentID: 1652|SYSTEM)
    C:WINDOWSsystem32spoolsv.exe (ID: 1180|ParentID: 120|SYSTEM)
    C:Program FilesAVGAVG2014avgfws.exe (ID: 1304|ParentID: 120|SYSTEM)
    C:Program FilesAVGAVG2014avgidsagent.exe (ID: 772|ParentID: 120|SYSTEM)
    C:Program FilesAVGAVG2014avgwdsvc.exe (ID: 1352|ParentID: 120|SYSTEM)
    C:Program FilesAVGAVG2014avgnsx.exe (ID: 964|ParentID: 1352|SYSTEM)
    C:Program FilesAVGAVG2014avgemcx.exe (ID: 996|ParentID: 1352|SYSTEM)
    C:WINDOWSexplorer.exe (ID: 1548|ParentID: 1492|s.kk)
    C:Documents and SettingsAll UsersApplication DataGinyasBrowserCompaniontbhcn.exe (ID: 260|ParentID: 568|s.kk)
    C:Program FilesGoogleUpdate1.3.24.15GoogleCrashHandler.exe (ID: 400|ParentID: 1540|SYSTEM)
    C:Documents and SettingsAll UsersApplication DataDim@netOnlineUpdateouc.exe (ID: 908|ParentID: 1516|SYSTEM)
    C:Documents and SettingsAll UsersApplication DataDatacardServiceHWDeviceService.exe (ID: 1436|ParentID: 120|SYSTEM)
    C:WINDOWSsystem32lxdncoms.exe (ID: 2240|ParentID: 120|SYSTEM)
    C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe (ID: 2588|ParentID: 120|SYSTEM)
    C:Documents and Settingss.kkApplication DataAgence-ExclusiveAgence-Exclusiveautoupdater.exe (ID: 2804|ParentID: 1548|s.kk)
    C:WINDOWSRTHDCPL.EXE (ID: 2960|ParentID: 1548|s.kk)
    C:WINDOWSsystem32igfxpers.exe (ID: 3000|ParentID: 1548|s.kk)
    C:Program FilesAgence-Exclusivepctuto.exe (ID: 3048|ParentID: 1548|s.kk)
    C:Program FilesLexmark 2600 Serieslxdnmon.exe (ID: 3192|ParentID: 1548|s.kk)
    C:WINDOWSsystem32igfxtray.exe (ID: 3224|ParentID: 1548|s.kk)
    C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe (ID: 3240|ParentID: 120|SYSTEM)
    C:WINDOWSsystem32hkcmd.exe (ID: 3268|ParentID: 1548|s.kk)
    C:Program FilesLexmark 2600 Serieslxdnmsdmon.exe (ID: 3316|ParentID: 3204|s.kk)
    C:Program FilesAVGAVG2014avgui.exe (ID: 3328|ParentID: 1548|s.kk)
    C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (ID: 3520|ParentID: 1548|s.kk)
    C:Program FilesSuperCopier2SuperCopier2.exe (ID: 3628|ParentID: 1548|s.kk)
    C:Program FilesSkypePhoneSkype.exe (ID: 3784|ParentID: 1548|s.kk)
    C:Documents and Settingss.kkApplication DataSkypEmoticonsSE.exe (ID: 4008|ParentID: 1548|s.kk)
    C:WINDOWSsystem32ctfmon.exe (ID: 2252|ParentID: 1548|s.kk)
    C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe (ID: 3036|ParentID: 1548|s.kk)
    C:Program FilesSRS LabsSRS Premium SoundSRSPremiumSound_XP.exe (ID: 3108|ParentID: 1548|s.kk)
    C:PROGRA~1WIDCOMMBLUETO~1BTSTAC~1.EXE (ID: 3912|ParentID: 304|s.kk)
    C:Program FilesAVGAVG2014avgcsrvx.exe (ID: 3572|ParentID: 964|SYSTEM)
    C:system32SystemProtection.exe (ID: 2152|ParentID: 2780|s.kk)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3092|ParentID: 1548|s.kk)
    C:WINDOWSsystem32wuauclt.exe (ID: 2468|ParentID: 568|s.kk)
    C:WINDOWSsystem32wscript.exe (ID: 2096|ParentID: 2152|s.kk)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5028|ParentID: 3092|s.kk)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5196|ParentID: 3092|s.kk)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5264|ParentID: 3092|s.kk)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5368|ParentID: 3092|s.kk)
    C:PROGRA~1Yahoo!MessengerYmsgr_tray.exe (ID: 5560|ParentID: 1648|s.kk)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4988|ParentID: 3092|s.kk)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5412|ParentID: 3092|s.kk)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 2348|ParentID: 3092|s.kk)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3620|ParentID: 3092|s.kk)

