Votre question

Active Desktop!!!

Tags :
  • Desktop
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Mai 2008 13:11:50

Salut,

Mon problème est plutôt classique mais je n'arrive pas a le résoudre malgré tous les conseils que j'ai pu lire sur différents forums. Active Desktop apparait comme fond d'écran et pas moyen de l'enlever. J'ai essayé de restaurer Active Desktop, j'ai essayé de restaurer mon PC mais je n'ai plus de calendrier donc aucun moyen de choisir une date antérieure au problème et j'ai ensuite essayé le clic droit pour aller sur "propriétés" et de décocher "afficher les pages web" mais rien n'est afficher mis a part "Ma page d'accueil".
J'ai vraiment besoin de vos conseils pour résoudre ce problème car j'ai peur qu'il ne s'aggrave. Mon PC est deja assez fragile comme ça!!

Autres pages sur : active desktop

14 Mai 2008 21:53:12

Ok merci, je vais le faire de suite.
Contenus similaires
14 Mai 2008 21:57:52

Voici le rapport:

Logfile of HijackThis v1.99.1
Scan saved at 21:55:37, on 14/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\windows\system32\jnwnw64j.exe
C:\WINDOWS\system32\lcntokdm.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\nom\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.whynotsearchhere.com/start.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2D21F137-3A44-43F1-B095-02B766F7D0DD} - C:\WINDOWS\system32\ljJCspnm.dll
O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MySidesearch Search Assistant - {9506910A-0F94-4ea1-B567-7070428B8B2B} - C:\WINDOWS\system32\mysidesearch_sidebar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: gooochi browser optimizer - {b0e5a149-bd62-71db-a197-428ea713581b} - C:\WINDOWS\system32\{30919fbb-7533-2861-2681-ae6cb471c660}.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SpeedOptimizer] "C:\Program Files\SpeedOptimizer\SPO.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [{BD-D0-0C-C0-DW}] C:\windows\system32\jnwnw64j.exe DWramFF
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\lcntokdm.exe DWramFF
O4 - HKLM\..\Run: [{747e46c6-37ee-d92f-62bb-ffad02d2b37a}] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\{30919fbb-7533-2861-2681-ae6cb471c660}.dll" DllInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background
O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\lcntokdm.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jnwnw64j.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://stoogetv.com/SOPCORE.CAB
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: ljJCspnm - C:\WINDOWS\SYSTEM32\ljJCspnm.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
14 Mai 2008 22:10:40

ok

tu es bien infecté...

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM



    15 Mai 2008 23:30:38

    Rapport MBAM:

    Malwarebytes' Anti-Malware 1.12
    Version de la base de données: 752

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 53947
    Temps écoulé: 1 hour(s), 2 minute(s), 29 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 33
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 4

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{b0e5a149-bd62-71db-a197-428ea713581b} (Adware.Vapsup) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b0e5a149-bd62-71db-a197-428ea713581b} (Adware.Vapsup) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{9506910a-0f94-4ea1-b567-7070428b8b2b} (Adware.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9506910a-0f94-4ea1-b567-7070428b8b2b} (Adware.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{faba076a-478a-4c32-a0a5-c774607901c2} (Adware.BHO) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{faba076a-478a-4c32-a0a5-c774607901c2} (Adware.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{9f593aac-ca4c-4a41-a7ff-a00812192d61} (Adware.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{749ec66f-a838-4b38-b8e5-e65d905fff74} (Adware.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{747e46c6-37ee-d92f-62bb-ffad02d2b37a} (Adware.Vapsup) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\{30919fbb-7533-2861-2681-ae6cb471c660}.dll (Adware.Vapsup) -> No action taken.
    C:\WINDOWS\system32\mysidesearch_sidebar.dll (Adware.BHO) -> No action taken.
    C:\Documents and Settings\nom\Local Settings\Temporary Internet Files\Content.IE5\WXXDCERB\dm[1].exe (Trojan.Downloader) -> No action taken.
    C:\Documents and Settings\nom\Local Settings\Temporary Internet Files\Content.IE5\X0EKTZKK\dm[1].exe (Trojan.Downloader) -> No action taken.
    16 Mai 2008 12:01:21

    bonjour

    tu as oublié quelque chose:
    C:\WINDOWS\system32\{30919fbb-7533-2861-2681-ae6cb471c660}.dll (Adware.Vapsup) -> No action taken.

