Bonjour, Voila, je vous explique, je sais pas si tous ces probleme sont liés mais cela me depasse. J'ai deja formaté mon PC voila 15 jours pour le meme probleme, cela l'avait resolu mais c'est revenu. Je vais essayer de les enumérer : - impossible d'activer les mis a jours automatique windows (centre de securité en bas a droite de l'ecran en permanence) - firefox ne veux plus s'ouvrir, (firefox a rencontrer un probleme.......) - sur internet explorer (quand je peux acceder a internet), il y a des fenetre de pub qui s'affiche. - mon antivirus trouve des fichier et me met des alertes mais n'arrive a supprimer ces fichiers ou les mettre en quarantaine Vu que le formatage n'a rien donné, j'ai evidemmant analyser mes autres disques dur et partitions mais sans succès. Adaware, spybot, ccleaner ont éé utiliser mais ineficace. J'avais Mc Afee en antivirus avant le formatage, maintenant j'ai antivir, mais le deux apparemment n'ont rien pu faire pour eviter ca. Meci d'avance pour votre aide

Probleme fenetre pub et mis a jour windows

Réponse 1 / 7

geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10

Salut !!

Télécharge hijackthis : http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

voici un tuto pour bien l installer : https://forums.cnetfrance.fr

-une fois installé, le renommer HJT.exe pour contrer une éventuelle infection vundo
-Double-clic dessus
- Clic sur "Do a system scan and save the log"
- copier le rapport, le coller dans la réponse

fbenital

Merci pour ta repons voici :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:57:38, on 15/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Benito\Bureau\hjt.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {46D3F55D-AF16-4360-A231-649905FA1B05} - C:\WINDOWS\system32\hgGWNDVm.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7768234D-E494-424D-96E6-4819A1E16325} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: {d6dd7999-e45c-dfb9-8be4-ef222ff9ee5d} - {d5ee9ff2-22fe-4eb8-9bfd-c54e9997dd6d} - C:\WINDOWS\system32\owabpd.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [bc0fb745] rundll32.exe "C:\WINDOWS\system32\nworkrpa.dll",b
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: iifgeBTL - iifgeBTL.dll (file missing)
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Réponse 2 / 7

geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10

tu as quelques infections vundo...fais ce qui suit stp :

Télécharger sur le bureau malware bytes : http://ww.commentcamarche.net/telecharger/telechargement 34055379 malwarebyte s anti malware?thread

= double-clic sur mbam-setup pour lancer l'installation
= Installer simplement sans rien modifier
= Quand le programme lancé ==> faire une mise à jour ensuite cocher Exécuter un examen complet
= Clic Rechercher
= Eventuellement décocher les disque à ne pas analyser
= Clic Lancer l'examen
= En fin de scan , si infection trouvée
==> Clic Afficher résultat
= Fermer vos applications en cours
= Vérifier si tout est coché et clic Supprimer la sélection

un rapport s'ouvre le copier et le coller dans la réponse

Puis redémarrer le pc !!

ensuite :

Télécharge sur le bureau virtumundobegone :
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

déconnecte internet et désactive ton antivirus le temps de la manipulation

=> Double clic sur VirtumundoBeGone.exe
=> Clic Continue ==> clic Start
=> Clic Oui
=> A la fin si Vundo est présent , le PC s’éteint et redémarre
- Si Ecran bleu et message : Erreur fatale .. pas de problème
=> Poster le rapport VBG.TXT qui est sur le bureau

Et refais un nouveau rapport hijackthis stp

fbenital

Malwarebytes' Anti-Malware 1.20
Version de la base de données: 957
Windows 5.1.2600 Service Pack 2

00:22:35 16/07/2008
mbam-log-7-16-2008 (00-22-35).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 73328
Temps écoulé: 14 minute(s), 46 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\hgGWNDVm.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\nworkrpa.dll (Trojan.Vundo) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46d3f55d-af16-4360-a231-649905fa1b05} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{46d3f55d-af16-4360-a231-649905fa1b05} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7768234d-e494-424d-96e6-4819a1e16325} (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bc0fb745 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7768234d-e494-424d-96e6-4819a1e16325} (Trojan.Vundo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwndvm -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwndvm -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\hgGWNDVm.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\mVDNWGgh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mVDNWGgh.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nworkrpa.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\aprkrown.ini (Trojan.Vundo) -> Quarantined and deleted successfully.