    ################## | Autorun |

    ################## | Recherche générique |

    Supprimé! F:LOL TOP 5.lnk
    Non supprimé ! C:kernellpt1
    Supprimé! C:kernelr00t3r
    Non supprimé ! C:kernel
    Supprimé! C:system32SystemProtection.exe
    Supprimé! F:config.dat
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-120221Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-120221
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-121151Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-121151
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-19449463Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-19449463
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-19714475Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-19714475
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-3313547Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-3313547
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5618147819Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5618147819
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56813Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56813
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56814Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56814
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-568145Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-568145
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-568146Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-568146
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681477Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681477
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681478Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-5681478
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56814789Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-56814789
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-825347Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-825347
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-82971975Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-82971975
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8325143Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8325143
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345143Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345143
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345543Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345543
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345546Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345546
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345547Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-8345547
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-839714475Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-839714475
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-83971975Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-83971975
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-9861447Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-9861447
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-98614471Desktop.ini
    Supprimé! C:RecyclerS-1-5-21-0243556031-888888379-781863308-98614471

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Réparé ! HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon|Taskman (“”)
    Réparé ! HKLMSoftwareMicrosoftSecurity Center|AntiVirusDisableNotify -> 0
    Réparé ! HKLMSoftwareMicrosoftSecurity Center|FirewallDisableNotify -> 0
    Réparé ! HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|DisableTaskMgr -> 0
    Supprimé! HKLMSoftware8322898
    Supprimé! HKCUSoftwarePowerPack
    Supprimé! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionstaskmgr.exe
    Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun|Updates

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] Explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:WINDOWSsystem32userinit.exe,
    04 – HKCU..Run : [Xdnonl] C:Documents and Settingss.kkApplication DataIdentitiesXdnonl.exe
    04 – HKCU..Run : [swg] “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKCU..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
    04 – HKCU..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKCU..Run : [se] “C:Documents and Settingss.kkApplication DataSkypEmoticonsSE.exe” /minimized
    04 – HKCU..Run : [Messenger (Yahoo!)] “C:PROGRA~1Yahoo!MessengerYahooMessenger.exe” -quiet
    04 – HKCU..Run : [MediaFire Tray] “C:Documents and Settingss.kkApplication DataMediaFire Expressmf_systray.exe” –boot-start
    04 – HKCU..Run : [iLivid] “C:Documents and Settingss.kkLocal SettingsApplication DataiLividiLivid.exe” -autorun
    04 – HKCU..Run : [Facebook Update] “C:Documents and Settingss.kkLocal SettingsApplication DataFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKCU..Run : [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
    04 – HKLM..Run : [autoupdater] C:Documents and Settingss.kkApplication DataAgence-ExclusiveAgence-Exclusiveautoupdater.exe
    04 – HKLM..Run : [RTHDCPL] RTHDCPL.EXE
    04 – HKLM..Run : [Persistence] C:WINDOWSsystem32igfxpers.exe
    04 – HKLM..Run : [pctuto] “C:Program FilesAgence-Exclusivepctuto.exe”
    04 – HKLM..Run : [lxdnmon.exe] “C:Program FilesLexmark 2600 Serieslxdnmon.exe”
    04 – HKLM..Run : [lxdnamon] “C:Program FilesLexmark 2600 Serieslxdnamon.exe”
    04 – HKLM..Run : [IgfxTray] C:WINDOWSsystem32igfxtray.exe
    04 – HKLM..Run : [HPWQTOOLBOX] C:Program FilesHewlett-PackardHP Deskjet 9800 SeriesToolboxHPWQTBX.exe “-i”
    04 – HKLM..Run : [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
    04 – HKLM..Run : [FaxCenterServer] “C:Program FilesLexmark Fax Solutionsfm3032.exe” /s
    04 – HKLM..Run : [AVG_UI] “C:Program FilesAVGAVG2014avgui.exe” /TRAYONLY
    04 – HKLM..Run : [Adobe ARM] “C:Program FilesFichiers communsAdobeARM1.0AdobeARM.exe”
    04 – HKUS-1-5-19..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
    04 – HKUS-1-5-20..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [Xdnonl] C:Documents and Settingss.kkApplication DataIdentitiesXdnonl.exe
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [swg] “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [se] “C:Documents and Settingss.kkApplication DataSkypEmoticonsSE.exe” /minimized
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [Messenger (Yahoo!)] “C:PROGRA~1Yahoo!MessengerYahooMessenger.exe” -quiet
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [MediaFire Tray] “C:Documents and Settingss.kkApplication DataMediaFire Expressmf_systray.exe” –boot-start
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [iLivid] “C:Documents and Settingss.kkLocal SettingsApplication DataiLividiLivid.exe” -autorun
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [Facebook Update] “C:Documents and Settingss.kkLocal SettingsApplication DataFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKUS-1-5-21-1123561945-1284227242-1801674531-1003..Run : [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
    04 – HKUS-1-5-18..Run : [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
    04 – HKUS-1-5-19..RunOnce : [nltide_2] regsvr32 /s /n /i:U shell32
    04 – HKUS-1-5-19..RunOnce : [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
    04 – HKUS-1-5-20..RunOnce : [nltide_2] regsvr32 /s /n /i:U shell32
    04 – HKUS-1-5-20..RunOnce : [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
    04 – HKUS-1-5-18..RunOnce : [nltide_2] regsvr32 /s /n /i:U shell32
    04 – HKUS-1-5-18..RunOnce : [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