  • Une fois le scan terminé,clique sur "Afficher les résultats" et enregistre le rapport sur ton Bureau.
  • Clique enfin sur "Supprimer la sélection".

    recommence stp
    16 Mai 2008 22:21:12

    Le nouveau rapport (j'espère qu'il ne manque rien):

    Malwarebytes' Anti-Malware 1.12
    Version de la base de données: 752

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 141838
    Temps écoulé: 39 minute(s), 35 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 3
    Clé(s) du Registre infectée(s): 27
    Valeur(s) du Registre infectée(s): 5
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 14
    Fichier(s) infecté(s): 37

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\awpqrhcs.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\byXNdcDw.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\ljJCspnm.dll (Trojan.Vundo) -> No action taken.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{599d5fca-393e-42d7-9b5e-237ef9eb3af0} (Trojan.Vundo) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{599d5fca-393e-42d7-9b5e-237ef9eb3af0} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysidesearchsearchassistant (Adware.BHO) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gooochi (Adware.Vapsup) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> No action taken.
    HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> No action taken.
    HKEY_CURRENT_USER\Software\MySidesearch (Adware.BHO) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> No action taken.
    HKEY_CURRENT_USER\Software\VideoEgg (Adware.VideoEgg) -> No action taken.
    HKEY_CURRENT_USER\Software\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deewoo Network Manager (Adware.Radio) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winvi (Adware.SoftMate) -> No action taken.
    HKEY_CURRENT_USER\Software\winvi (Adware.SoftMate) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{2d21f137-3a44-43f1-b095-02b766f7d0dd} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d21f137-3a44-43f1-b095-02b766f7d0dd} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ljjcspnm (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
    HKEY_CURRENT_USER\Software\ShoppingReport (Adware.Shopping.Report) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\runtime (Rootkit.Agent) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fccbd06f (Trojan.Vundo) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\WinUpdater (Trojan.Downloader) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\WebSUpdater (Trojan.Downloader) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BMfff8e3f3 (Trojan.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2d21f137-3a44-43f1-b095-02b766f7d0dd} (Trojan.Vundo) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\byxndcdw -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\byxndcdw -> No action taken.

    Dossier(s) infecté(s):
    C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> No action taken.
    C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> No action taken.
    C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.
    C:\Program Files\ShoppingReport\Bin\2.0.26 (Adware.Shopping.Report) -> No action taken.
    C:\Program Files\Helper (Adware.BHO) -> No action taken.
    C:\Program Files\winvi (Adware.SoftMate) -> No action taken.
    C:\Program Files\winvi\dsktp (Adware.SoftMate) -> No action taken.
    C:\WINDOWS\system32\dFrnx05 (Trojan.Agent) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> No action taken.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\awpqrhcs.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\schrqpwa.ini (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\byXNdcDw.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\wDcdNXyb.ini (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\wDcdNXyb.ini2 (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{5EF8B5D2-8566-4E17-B870-EE2DC800351E}\RP406\A0060493.dll (Adware.Vapsup) -> No action taken.
    C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe (Adware.BHO) -> No action taken.
    C:\WINDOWS\system32\{30919fbb-7533-2861-2681-ae6cb471c660}.dll-uninst.exe (Adware.Vapsup) -> No action taken.
    C:\WINDOWS\system32\dFrnx05\dFrnx051080.exe (Trojan.DownLoader) -> No action taken.
    C:\WINDOWS\system32\GUI2\FI-dt4x.exe (Trojan.Downloader) -> No action taken.
    C:\WINDOWS\system32\polX\roEbdll2.exe (Trojan.StartPage) -> No action taken.
    C:\WINDOWS\Temp\7CF28762C38CA0D4.tmp (Trojan.Dropper) -> No action taken.
    C:\WINDOWS\Temp\AE8AB41F91F72503.tmp (Malware.Trace) -> No action taken.
    C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> No action taken.
    C:\Program Files\winvi\Uninst.exe (Adware.SoftMate) -> No action taken.
    C:\Program Files\winvi\version.ini (Adware.SoftMate) -> No action taken.
    C:\Program Files\winvi\dsktp\AC_RunActiveContent.js (Adware.SoftMate) -> No action taken.
    C:\Program Files\winvi\dsktp\desktop.html (Adware.SoftMate) -> No action taken.
    C:\Program Files\winvi\dsktp\internetDetection.swf (Adware.SoftMate) -> No action taken.
    C:\Program Files\winvi\dsktp\settings.sol (Adware.SoftMate) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> No action taken.
    C:\WINDOWS\system32\winpfz33.sys (Malware.Trace) -> No action taken.
    C:\WINDOWS\system32\vrahwodn.dll (Trojan.Agent) -> No action taken.
    C:\WINDOWS\system32\pac.txt (Malware.Trace) -> No action taken.
    C:\WINDOWS\rs.txt (Malware.Trace) -> No action taken.
    C:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> No action taken.
    C:\WINDOWS\system32\zxdnt3d.cfg (Malware.Trace) -> No action taken.
    C:\WINDOWS\system32\ljJCspnm.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\5_exception.nls (Trojan.Tibs) -> No action taken.
    C:\Documents and Settings\nom\Local Settings\Temp\laf4D.tmp (Trojan.Zlob) -> No action taken.
    C:\WINDOWS\explorer.exe.tmp (Heuristics.Reserved.Word.Exploit) -> No action taken.
    16 Mai 2008 22:33:11

    re

    tu as encore oublié de cliquer sur supprimer la sélection a la fin du scan. Si tu ne le fais pas ça ne supprime rien...

    refais un scan et clique sur supprimer la selection en fin de scan

    puis:

    Désactive ton antivirus et tout autre type de protection.
    Télécharge ComboFix de sUBs :
    ComboFix.exe
    et sauvegarde le sur ton bureau et pas ailleurs!