fbenital > fbenital

[07/16/2008, 0:30:26] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Benito\Bureau\VirtumundoBeGone.exe" )
[07/16/2008, 0:30:31] - Detected System Information:
[07/16/2008, 0:30:31] - Windows Version: 5.1.2600, Service Pack 2
[07/16/2008, 0:30:31] - Current Username: Benito (Admin)
[07/16/2008, 0:30:31] - Windows is in NORMAL mode.
[07/16/2008, 0:30:31] - Searching for Browser Helper Objects:
[07/16/2008, 0:30:31] - BHO 1: {46D3F55D-AF16-4360-A231-649905FA1B05} ()
[07/16/2008, 0:30:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/16/2008, 0:30:31] - No filename found. Continuing.
[07/16/2008, 0:30:31] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[07/16/2008, 0:30:31] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/16/2008, 0:30:31] - BHO 4: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[07/16/2008, 0:30:31] - BHO 5: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[07/16/2008, 0:30:31] - BHO 6: {d5ee9ff2-22fe-4eb8-9bfd-c54e9997dd6d} ()
[07/16/2008, 0:30:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/16/2008, 0:30:31] - Checking for HKLM\...\Winlogon\Notify\owabpd
[07/16/2008, 0:30:31] - Key not found: HKLM\...\Winlogon\Notify\owabpd, continuing.
[07/16/2008, 0:30:31] - Finished Searching Browser Helper Objects
[07/16/2008, 0:30:31] - Finishing up...
[07/16/2008, 0:30:31] - Nothing found! Exiting...

fbenital > fbenital

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:33:54, on 16/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Benito\Bureau\hjt.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {46D3F55D-AF16-4360-A231-649905FA1B05} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: {d6dd7999-e45c-dfb9-8be4-ef222ff9ee5d} - {d5ee9ff2-22fe-4eb8-9bfd-c54e9997dd6d} - C:\WINDOWS\system32\owabpd.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: iifgeBTL - iifgeBTL.dll (file missing)
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

fbenital > fbenital

Voila desolé ca été un peu long, mais j'ai l'antivirus qui s'est affolé sur la premiere manip

Réponse 3 / 7

geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10

est ce que tu as redémarré ton pc apres le passage de malwarebytes??

car il y a des fichiers infectés qui doivent se supprimer au redémarrage du pc

fbenital

oui j'ai redemaré le pc apres chaque manip

Réponse 4 / 7

geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10

ok...télécharge combofix (par sUBs) ici :

https://forospyware.com

et enregistre le sur le Bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

fbenital

ComboFix 08-07-13.14 - Benito 2008-07-16 0:47:59.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1580 [GMT 2:00]
Endroit: C:\Documents and Settings\Benito\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BMbf3c84d9.txt
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\hgGWNDVm.dll
C:\WINDOWS\system32\iccaidjl.ini
C:\WINDOWS\system32\iyfafikj.dll
C:\WINDOWS\system32\lehlxmce.ini
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\mVDNWGgh.ini
C:\WINDOWS\system32\mVDNWGgh.ini2
C:\WINDOWS\system32\ngtkxa.dll
C:\WINDOWS\system32\odolusng.dll
C:\WINDOWS\system32\owabpd.dll
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\qoMgdeDU.dll
C:\WINDOWS\system32\ssqRLBrr.dll
C:\WINDOWS\system32\tgfubv.dll
C:\WINDOWS\system32\ukwqlmvg.dll
C:\WINDOWS\system32\wdvfnwos.ini
C:\WINDOWS\system32\wkfcdxdd.dll
C:\WINDOWS\system32\wmxatsgr.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-15 to 2008-07-15 ))))))))))))))))))))))))))))))))))))
.