    ################## | C: %SystemDrive% – Disque Fixe (NTFS) |

    [30/03/2012 – 15:48:44 | RASH | 0 Ko] – C:MSDOS.SYS
    [30/03/2012 – 15:48:44 | N | 0 Ko] – C:CONFIG.SYS
    [30/03/2012 – 15:48:44 | RASH | 0 Ko] – C:IO.SYS
    [28/06/2014 – 09:32:45 | ASH | 2095104 Ko] – C:pagefile.sys
    [25/06/2014 – 13:28:05 | D] – C:Config.Msi
    [30/03/2012 – 16:30:09 | N | 0 Ko] – C:Setup.log
    [17/09/2012 – 20:13:47 | N | 14 Ko] – C:hwupgradewizard.log
    [06/04/2012 – 07:12:16 | N | 1 Ko] – C:user.js
    [12/06/2014 – 23:07:24 | SH | 0 Ko] – C:boot.ini
    [25/04/2012 – 21:05:55 | N | 0 Ko] – C:srch_1.gif
    [25/04/2012 – 21:05:56 | N | 0 Ko] – C:srch_img_1.gif
    [25/04/2012 – 21:05:57 | N | 0 Ko] – C:srch_vid_1.gif
    [25/04/2012 – 21:06:15 | N | 0 Ko] – C:srch_sh_1.gif
    [25/04/2012 – 21:06:16 | N | 0 Ko] – C:srch_ans_1.gif
    [25/04/2012 – 21:06:19 | N | 0 Ko] – C:srch_aud_1.gif
    [25/04/2012 – 21:06:22 | N | 0 Ko] – C:hj_1.gif
    [25/04/2012 – 21:06:23 | N | 0 Ko] – C:srch_nws_1.gif
    [25/04/2012 – 21:06:24 | N | 0 Ko] – C:ab_1.gif
    [25/04/2012 – 21:06:31 | N | 0 Ko] – C:del_1.gif
    [25/04/2012 – 21:06:33 | N | 0 Ko] – C:flk2.gif
    [13/11/2012 – 05:45:41 | N | 24 Ko] – C:RECUP.DOC
    [14/04/2008 – 13:00:00 | N | 46 Ko | VirusTotal – (0/54)] – C:NTDETECT.COM
    [25/04/2012 – 21:06:20 | N | 0 Ko] – C:dir.bmp
    [25/04/2012 – 21:06:26 | N | 0 Ko] – C:edu.bmp
    [14/04/2008 – 13:00:00 | N | 5 Ko] – C:Bootfont.bin
    [25/12/2013 – 13:20:50 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
    [30/03/2012 – 15:48:44 | A | 0 Ko] – C:AUTOEXEC.BAT
    [14/04/2008 – 13:00:00 | RASH | 246 Ko] – C:ntldr
    [30/03/2012 – 16:15:27 | D] – C:Intel
    [08/04/2012 – 23:00:51 | D] – C:ce611b358163aaa33db73789bcf589
    [09/04/2012 – 19:40:21 | D] – C:2a176a13056963814ff730
    [10/04/2012 – 14:25:52 | D] – C:a2685aa35952652f8987e
    [20/09/2012 – 11:55:35 | D] – C:fcd91471d9778ec7e8a2eea7da
    [25/10/2012 – 21:22:28 | D] – C:Temp
    [17/11/2012 – 09:18:09 | RHD] – C:MSOCache
    [30/11/2012 – 08:05:14 | D] – C:logs
    [17/12/2012 – 11:30:49 | D] – C:Lexmark ToolBar
    [11/02/2013 – 14:05:11 | D] – C:Data
    [11/02/2013 – 14:07:11 | D] – C:e
    [24/03/2013 – 10:30:05 | D] – C:Documents and Settings
    [25/07/2013 – 20:33:39 | N | 0 Ko] – C:us
    [13/12/2013 – 12:17:25 | D] – C:$AVG
    [17/03/2014 – 07:04:39 | D] – C:AdwCleaner
    [24/06/2014 – 08:56:40 | D] – C:Program Files
    [27/06/2014 – 19:24:16 | D] – C:WINDOWS
    [28/06/2014 – 09:36:21 | SHD] – C:System Volume Information
    [28/06/2014 – 09:49:02 | D] – C:UsbFix
    [28/06/2014 – 09:56:55 | D] – C:Kernel
    [28/06/2014 – 09:56:55 | D] – C:system32
    [28/06/2014 – 09:56:57 | SHD] – C:RECYCLER