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    ajoute un nouveau rapport Hijackthis.

    18 Mai 2008 01:04:10

    Je comprends pas je t'assure que j'ai fais exactement ce que tu m'as dit de faire. J'ai supprimé la sélection comme tu me l'a dit puis j'ai enregistré le rapport, c'est bizarre. J'ai peut-être fais une erreur mais j'ai pas l'impression. Je vais le refaire ainsi que le combofix et hijackthis!!
    18 Mai 2008 04:01:49

    Le problème semble être réglé grâce a combofix et sinon voici le nouveau rapport de MBAM:

    Malwarebytes' Anti-Malware 1.12
    Version de la base de données: 752

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 129881
    Temps écoulé: 33 minute(s), 5 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\byXNdcDw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ljJCspnm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

    J'enregistrais le rapport et ensuite je supprimais la sélection, je faisais l'inverse de que tu me disais de faire! :lol:  Mais merci tu m'a beaucoup aidé en espérant ne plus avoir ce type de problème!!
    18 Mai 2008 12:30:58

    bonjour

    il me faut le rapport C:\Combofix.txt :) 
    18 Mai 2008 22:21:47

    Bonjour,
    Merci pour tout mon ordinateur est maintenant clean.
    Mais le seul truc c'est que depuis que j'ai Combofix, l'icône Avast n'apparait plus dans la barre des taches (la petite boule bleue qui tourne sur elle-même) donc je n'ai plus de protection en temps réel.
    Que faire s'il te plait pour qu'il réapparaisse ?
    18 Mai 2008 23:23:36

    Compte rendu de ComboFix:

    ComboFix 08-05-15.3 - nom 2008-05-18 23:08:54.2 - NTFSx86
    Endroit: C:\Documents and Settings\nom\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    C:\Temp\1cb
    C:\Temp\1cb\syscheck.log
    C:\WINDOWS\dat.txt
    C:\WINDOWS\Downloaded Program Files\setup.inf
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\system32\MSINET.oca
    C:\WINDOWS\system32\wDcdNXyb.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-04-18 to 2008-05-18 ))))))))))))))))))))))))))))))))))))
    .