2019-07-06 16:34 . 2019-07-06 16:34 2,422 --a------ C:\WINDOWS\system32\wpa.bak
2019-07-06 16:15 . 2008-07-13 15:22 12 --a------ C:\WINDOWS\system32\mapisvc.inf
2019-07-06 16:14 . 2008-07-13 15:25 <REP> d-------- C:\Program Files\ESET
2008-07-16 00:06 . 2008-07-16 00:06 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Malwarebytes
2008-07-16 00:05 . 2008-07-16 00:06 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-16 00:05 . 2008-07-16 00:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-16 00:05 . 2008-07-07 17:35 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-16 00:05 . 2008-07-07 17:35 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-15 23:12 . 2008-07-15 23:12 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Talkback
2008-07-15 22:53 . 2008-07-15 22:53 <REP> d-------- C:\Program Files\CCleaner
2008-07-15 21:39 . 2008-07-15 21:39 95 --a------ C:\WINDOWS\wininit.ini
2008-07-15 21:15 . 2008-07-15 21:15 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Lavasoft
2008-07-15 21:14 . 2008-07-15 21:14 <REP> d-------- C:\Program Files\Lavasoft
2008-07-15 21:11 . 2008-07-15 21:11 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Grisoft
2008-07-15 21:11 . 2008-07-15 21:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-07-15 21:11 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-07-15 21:04 . 2008-07-15 21:04 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-15 21:04 . 2008-07-15 23:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-15 21:00 . 2008-07-15 21:09 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-15 20:59 . 2008-07-15 20:59 <REP> d-------- C:\Program Files\Google
2008-07-15 18:03 . 2008-07-15 18:03 <REP> d-------- C:\Documents and Settings\Benito\Application Data\CR330TWN
2008-07-15 18:03 . 2008-07-15 18:03 <REP> d-------- C:\Documents and Settings\Benito\Application Data\CR120TWN
2008-07-14 15:54 . 2004-08-19 16:09 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-07-14 15:54 . 2001-08-23 17:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-07-14 13:55 . 2008-07-15 21:14 143 --a------ C:\WINDOWS\system32\mcrh.MSNFix
2008-07-13 13:31 . 2008-07-13 13:31 <REP> d-------- C:\Program Files\Avira
2008-07-13 13:31 . 2008-07-13 13:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-13 11:35 . 2008-07-15 21:40 110,419 --a------ C:\WINDOWS\BMbf3c84d9.xml
2008-07-12 22:39 . 2008-07-15 22:49 1,804 --a------ C:\WINDOWS\cookies.MSNFix
2008-07-12 10:54 . 2008-07-13 11:44 <REP> d-------- C:\WINDOWS\system32\olixds18
2008-07-12 10:54 . 2008-07-12 10:54 <REP> d-------- C:\Temp\stmpv4
2008-07-12 10:54 . 2008-07-12 10:54 <REP> d-------- C:\Temp
2008-07-10 21:26 . 2008-07-10 21:26 <REP> d-------- C:\Webcam
2008-07-10 21:26 . 2003-10-29 01:01 28,672 --a------ C:\WINDOWS\system32\P1120Ext.crl
2008-07-10 21:26 . 2003-06-23 01:00 24,576 --a------ C:\WINDOWS\system32\P1120Pin.crl
2008-07-10 21:26 . 2002-03-26 13:48 896 --a------ C:\WINDOWS\system32\P1120Vex.loc
2008-07-10 21:24 . 2008-07-10 21:24 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Logitech
2008-07-10 21:22 . 2008-07-10 21:22 <REP> d-------- C:\Program Files\Logitech
2008-07-10 21:22 . 2008-07-10 21:22 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2008-07-10 21:22 . 2008-07-10 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-07-10 21:22 . 2007-01-30 01:46 163,840 --a------ C:\WINDOWS\system32\kemutb.dll
2008-07-10 21:22 . 2007-01-30 01:46 135,168 --a------ C:\WINDOWS\system32\KemUtil.dll
2008-07-10 21:22 . 2007-01-30 01:46 110,592 --a------ C:\WINDOWS\system32\KemWnd.dll
2008-07-10 21:22 . 2007-01-23 15:44 101,136 --a------ C:\WINDOWS\KHALMNPR.Exe
2008-07-10 21:22 . 2007-01-23 15:45 78,864 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2008-07-10 21:22 . 2007-01-30 01:46 69,632 --a------ C:\WINDOWS\system32\KemXML.dll
2008-07-10 21:22 . 2007-01-23 15:44 62,992 --a------ C:\WINDOWS\system32\drivers\L8042mou.Sys
2008-07-10 21:22 . 2007-01-23 15:44 20,496 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys
2008-07-09 12:55 . 2008-07-09 12:55 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Corel
2008-07-09 12:55 . 2008-07-15 18:00 952 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-07-09 12:54 . 2008-07-09 12:54 <REP> d-------- C:\Program Files\Corel
2008-07-09 12:50 . 2008-07-09 12:50 <REP> d-------- C:\Program Files\Finale Performance Assessment
2008-07-09 12:49 . 2008-07-09 12:49 <REP> d-------- C:\Psfonts
2008-07-09 12:49 . 2008-07-09 12:51 <REP> d-------- C:\Program Files\Finale 2005b
2008-07-09 12:49 . 2008-07-09 12:49 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-07-09 12:49 . 2004-03-29 16:23 90,112 --a------ C:\WINDOWS\unvise32.exe
2008-07-09 12:49 . 2008-07-09 12:49 507 --a------ C:\WINDOWS\winiini.fin
2008-07-09 12:45 . 2008-07-09 12:45 <REP> d-------- C:\WINDOWS\system32\QuickTime
2008-07-09 12:45 . 2008-07-09 12:45 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-07-09 12:45 . 2008-07-09 12:46 <REP> d-------- C:\Program Files\Macromedia
2008-07-09 12:45 . 2008-07-09 12:45 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia
2008-07-08 20:46 . 2008-07-08 20:46 <REP> d-------- C:\Program Files\Guitar Pro 5
2008-07-08 13:18 . 2008-07-08 13:18 <REP> d-------- C:\Program Files\Hewlett-Packard
2008-07-08 13:18 . 2008-07-08 13:18 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2008-07-08 13:13 . 2006-04-10 14:03 38,400 --a------ C:\WINDOWS\system32\hpz3l054.dll
2008-07-08 13:13 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-07-08 13:13 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-07-08 13:07 . 2008-07-08 13:07 <REP> d-------- C:\Program Files\HP