    ################## | D: – Disque Fixe (NTFS) |

    [11/11/2012 – 13:50:00 | SHD] – D:RECYCLER
    [19/12/2012 – 18:28:28 | D] – D:phtos sony19-12-2012
    [23/11/2013 – 08:33:53 | D] – D:Aymen
    [12/12/2013 – 20:39:30 | D] – D:photos
    [27/06/2014 – 14:27:07 | SHD] – D:System Volume Information

    ################## | F: – Disque USB (FAT32) |

    [20/01/2012 – 07:13:20 | N | 86 Ko] – F:2012-01-20_071305.png
    [20/01/2012 – 07:17:14 | N | 91 Ko] – F:2012-01-18_071656.png
    [20/01/2012 – 07:17:28 | N | 89 Ko] – F:2012-01-18_071721.png
    [17/12/2011 – 20:59:46 | N | 671 Ko] – F:Arrêté2005_3005.pdf
    [08/06/2012 – 07:55:48 | N | 638 Ko] – F:Arr21-10-2006batiments.pdf
    [10/06/2012 – 16:30:42 | N | 159 Ko] – F:7_2012.pdf
    [04/01/2012 – 07:20:52 | N | 61 Ko] – F:7nov.jpg
    [04/01/2012 – 17:58:24 | N | 21 Ko] – F:addition41.jpg
    [28/06/2014 – 07:35:54 | N | 0 Ko] – F:autorun.inf
    [17/02/2012 – 12:21:52 | N | 310 Ko | VirusTotal – (0/49)] – F:aswclear.exe
    [31/10/2012 – 09:09:34 | N | 73 Ko] – F:12_35.docx
    [16/09/2013 – 09:52:36 | D] – F:HPV
    [16/09/2013 – 09:52:38 | D] – F:anniversaire
    [16/09/2013 – 09:53:52 | D] – F:expertise ??????
    [16/09/2013 – 09:53:56 | D] – F:2juin
    [16/09/2013 – 12:07:38 | D] – F:Téléchargements
    [16/09/2013 – 12:10:40 | D] – F:sousse-eaux5
    [16/09/2013 – 12:39:14 | D] – F:Yosr
    [16/09/2013 – 12:39:32 | D] – F:CRT
    [16/09/2013 – 12:39:32 | D] – F:Bureau

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |

  • Photo du profil de g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8305

    ok attends un peu je contacte le concepteur d’USBFix pour certitude sur certains fichiers qui pourraient être encore infectieux

  • Photo du profil de soniasbzsoniasbz
    Participant
    Post count: 2

    Merci
    encore une question:j’ai encore au moins 6 autres clés qui sont sans aucun doute infectées.je dois refaire la même procédures?
    Merci encore

  • Photo du profil de g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8305

    oui

    en principe il faut utiliser usbfix avec tous les supports amovibles branchés dans la mesure du nombre de ports usb

Le sujet ‘ma clé désinfectée après usbfix?’ est fermé à de nouvelles réponses.