    2008-05-16 06:42 . 2008-05-16 16:22 94,208 --------- C:\WINDOWS\system32\awpqrhcs.dll
    2008-05-16 06:41 . 2008-05-16 10:24 109,883 --a------ C:\WINDOWS\BMfff8e3f3.xml
    2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Documents and Settings\nom\Application Data\Malwarebytes
    2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-05-15 22:05 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-05-15 22:05 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-05-13 16:33 . 2008-05-13 16:33 401,972 --a------ C:\WINDOWS\system32\g30.exe
    2008-05-13 16:25 . 2008-05-16 16:22 <REP> d-------- C:\WINDOWS\system32\polX
    2008-05-13 16:25 . 2008-05-16 16:22 <REP> d-------- C:\WINDOWS\system32\GUI2
    2008-05-13 16:25 . 2008-05-16 13:54 <REP> d-------- C:\WINDOWS\system32\binR
    2008-05-13 16:25 . 2008-05-13 16:25 <REP> d-------- C:\WINDOWS\system32\3036a
    2008-05-13 16:25 . 2008-05-13 16:25 <REP> d-------- C:\Temp\tmpvc14
    2008-05-13 16:25 . 2008-05-18 01:06 <REP> d-------- C:\Temp
    2008-05-13 16:25 . 2008-05-13 16:25 494,165 --a------ C:\Temp\dUbc1002.exe
    2008-05-13 16:25 . 2008-05-13 16:26 298,311 --a------ C:\WINDOWS\system32\gside.exe
    2008-05-08 22:49 . 2008-05-08 22:31 <REP> d-------- C:\PS3
    2008-04-21 17:42 . 2008-04-21 17:42 <REP> d-------- C:\Nouveau dossier
    2008-04-21 17:13 . 2008-04-21 17:13 <REP> d-------- C:\Program Files\Winamp Remote
    2008-04-21 17:13 . 2008-04-21 17:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-17 09:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-05-17 02:42 --------- d-----w C:\Program Files\SpeedFan
    2008-05-16 07:22 --------- d-----w C:\Program Files\eMule
    2008-05-16 01:11 --------- d-----w C:\Documents and Settings\nom\Application Data\uTorrent
    2008-05-13 15:31 --------- d-----w C:\Program Files\Incomplete
    2008-05-13 15:27 --------- d-----w C:\Documents and Settings\nom\Application Data\LimeWire
    2008-05-13 15:26 --------- d-----w C:\Program Files\LimeWire
    2008-05-01 22:31 5,632 ----a-w C:\WINDOWS\system32\drivers\StarOpen.sys
    2008-04-21 15:15 --------- d-----w C:\Program Files\Winamp
    2008-04-14 23:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2008-04-14 23:14 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-04-14 23:13 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
    2008-04-14 20:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-04-14 20:08 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared
    2008-04-06 15:25 --------- d-----w C:\Program Files\TVAnts
    2008-03-31 09:55 2,162 ----a-w C:\WINDOWS\system32\PerfStringBackup.TMP
    2008-03-31 00:56 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-03-28 21:11 --------- d-----w C:\Documents and Settings\nom\Application Data\Renoise
    2008-03-28 21:07 --------- d-----w C:\Program Files\Renoise 1.9.1
    2008-03-26 10:42 --------- d-----w C:\Program Files\iTunes
    2008-03-26 10:42 --------- d-----w C:\Program Files\iPod
    2008-03-26 10:40 --------- d-----w C:\Program Files\QuickTime
    2008-03-26 10:40 --------- d-----w C:\Program Files\Bonjour
    2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
    2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
    2008-03-24 17:15 --------- d-----w C:\Program Files\uTorrent
    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-03-19 08:36 --------- d-----w C:\Program Files\DAP
    2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
    2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
    2008-01-26 07:13 4 --sh--r C:\Documents and Settings\All Users\Application Data\sysqcl1129139270.dat
    2008-01-24 01:40 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
    2007-11-02 11:33 56 --sh--r C:\WINDOWS\system32\4A8AB8273B.sys
    2007-11-02 11:33 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((( snapshot@2008-05-18_ 1.33.26.43 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-05-17 23:13:47 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-05-18 20:15:52 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-05-18 20:16:00 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_514.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
    "MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-10-13 18:24 1694208]
    "Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CamTray.exe" [2005-10-27 12:00 299008]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-03 03:29 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 88363 C:\WINDOWS\AGRSMMSG.exe]
    "Cmaudio"="cmicnfg.cpl" []
    "SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 11:45 63712]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 05:11 185784]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
    "SpeedOptimizer"="C:\Program Files\SpeedOptimizer\SPO.exe" [2008-01-24 16:07 853488]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]

    C:\Documents and Settings\nom\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 16:05:56 65588]
    Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe [2007-07-09 22:24:38 1134592]
    Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 16:40:46 118784]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 16:39 294400]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Mps70.sys]
    @="Driver"

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\DAP\\DAP.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "C:\\Program Files\\SopCast\\SopCast.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
    "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\TVAnts\\Tvants.exe"=
    "C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
    "C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
    "C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-04 00:45]
    S3 cpuz129;cpuz129;C:\DOCUME~1\nom\LOCALS~1\Temp\cpuz_x32.sys []
    S3 idrmkl;idrmkl;C:\DOCUME~1\nom\LOCALS~1\Temp\idrmkl.sys []
    S3 Mps70;Mps70;C:\WINDOWS\System32\drivers\Mps70.sys [2008-01-24 23:47]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-05-05 18:36:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-05-18 20:20:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-18 23:13:35
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...


    **************************************************************************
    .
    Temps d'accomplissement: 2008-05-18 23:18:01
    ComboFix-quarantined-files.txt 2008-05-18 21:16:56

    Pre-Run: 101,409,828,864 octets libres
    Post-Run: 101,400,530,944 octets libres

    169 --- E O F --- 2008-05-17 03:19:03

    Rapport Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:22:50, on 18/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\Creative\Shared Files\CamTray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.whynotsearchhere.com/start.php
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
    O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
    O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [SpeedOptimizer] "C:\Program Files\SpeedOptimizer\SPO.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://stoogetv.com/SOPCORE.CAB
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID....
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    --
    End of file - 9360 bytes
    19 Mai 2008 13:07:12

    re

    1

    Copie (Ctrl+C) le texte ci-dessous :
    Driver::
    cpuz129
    idrmkl
    Mps70

    File::
    C:\WINDOWS\system32\awpqrhcs.dll
    C:\WINDOWS\BMfff8e3f3.xml
    C:\WINDOWS\system32\g30.exe
    C:\Temp\dUbc1002.exe
    C:\WINDOWS\system32\gside.exe
    C:\WINDOWS\System32\drivers\Mps70.sys

    Folder::
    C:\WINDOWS\system32\polX
    C:\WINDOWS\system32\GUI2
    C:\WINDOWS\system32\binR
    C:\WINDOWS\system32\3036a
    C:\Temp\tmpvc14

    Registry::
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Mps70.sys]



    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte que tu viens de copier.
    Sauvegarde ce fichier sous le nom de CFScript.txt

    Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture


  • Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
  • Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
    Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
  • Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

    2

    Voilà ce qu'on va faire, tu vas remplacer Avast! par Antivir, qui lui est un vrai antivirus, tu vas faire un scan avec et poster le rapport. :) 


    Désinstalle correctement Avast!