2008-07-08 13:02 . 2008-07-08 13:02 <REP> d-------- C:\Program Files\Sibelius Software
2008-07-08 12:50 . 2008-07-08 12:50 <REP> d-------- C:\Program Files\LimeWire
2008-07-08 12:50 . 2008-07-08 20:42 <REP> d-------- C:\Documents and Settings\Benito\Application Data\LimeWire
2008-07-08 11:58 . 2006-03-02 14:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-07-08 11:57 . 2008-04-23 06:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-07-08 11:57 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-07-08 11:57 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-07-08 11:57 . 2008-04-23 06:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-07-08 11:57 . 2008-04-23 06:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-07-08 11:57 . 2008-04-23 06:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-07-08 11:57 . 2008-04-23 06:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-07-08 11:57 . 2008-04-23 06:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-07-08 11:57 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-07-08 11:55 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-07-08 11:55 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-07-08 11:55 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-07-07 23:44 . 2008-07-07 23:44 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Media Player Classic
2008-07-07 23:44 . 2008-07-15 17:51 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-07-07 23:35 . 2008-07-07 23:35 <REP> d-------- C:\Program Files\Outils de Guitare-Online
2008-07-07 23:32 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-07 23:31 . 2008-07-07 23:32 <REP> d-------- C:\Program Files\Java
2008-07-07 23:31 . 2008-07-07 23:31 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-07-06 21:16 . 2008-07-06 21:16 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Ahead
2008-07-06 21:15 . 2008-07-06 21:15 <REP> d-------- C:\Program Files\Nero
2008-07-06 21:15 . 2008-07-06 21:16 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-07-06 21:12 . 2008-07-06 21:12 <REP> d-------- C:\Program Files\DAEMON Tools Toolbar
2008-07-06 21:12 . 2008-07-07 11:46 <REP> d-------- C:\Program Files\DAEMON Tools Lite
2008-07-06 21:10 . 2008-07-06 21:10 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-06 21:09 . 2008-07-06 21:09 <REP> d-------- C:\Documents and Settings\Benito\Application Data\DAEMON Tools
2008-07-06 20:59 . 2008-07-06 20:59 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Steinberg
2008-07-06 20:57 . 2008-07-06 20:57 <REP> d-------- C:\Program Files\Steinberg
2008-07-06 20:46 . 2008-07-06 20:46 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-07-06 20:46 . 2008-03-21 22:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-07-06 20:44 . 2008-07-06 20:44 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-07-06 20:43 . 2008-07-06 20:43 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-07-06 20:43 . 2008-07-06 20:44 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-07-06 20:15 . 2008-07-06 20:15 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-07-06 20:13 . 2008-07-06 21:12 <REP> d-------- C:\Program Files\NOS
2008-07-06 20:13 . 2008-07-06 21:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NOS
2008-07-06 18:28 . 2008-07-08 12:00 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-07-06 18:18 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-07-06 18:18 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-07-06 18:16 . 2008-07-06 18:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\IM
2008-07-06 18:15 . 2008-07-06 18:16 <REP> d-------- C:\Program Files\IncrediMail
2008-07-06 18:15 . 2008-07-06 18:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\IncrediMail
2008-07-06 16:54 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-07-06 16:54 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-07-06 16:54 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-07-06 16:54 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-07-06 16:54 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-07-06 16:52 . 2008-07-06 16:52 <REP> d--hs---- C:\Documents and Settings\Benito\UserData
2008-07-06 16:44 . 2008-07-06 16:44 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-06 16:11 . 2008-07-06 16:11 <REP> d-------- C:\Documents and Settings\Benito\Application Data\ATI
2008-07-06 16:06 . 2008-07-06 16:06 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-07-06 16:05 . 2008-07-06 16:07 <REP> d-------- C:\Program Files\ATI Technologies
2008-07-06 16:05 . 2005-07-11 22:12 524,850 -ra------ C:\WINDOWS\system32\drivers\ativcaxx.cpa
2008-07-06 16:05 . 2005-08-05 21:05 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-06 15:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-06 15:53 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-07-06 15:49 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-07-06 15:49 --------- d-----w C:\Program Files\Windows Live
2008-07-06 15:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-06 15:27 64,419 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-07-06 15:27 6,116 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-07-06 13:56 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-06 13:54 --------- d-----w C:\Program Files\Services en ligne
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2007-12-10 15:40 6,275,816 ----a-w C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"= "C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll" [2008-07-04 12:42 683464]