    Pour le remplacer par Antivir.

    -->Tuto<--


    Pourquoi changer ? : Avast! vs Antivir
    mais aussi:
    14 antivirus au banc d'essai
    Citation :
    Antivir : le plus efficace des gratuits


    20 Mai 2008 00:12:23

    Rapport Antivir:

    Avira AntiVir Personal
    Report file date: 2008-05-19 22:53

    Scanning for 1279773 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Normally booted
    Username: nom
    Computer name: PC-SFP3YX2E5TUW

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 2008-04-09 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 2008-03-18 09:02:56
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 2008-02-07 08:43:37
    LUKE.DLL : 8.1.2.9 151809 Bytes 2008-02-28 08:41:23
    LUKERES.DLL : 8.1.2.1 12033 Bytes 2008-02-21 08:28:40
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 13:08:58
    ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 2008-05-17 20:38:34
    ANTIVIR3.VDF : 7.0.4.62 56320 Bytes 2008-05-19 20:38:35
    Engineversion : 8.1.0.46
    AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
    AESCRIPT.DLL : 8.1.0.33 266618 Bytes 2008-05-19 20:38:52
    AESCN.DLL : 8.1.0.18 119156 Bytes 2008-05-19 20:38:51
    AERDL.DLL : 8.1.0.20 418165 Bytes 2008-05-19 20:38:50
    AEPACK.DLL : 8.1.1.5 364918 Bytes 2008-05-19 20:38:48
    AEOFFICE.DLL : 8.1.0.18 192890 Bytes 2008-05-19 20:38:46
    AEHEUR.DLL : 8.1.0.29 1253750 Bytes 2008-05-19 20:38:45
    AEHELP.DLL : 8.1.0.14 115063 Bytes 2008-05-19 20:38:40
    AEGEN.DLL : 8.1.0.21 303477 Bytes 2008-05-19 20:38:39
    AEEMU.DLL : 8.1.0.6 430451 Bytes 2008-05-19 20:38:37
    AECORE.DLL : 8.1.0.29 168311 Bytes 2008-05-19 20:38:36
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 2008-01-23 17:07:53
    AVPREF.DLL : 8.0.0.1 25857 Bytes 2008-02-18 10:37:50
    AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:26:47
    AVREG.DLL : 8.0.0.0 30977 Bytes 2008-01-23 17:07:49
    AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2008-02-28 08:31:31
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 2008-01-23 17:08:39
    NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 2008-03-10 14:37:25
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 2008-03-06 12:02:11

    Configuration settings for the scan:
    Jobname..........................: Manual Selection
    Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: All files
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
    Macro heuristic..................: on
    File heuristic...................: medium
    Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

    Start of the scan: 2008-05-19 22:53

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'firefox.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleWebAccClient.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleWebAccWarden.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'CamTray.exe' - '1' Module(s) have been scanned
    Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'realsched.exe' - '1' Module(s) have been scanned
    Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
    Scan process 'soundman.exe' - '1' Module(s) have been scanned
    Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
    Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'aawservice.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    38 processes with 38 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '32' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\ComboFix\NirCmdC.cfexe
    [DETECTION] Contains detection pattern of the application APPL/Tool.NirCmd.D
    [WARNING] The file was ignored!
    C:\ComboFix\psexec.cfexe
    [DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
    [WARNING] The file was ignored!
    C:\ComboFix\pv.cfexe
    [DETECTION] Contains detection pattern of the SPR/Tool.PV program
    [WARNING] The file was ignored!
    C:\Documents and Settings\nom\Bureau\ComboFix.exe
    [DETECTION] Contains detection pattern of the application APPL/Tool.NirCmd.D
    [DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
    [DETECTION] Contains detection pattern of the SPR/Tool.PV program
    [WARNING] The file was ignored!
    C:\Program Files\Incomplete\T-3545425-money world killa tay.mp3
    [DETECTION] Is the Trojan horse TR/Dldr.WMA.Wimad.N
    [NOTE] The file was deleted!
    C:\QooBox\Quarantine\C\Temp\dUbc1002.exe.vir
    [DETECTION] Contains detection pattern of the dropper DR/Dldr.Small.buy.142
    [NOTE] The file was deleted!
    C:\QooBox\Quarantine\C\WINDOWS\system32\awpqrhcs.dll.vir
    [DETECTION] Is the Trojan horse TR/Trash.Gen
    [NOTE] The file was deleted!
    C:\QooBox\Quarantine\C\WINDOWS\system32\g30.exe.vir
    [DETECTION] Contains detection pattern of the dropper DR/Agent.byy
    [NOTE] The file was deleted!