[HKEY_CLASSES_ROOT\clsid\{32099aac-c132-4136-9e9a-4e364a424e17}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"= "C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll" [2008-07-04 12:42 683464]

[HKEY_CLASSES_ROOT\clsid\{32099aac-c132-4136-9e9a-4e364a424e17}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-19 00:05 630784]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-06-12 13:49 243072]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 13:32 94208]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-07-15 20:59 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 01:07 61440]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

S3 P1120VID;Creative WebCam NX Ultra;C:\WINDOWS\system32\DRIVERS\P1120Vid.sys [2004-01-12 16:51]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be3d1e7c-4fef-11dd-8e25-0018f3995a60}]
\Shell\Auto\command - J:\Start.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe

.
- - - - ORPHANS REMOVED - - - -

BHO-{46D3F55D-AF16-4360-A231-649905FA1B05} - (no file)
BHO-{d5ee9ff2-22fe-4eb8-9bfd-c54e9997dd6d} - (no file)
HKLM-Run-NWEReboot - (no file)
Notify-iifgeBTL - iifgeBTL.dll

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-16 00:51:07
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-16 0:53:59 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-15 22:53:02

Pre-Run: 74,180,702,208 octets libres
Post-Run: 74,362,920,960 octets libres

261 --- E O F --- 2008-07-09 10:12:38

Réponse 5 / 7

geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10

ok fais ceci :

Copie le texte ci-dessous :

File::
c:\windows\cookies.ini
c:\windows\pskt.ini

Folder::

Registry::

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

ensuite refais un nouveau rapport hijackthis stp

fbenital

ComboFix 08-07-13.14 - Benito 2008-07-16 1:07:36.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1595 [GMT 2:00]
Endroit: C:\Documents and Settings\Benito\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Benito\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
c:\windows\cookies.ini
c:\windows\pskt.ini
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BMbf3c84d9.xml

.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-15 to 2008-07-15 ))))))))))))))))))))))))))))))))))))
.