    End of the scan: 2008-05-20 00:09
    Used time: 1:15:16 min

    The scan has been done completely.

    8259 Scanning directories
    196158 Files were scanned
    10 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    4 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    196148 Files not concerned
    1413 Archives were scanned
    5 Warnings
    4 Notes

    Concernant le rapport ComboFix, aucun rapport n'est apparu et tu me dis que je peux le trouver dans C:\ComboFix.txt mais je ne sais pas ou il se trouve!!
    20 Mai 2008 16:59:01

    bonjour

    double clique sur ton poste de travail

    puis double clique sur C:\

    tu verras le document ComboFix.txt
    20 Mai 2008 22:24:56

    OK MERCI j'y avais etait pourtant mais je l'avais pas capté lolhttp://img.infos-du-net.com/forum/icones/smilies/lol.gi...
    :lol: 

    Rapport Combofix :

    ComboFix 08-05-15.3 - nom 2008-05-19 15:54:11.3 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.86 [GMT 2:00]
    Endroit: C:\Documents and Settings\nom\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\nom\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

    FILE ::
    C:\Temp\dUbc1002.exe
    C:\WINDOWS\BMfff8e3f3.xml
    C:\WINDOWS\system32\awpqrhcs.dll
    C:\WINDOWS\System32\drivers\Mps70.sys
    C:\WINDOWS\system32\g30.exe
    C:\WINDOWS\system32\gside.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\nom\Local Settings\Application Data\daavljheab.dat
    C:\Documents and Settings\nom\Local Settings\Application Data\daavljheab_nav.dat
    C:\Documents and Settings\nom\Local Settings\Application Data\daavljheab_navps.dat
    C:\Temp\dUbc1002.exe
    C:\Temp\tmpvc14
    C:\Temp\tmpvc14\dllvc.log
    C:\WINDOWS\BMfff8e3f3.xml
    C:\WINDOWS\system32\3036a
    C:\WINDOWS\system32\awpqrhcs.dll
    C:\WINDOWS\system32\binR
    C:\WINDOWS\System32\drivers\Mps70.sys
    C:\WINDOWS\system32\g30.exe
    C:\WINDOWS\system32\gside.exe
    C:\WINDOWS\system32\GUI2
    C:\WINDOWS\system32\polX

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_CPUZ129
    -------\Legacy_IDRMKL
    -------\Service_cpuz129
    -------\Service_idrmkl
    -------\Service_Mps70


    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-19 to 2008-05-19 ))))))))))))))))))))))))))))))))))))
    .

    2008-05-18 23:22 . 2008-05-18 23:22 <REP> d-------- C:\Program Files\Trend Micro
    2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Documents and Settings\nom\Application Data\Malwarebytes
    2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-05-15 22:05 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-05-15 22:05 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-05-13 16:25 . 2008-05-19 15:54 <REP> d-------- C:\Temp
    2008-05-08 22:49 . 2008-05-08 22:31 <REP> d-------- C:\PS3
    2008-04-21 17:42 . 2008-04-21 17:42 <REP> d-------- C:\Nouveau dossier
    2008-04-21 17:13 . 2008-04-21 17:13 <REP> d-------- C:\Program Files\Winamp Remote
    2008-04-21 17:13 . 2008-04-21 17:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-18 22:11 --------- d-----w C:\Program Files\eMule
    2008-05-17 09:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-05-17 02:42 --------- d-----w C:\Program Files\SpeedFan
    2008-05-16 01:11 --------- d-----w C:\Documents and Settings\nom\Application Data\uTorrent
    2008-05-13 15:31 --------- d-----w C:\Program Files\Incomplete
    2008-05-13 15:27 --------- d-----w C:\Documents and Settings\nom\Application Data\LimeWire
    2008-05-13 15:26 --------- d-----w C:\Program Files\LimeWire
    2008-05-01 22:31 5,632 ----a-w C:\WINDOWS\system32\drivers\StarOpen.sys
    2008-04-21 15:15 --------- d-----w C:\Program Files\Winamp
    2008-04-14 23:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2008-04-14 23:14 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-04-14 23:13 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
    2008-04-14 20:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-04-14 20:08 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared
    2008-04-06 15:25 --------- d-----w C:\Program Files\TVAnts
    2008-03-31 09:55 2,162 ----a-w C:\WINDOWS\system32\PerfStringBackup.TMP
    2008-03-31 00:56 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-03-28 21:11 --------- d-----w C:\Documents and Settings\nom\Application Data\Renoise
    2008-03-28 21:07 --------- d-----w C:\Program Files\Renoise 1.9.1
    2008-03-26 10:42 --------- d-----w C:\Program Files\iTunes
    2008-03-26 10:42 --------- d-----w C:\Program Files\iPod
    2008-03-26 10:40 --------- d-----w C:\Program Files\QuickTime
    2008-03-26 10:40 --------- d-----w C:\Program Files\Bonjour
    2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
    2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
    2008-03-24 17:15 --------- d-----w C:\Program Files\uTorrent
    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-03-19 08:36 --------- d-----w C:\Program Files\DAP
    2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
    2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
    2008-01-26 07:13 4 --sh--r C:\Documents and Settings\All Users\Application Data\sysqcl1129139270.dat
    2008-01-24 01:40 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
    2007-11-02 11:33 56 --sh--r C:\WINDOWS\system32\4A8AB8273B.sys
    2007-11-02 11:33 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((( snapshot@2008-05-18_ 1.33.26.43 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-05-17 23:13:47 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-05-19 14:00:23 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-05-19 14:00:32 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_548.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
    "MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-10-13 18:24 1694208]
    "Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CamTray.exe" [2005-10-27 12:00 299008]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-03 03:29 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 88363 C:\WINDOWS\AGRSMMSG.exe]
    "Cmaudio"="cmicnfg.cpl" []
    "SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [ ]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 05:11 185784]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
    "SpeedOptimizer"="C:\Program Files\SpeedOptimizer\SPO.exe" [2008-01-24 16:07 853488]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 16:39 294400]