2019-07-06 16:34 . 2019-07-06 16:34 2,422 --a------ C:\WINDOWS\system32\wpa.bak
2019-07-06 16:15 . 2008-07-13 15:22 12 --a------ C:\WINDOWS\system32\mapisvc.inf
2019-07-06 16:14 . 2008-07-13 15:25 <REP> d-------- C:\Program Files\ESET
2008-07-16 00:06 . 2008-07-16 00:06 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Malwarebytes
2008-07-16 00:05 . 2008-07-16 00:06 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-16 00:05 . 2008-07-16 00:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-16 00:05 . 2008-07-07 17:35 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-16 00:05 . 2008-07-07 17:35 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-15 23:12 . 2008-07-15 23:12 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Talkback
2008-07-15 22:53 . 2008-07-15 22:53 <REP> d-------- C:\Program Files\CCleaner
2008-07-15 21:39 . 2008-07-15 21:39 95 --a------ C:\WINDOWS\wininit.ini
2008-07-15 21:15 . 2008-07-15 21:15 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Lavasoft
2008-07-15 21:14 . 2008-07-15 21:14 <REP> d-------- C:\Program Files\Lavasoft
2008-07-15 21:11 . 2008-07-15 21:11 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Grisoft
2008-07-15 21:11 . 2008-07-15 21:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-07-15 21:11 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-07-15 21:04 . 2008-07-15 21:04 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-15 21:04 . 2008-07-16 01:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-15 21:00 . 2008-07-15 21:09 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-15 20:59 . 2008-07-15 20:59 <REP> d-------- C:\Program Files\Google
2008-07-15 18:03 . 2008-07-15 18:03 <REP> d-------- C:\Documents and Settings\Benito\Application Data\CR330TWN
2008-07-15 18:03 . 2008-07-15 18:03 <REP> d-------- C:\Documents and Settings\Benito\Application Data\CR120TWN
2008-07-14 15:54 . 2004-08-19 16:09 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-07-14 15:54 . 2001-08-23 17:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-07-14 13:55 . 2008-07-15 21:14 143 --a------ C:\WINDOWS\system32\mcrh.MSNFix
2008-07-13 13:31 . 2008-07-13 13:31 <REP> d-------- C:\Program Files\Avira
2008-07-13 13:31 . 2008-07-13 13:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-12 22:39 . 2008-07-15 22:49 1,804 --a------ C:\WINDOWS\cookies.MSNFix
2008-07-12 10:54 . 2008-07-13 11:44 <REP> d-------- C:\WINDOWS\system32\olixds18
2008-07-12 10:54 . 2008-07-12 10:54 <REP> d-------- C:\Temp\stmpv4
2008-07-12 10:54 . 2008-07-12 10:54 <REP> d-------- C:\Temp
2008-07-10 21:26 . 2008-07-10 21:26 <REP> d-------- C:\Webcam
2008-07-10 21:26 . 2003-10-29 01:01 28,672 --a------ C:\WINDOWS\system32\P1120Ext.crl
2008-07-10 21:26 . 2003-06-23 01:00 24,576 --a------ C:\WINDOWS\system32\P1120Pin.crl
2008-07-10 21:26 . 2002-03-26 13:48 896 --a------ C:\WINDOWS\system32\P1120Vex.loc
2008-07-10 21:24 . 2008-07-10 21:24 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Logitech
2008-07-10 21:22 . 2008-07-10 21:22 <REP> d-------- C:\Program Files\Logitech
2008-07-10 21:22 . 2008-07-10 21:22 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2008-07-10 21:22 . 2008-07-10 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-07-10 21:22 . 2007-01-30 01:46 163,840 --a------ C:\WINDOWS\system32\kemutb.dll
2008-07-10 21:22 . 2007-01-30 01:46 135,168 --a------ C:\WINDOWS\system32\KemUtil.dll
2008-07-10 21:22 . 2007-01-30 01:46 110,592 --a------ C:\WINDOWS\system32\KemWnd.dll
2008-07-10 21:22 . 2007-01-23 15:44 101,136 --a------ C:\WINDOWS\KHALMNPR.Exe
2008-07-10 21:22 . 2007-01-23 15:45 78,864 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2008-07-10 21:22 . 2007-01-30 01:46 69,632 --a------ C:\WINDOWS\system32\KemXML.dll
2008-07-10 21:22 . 2007-01-23 15:44 62,992 --a------ C:\WINDOWS\system32\drivers\L8042mou.Sys
2008-07-10 21:22 . 2007-01-23 15:44 20,496 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys
2008-07-09 12:55 . 2008-07-09 12:55 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Corel
2008-07-09 12:55 . 2008-07-15 18:00 952 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-07-09 12:54 . 2008-07-09 12:54 <REP> d-------- C:\Program Files\Corel
2008-07-09 12:50 . 2008-07-09 12:50 <REP> d-------- C:\Program Files\Finale Performance Assessment
2008-07-09 12:49 . 2008-07-09 12:49 <REP> d-------- C:\Psfonts
2008-07-09 12:49 . 2008-07-09 12:51 <REP> d-------- C:\Program Files\Finale 2005b
2008-07-09 12:49 . 2008-07-09 12:49 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-07-09 12:49 . 2004-03-29 16:23 90,112 --a------ C:\WINDOWS\unvise32.exe
2008-07-09 12:49 . 2008-07-09 12:49 507 --a------ C:\WINDOWS\winiini.fin
2008-07-09 12:45 . 2008-07-09 12:45 <REP> d-------- C:\WINDOWS\system32\QuickTime
2008-07-09 12:45 . 2008-07-09 12:45 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-07-09 12:45 . 2008-07-09 12:46 <REP> d-------- C:\Program Files\Macromedia
2008-07-09 12:45 . 2008-07-09 12:45 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia
2008-07-08 20:46 . 2008-07-08 20:46 <REP> d-------- C:\Program Files\Guitar Pro 5
2008-07-08 13:18 . 2008-07-08 13:18 <REP> d-------- C:\Program Files\Hewlett-Packard
2008-07-08 13:18 . 2008-07-08 13:18 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2008-07-08 13:13 . 2006-04-10 14:03 38,400 --a------ C:\WINDOWS\system32\hpz3l054.dll
2008-07-08 13:13 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-07-08 13:13 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-07-08 13:07 . 2008-07-08 13:07 <REP> d-------- C:\Program Files\HP
2008-07-08 13:02 . 2008-07-08 13:02 <REP> d-------- C:\Program Files\Sibelius Software
2008-07-08 12:50 . 2008-07-08 12:50 <REP> d-------- C:\Program Files\LimeWire
2008-07-08 12:50 . 2008-07-08 20:42 <REP> d-------- C:\Documents and Settings\Benito\Application Data\LimeWire
2008-07-08 11:58 . 2006-03-02 14:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-07-08 11:57 . 2008-04-23 06:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-07-08 11:57 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-07-08 11:57 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-07-08 11:57 . 2008-04-23 06:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-07-08 11:57 . 2008-04-23 06:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-07-08 11:57 . 2008-04-23 06:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-07-08 11:57 . 2008-04-23 06:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-07-08 11:57 . 2008-04-23 06:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-07-08 11:57 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-07-08 11:55 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-07-08 11:55 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-07-08 11:55 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-07-07 23:44 . 2008-07-07 23:44 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Media Player Classic
2008-07-07 23:44 . 2008-07-15 17:51 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-07-07 23:35 . 2008-07-07 23:35 <REP> d-------- C:\Program Files\Outils de Guitare-Online
2008-07-07 23:32 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-07 23:31 . 2008-07-07 23:32 <REP> d-------- C:\Program Files\Java
2008-07-07 23:31 . 2008-07-07 23:31 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-07-06 21:16 . 2008-07-06 21:16 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Ahead
2008-07-06 21:15 . 2008-07-06 21:15 <REP> d-------- C:\Program Files\Nero
2008-07-06 21:15 . 2008-07-06 21:16 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-07-06 21:12 . 2008-07-06 21:12 <REP> d-------- C:\Program Files\DAEMON Tools Toolbar
2008-07-06 21:12 . 2008-07-07 11:46 <REP> d-------- C:\Program Files\DAEMON Tools Lite
2008-07-06 21:10 . 2008-07-06 21:10 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-06 21:09 . 2008-07-06 21:09 <REP> d-------- C:\Documents and Settings\Benito\Application Data\DAEMON Tools
2008-07-06 20:59 . 2008-07-06 20:59 <REP> d-------- C:\Documents and Settings\Benito\Application Data\Steinberg
2008-07-06 20:57 . 2008-07-06 20:57 <REP> d-------- C:\Program Files\Steinberg
2008-07-06 20:46 . 2008-07-06 20:46 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-07-06 20:46 . 2008-03-21 22:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-07-06 20:44 . 2008-07-06 20:44 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-07-06 20:43 . 2008-07-06 20:43 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-07-06 20:43 . 2008-07-06 20:44 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-07-06 20:15 . 2008-07-06 20:15 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-07-06 20:13 . 2008-07-06 21:12 <REP> d-------- C:\Program Files\NOS
2008-07-06 20:13 . 2008-07-06 21:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NOS
2008-07-06 18:28 . 2008-07-08 12:00 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-07-06 18:18 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-07-06 18:18 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-07-06 18:16 . 2008-07-06 18:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\IM
2008-07-06 18:15 . 2008-07-06 18:16 <REP> d-------- C:\Program Files\IncrediMail
2008-07-06 18:15 . 2008-07-06 18:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\IncrediMail
2008-07-06 16:54 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-07-06 16:54 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-07-06 16:54 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-07-06 16:54 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-07-06 16:54 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-07-06 16:52 . 2008-07-06 16:52 <REP> d--hs---- C:\Documents and Settings\Benito\UserData
2008-07-06 16:44 . 2008-07-06 16:44 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-06 16:11 . 2008-07-06 16:11 <REP> d-------- C:\Documents and Settings\Benito\Application Data\ATI
2008-07-06 16:06 . 2008-07-06 16:06 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-07-06 16:05 . 2008-07-06 16:07 <REP> d-------- C:\Program Files\ATI Technologies
2008-07-06 16:05 . 2005-07-11 22:12 524,850 -ra------ C:\WINDOWS\system32\drivers\ativcaxx.cpa
2008-07-06 16:05 . 2005-08-05 21:05 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-07-06 16:05 . 2005-08-04 08:07 307,200 -ra------ C:\WINDOWS\system32\atiiiexx.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-06 15:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-06 15:53 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-07-06 15:49 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-07-06 15:49 --------- d-----w C:\Program Files\Windows Live
2008-07-06 15:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-06 15:27 64,419 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-07-06 15:27 6,116 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-07-06 15:27 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-07-06 13:56 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-06 13:54 --------- d-----w C:\Program Files\Services en ligne
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-10 15:40 6,275,816 ----a-w C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"= "C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll" [2008-07-04 12:42 683464]