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\DAP\\DAP.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "C:\\Program Files\\SopCast\\SopCast.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
    "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\TVAnts\\Tvants.exe"=
    "C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
    "C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
    "C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-04 00:45]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-05-05 18:36:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-05-19 13:20:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    21 Mai 2008 17:45:44

    bonjour

    comment se comporte ton pc?

    reposte un log hijackthis stp
    22 Mai 2008 10:28:13

    Bonjour,

    mon pc est clean le fonds d'ecran du bureau est revenu tout ca grace a toi je te remercie beaucoup.

    La je reponds rapidement alors je posterai hijackthis + tard.

    sinon j'aimerais savoir dois je supprimer Combofix de mon bureau ou pas? et si oui pour pouvoir le supprimer completement y a til quelquechose de special a faire ou juste le mettre dans la corbeille ? Car Antivir le detecte comme un objet malveillant.
    22 Mai 2008 12:28:58

    bonjour

    supprime C:\qoobox et C:\combofix

    j'attends ton rapport :) 
    25 Mai 2008 17:30:06

    Je suis vraiment désolé pour l'attente mais voila le rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:29, on 2008-05-25
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Creative\Shared Files\CamTray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.whynotsearchhere.com/start.php
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
    O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
    O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [SpeedOptimizer] "C:\Program Files\SpeedOptimizer\SPO.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://stoogetv.com/SOPCORE.CAB
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID....
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    --
    End of file - 9535 bytes
    25 Mai 2008 18:39:06

    re

    ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://webscanner.kaspersky.fr/

    ~ Clique sur Online Scanner.
    ~Accepte l'installation du contrôle ActiveX en cliquant sur le bouton Install.

    ~Sélectionne le poste de travail comme analyse.

    ~Enregistre le rapport en cliquant sur le bouton "Enregistrer rapport sous". Nomme-le, tu feras un copier/coller dans ta prochaine réponse.

    Tuto du scan en ligne
    25 Mai 2008 19:46:06

    re

    ok je vais faire ce que tu me dis mais je voulais te demander depuis que j'ai fais un log hijackthis licone Antivir n'apparait plus dans la barre des taches au demarrage et plus moyen de le remettre. Comment faire pour regler ca?
    25 Mai 2008 22:26:06

    a vrai dire il n'y a pas que l'icone Antivir qui n'apparait plus mais plus aucune icone n'apparait et je suis sur que ca vient de hijackthis car ca ma fait pareil la 1ere fois
    25 Mai 2008 22:42:21

    re

    ce n'est pas possible car on n'a rien fixé avec hijackthis donc, on n'a fait qu'un log de scan, rien d'autre. L'outil n'a rien supprimé suir ton pc.
    Est-ce qu'antivir tourne quand même ou pas?
    fais ton scan en ligne stp

    25 Mai 2008 22:49:18

    J'ai essayé kaspersky mais quand je fais acceptez, rien ne se lance!
    En plus, je commence a travailler en déplacement a partir de demain et donc je ne serais pas la avant un bon moment!
    25 Mai 2008 23:50:17

    re

    J'ai quand même fais un scan avec Antivir, voici le rapport:

    Avira AntiVir Personal
    Report file date: 2008-05-25 22:50

    Scanning for 1286439 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Normally booted
    Username: nom
    Computer name: PC-SFP3YX2E5TUW