[HKEY_CLASSES_ROOT\clsid\{32099aac-c132-4136-9e9a-4e364a424e17}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"= "C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll" [2008-07-04 12:42 683464]

[HKEY_CLASSES_ROOT\clsid\{32099aac-c132-4136-9e9a-4e364a424e17}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-19 00:05 630784]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-06-12 13:49 243072]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 13:32 94208]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-07-15 20:59 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 01:07 61440]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-07-10 21:22:33 688128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

S3 P1120VID;Creative WebCam NX Ultra;C:\WINDOWS\system32\DRIVERS\P1120Vid.sys [2004-01-12 16:51]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be3d1e7c-4fef-11dd-8e25-0018f3995a60}]
\Shell\Auto\command - J:\Start.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-16 01:08:20
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-07-16 1:08:44
ComboFix-quarantined-files.txt 2008-07-15 23:08:41
ComboFix2.txt 2008-07-15 22:54:00

Pre-Run: 74,347,270,144 octets libres
Post-Run: 74,337,865,728 octets libres

235 --- E O F --- 2008-07-09 10:12:38

fbenital > fbenital

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:10:13, on 16/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Benito\Bureau\hjt.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

fbenital > fbenital

Est ce que je dois te remettre un HijackThis apres redemarrage manuelle

Réponse 6 / 7

fbenital

En tout ca merci beaucoup, ca a l'air de fonctionner pour l'instant.

La je vais me coucher car boulot demain. Je te dirai demain si ca ne marche plus.

Merci encore, bonne nuit et a bientot

Réponse 7 / 7

geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10

ca a l air bon je ne vois plus d infections dans ton rapport...fais ceci stp :

relance hijackthis en cliquant sur scan only et coches cette ligne :

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

puis tu cliques sur fix checked.

vas faire la mise à niveau de java à cette adresse : https://www.java.com/fr/download/manual.jsp

est ce que tu as encore des problemes ??

Probleme fenetre pub et mis a jour windows

7 réponses

Votre réponse

Newsletters