    Version information:
    BUILD.DAT : 8.1.00.296 16479 Bytes 2008-04-29 10:47:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 2008-03-18 09:02:56
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 2008-02-07 08:43:37
    LUKE.DLL : 8.1.2.9 151809 Bytes 2008-02-28 08:41:23
    LUKERES.DLL : 8.1.2.1 12033 Bytes 2008-02-21 08:28:40
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 13:08:58
    ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 2008-05-17 20:38:34
    ANTIVIR3.VDF : 7.0.4.87 158720 Bytes 2008-05-24 22:37:28
    Engineversion : 8.1.0.46
    AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
    AESCRIPT.DLL : 8.1.0.33 266618 Bytes 2008-05-19 20:38:52
    AESCN.DLL : 8.1.0.18 119156 Bytes 2008-05-19 20:38:51
    AERDL.DLL : 8.1.0.20 418165 Bytes 2008-05-19 20:38:50
    AEPACK.DLL : 8.1.1.5 364918 Bytes 2008-05-19 20:38:48
    AEOFFICE.DLL : 8.1.0.18 192890 Bytes 2008-05-19 20:38:46
    AEHEUR.DLL : 8.1.0.29 1253750 Bytes 2008-05-19 20:38:45
    AEHELP.DLL : 8.1.0.14 115063 Bytes 2008-05-19 20:38:40
    AEGEN.DLL : 8.1.0.21 303477 Bytes 2008-05-19 20:38:39
    AEEMU.DLL : 8.1.0.6 430451 Bytes 2008-05-19 20:38:37
    AECORE.DLL : 8.1.0.29 168311 Bytes 2008-05-19 20:38:36
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 2008-01-23 17:07:53
    AVPREF.DLL : 8.0.0.1 25857 Bytes 2008-02-18 10:37:50
    AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:26:47
    AVREG.DLL : 8.0.0.0 30977 Bytes 2008-01-23 17:07:49
    AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2008-02-28 08:31:31
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 2008-01-23 17:08:39
    NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 2008-03-10 14:37:25
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 2008-03-06 12:02:11

    Configuration settings for the scan:
    Jobname..........................: Local Drives
    Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, D:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: All files
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
    Macro heuristic..................: on
    File heuristic...................: medium
    Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

    Start of the scan: 2008-05-25 22:50

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'firefox.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleWebAccClient.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleWebAccWarden.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
    Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'aawservice.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    25 processes with 25 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '19' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    Begin scan in 'D:\'
    Search path D:\ could not be opened!
    Le périphérique n'est pas prêt.



    End of the scan: 2008-05-25 23:30
    Used time: 40:00 min

    The scan has been done completely.

    8324 Scanning directories
    215527 Files were scanned
    0 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    215527 Files not concerned
    1438 Archives were scanned
    1 Warnings
    0 Notes

    26 Mai 2008 10:14:09

    sinon pour la barre des taches.
    en effet rien n'a été supprimé mais ce que je veux dire c'est que plus rien n'apparait dans la barre des taches. il y a juste l'icone volume mais rien d'autre.
    y a t-il quelquechose a faire pour que tout réapparait ?
    26 Mai 2008 20:43:37

    re

    - Réparer la barre des tâches :
    Un utilitaire téléchargeable à cette adresse www.kellys-korner-xp.com/TaskbarRepairToolPlus!.zip peut vous rendre de grands services. Une fois l'archive ZIP décompressée, double-cliquez sur ce fichier exécutable : TaskbarRepairToolPlus!.exe. Une boîte de dialogue vous avertit que certaines commandes seront désactivées tant que vous n'aurez pas acquis une licence. Dans la liste déroulante Taskbar Problems, cliquez sur ce qui s'apparente à votre problème, puis cliquez sur le bouton Repair.
    Voici une liste partielle des problèmes que cet utilitaire peut résoudre :
    * La barre des tâches est manquante.
    * Les barres d'outils de la Barre des tâches disparaissent à chaque démarrage.
    * La commande Verrouiller la Barre des tâches est grisée.
    * Les icônes des applications ouvertes n'apparaissent pas dans la barre des tâches.<<<--- pour toi c'est ça
    * La commande Barre d'outils est grisée.
    * La commande Masquer automatiquement la Barre des tâches est désactivée à chaque redémarrage.
    De nombreuses autres options sont disponibles concernant la zone de notification et la zone de lancement rapide.


    source:
    http://www.hotline-pc.org/barredetaches.htm



    27 Mai 2008 16:35:30

    Merci pour le logiciel mais c'est en anglais et la liste des problemes es telemnt longue que je ne sais pas exactement c'est quoi qu'il faut choisir.
    "Les icones n'apparaissent pas dans la barre des taches" : ca donne quoi en anglais ?
    Merci pour ta reponse
    27 Mai 2008 17:12:55

    re

    The icons of the opened applications do not appear in the taskbar
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS