Pb virus sur live messenger

Merci pour aide jlpjlp !

Avec mon peu de connaissance en dépannage, j'essaie de suivre toutes tes instructions. Je viens donc d'analyser le fichier suivant :

C:\windows\system32\spoolsv(2).exe. voici donc le rapport ci-a^rès, qui m'a été donné :

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.9.0 2008.04.09 -
AntiVir 7.6.0.81 2008.04.09 -
Authentium 4.93.8 2008.04.09 -
Avast 4.8.1169.0 2008.04.09 -
AVG 7.5.0.516 2008.04.09 -
BitDefender 7.2 2008.04.09 -
CAT-QuickHeal 9.50 2008.04.08 -
ClamAV 0.92.1 2008.04.09 -
DrWeb 4.44.0.09170 2008.04.09 -
eSafe 7.0.15.0 2008.04.09 -
eTrust-Vet 31.3.5684 2008.04.09 -
Ewido 4.0 2008.04.09 -
F-Prot 4.4.2.54 2008.04.08 -
F-Secure 6.70.13260.0 2008.04.09 -
FileAdvisor 1 2008.04.09 No threat detected, but known vulnerabilities exist
Fortinet 3.14.0.0 2008.04.09 -
Ikarus T3.1.1.26 2008.04.09 -
Kaspersky 7.0.0.125 2008.04.09 -
McAfee 5270 2008.04.09 -
Microsoft 1.3408 2008.04.09 -
NOD32v2 3014 2008.04.09 -
Norman 5.80.02 2008.04.09 -
Panda 9.0.0.4 2008.04.08 -
Prevx1 V2 2008.04.09 -
Rising 20.39.12.00 2008.04.08 -
Sophos 4.28.0 2008.04.09 -
Sunbelt 3.0.1032.0 2008.04.08 -
Symantec 10 2008.04.09 -
TheHacker 6.2.92.269 2008.04.09 -
VBA32 3.12.6.4 2008.04.06 -
VirusBuster 4.3.26:9 2008.04.09 -
Webwasher-Gateway 6.6.2 2008.04.09 -
Information additionnelle
File size: 57856 bytes
MD5...: b4ef928e4fad79364a80acba6d999934
SHA1..: 80b08e9edd4edb697688e2d1266241569999a277
SHA256: f85b656091995c3a6916ee94160732f52a3b5e9387a27ead3c740fda92363936
SHA512: 445f7e9f1e34422a5cf7e906757e096eb1dbde8af3c1e73ed852b8179d573434
110b758a2a42b68633e40ce0db1699f8119cebb0ff1eccb4dd1c41fcb5304428
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x100637a
timedatestamp.....: 0x41107eb4 (Wed Aug 04 06:14:12 2004)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xba30 0xbc00 5.96 6b6d77f62f681e85b31f1d9c22531a38
.data 0xd000 0x138c 0x1400 2.23 c5a21bf1e7d86df2c21db3ef5c7e28ac
.rsrc 0xf000 0xc78 0xe00 6.19 379eff6fefd381cd4ad70f1dde3b3161

( 6 imports )
> msvcrt.dll: __initenv, _exit, __getmainargs, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _controlfp, _XcptFilter, wcsrchr, wcslen, _c_exit, _stricmp, _wcsnicmp, _except_handler3
> ADVAPI32.dll: SetServiceStatus, RegQueryValueExW, AllocateAndInitializeSid, FreeSid, InitializeSecurityDescriptor, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, GetLengthSid, InitializeAcl, AddAccessAllowedAce, AddAccessDeniedAce, GetAce, SetSecurityDescriptorDacl, GetSecurityDescriptorLength, MakeSelfRelativeSD, RegDisablePredefinedCache, RegOpenKeyExW, RegCloseKey, RegisterServiceCtrlHandlerExW, StartServiceCtrlDispatcherW
> KERNEL32.dll: GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, GetCurrentProcessId, SetUnhandledExceptionFilter, GetModuleHandleA, GetCurrentThreadId, GetTickCount, UnhandledExceptionFilter, QueryPerformanceCounter, FreeLibrary, InterlockedExchange, GetModuleHandleW, GetLastError, ExitThread, CloseHandle, WaitForSingleObject, CreateEventW, CreateThread, ExitProcess, Sleep, OpenEventW, LoadLibraryA, InitializeCriticalSection, LocalFree, LocalAlloc, SetEvent, LeaveCriticalSection, EnterCriticalSection, SetLastError, OpenProcess, InterlockedIncrement, RaiseException, InterlockedDecrement, GetProcAddress, GetSystemDirectoryW
> GDI32.dll: bMakePathNameW, GdiInitSpool, GdiGetSpoolMessage
> RPCRT4.dll: RpcServerRegisterIf2, I_RpcBindingIsClientLocal, I_RpcSessionStrictContextHandle, RpcRaiseException, RpcImpersonateClient, RpcRevertToSelf, NdrServerCall2, RpcServerUseProtseqEpA, I_RpcSsDontSerializeContext, RpcMgmtSetServerStackSize, RpcServerListen
> ntdll.dll: RtlValidRelativeSecurityDescriptor

( 12 exports )
YDriverUnloadComplete, YEndDocPrinter, YFlushPrinter, YGetPrinter, YGetPrinterDriver2, YGetPrinterDriverDirectory, YReadPrinter, YSeekPrinter, YSetJob, YSetPort, YSplReadPrinter, YWritePrinter

Bit9 info: http://fileadvisor.bit9.com/services/extinfo.aspx?md5=b4ef928e4fad79364a80acba6d999934

Je vais donné essayé de faire les différentes manip que tu m'as indiqué avec Hijackthis.

J'ai déjà installé il y a quelques temps Hijackthis.exe doi je le désinstaller et refaire les manip que tu m'as indiqué?

Bonne soirée et encore merci pour ta patience car je ne suis pas une lumière en informatique....

hello jlpjlp !!

Je viens de trouver comment avoir un rapport avec hijacthis. Je te le poste tout de suite ci-après :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:47:31, on 09/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\windows\system32\atiptaxx.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\windows\System32\tcpsvcs.exe
C:\windows\System32\snmp.exe
C:\windows\System32\svchost.exe
C:\windows\system32\devldr32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\windows\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 212.30.118.74 espaceclient.neuf.fr
O1 - Hosts: 213.246.36.244 www.pcastuces.com
O1 - Hosts: 195.248.250.150 www.journaldunet.com
O1 - Hosts: 213.186.33.4 www.depannetonpc.net
O1 - Hosts: 145.226.109.155 www.cic.fr
O1 - Hosts: 158.191.172.131 www.ca-normandie-seine.fr
O1 - Hosts: 193.56.241.109 pro.douane.gouv.fr
O1 - Hosts: 193.56.241.107 www.douane.gouv.fr
O1 - Hosts: 217.212.244.94 www.king.com
O1 - Hosts: 205.188.196.25 assistance.neuf.fr
O1 - Hosts: 212.30.118.74 contact.neuf.fr
O1 - Hosts: 84.96.147.69 moncompte.neuf.fr
O1 - Hosts: 212.30.118.74 www.neufblog.com
O1 - Hosts: 206.222.229.17 www.neufportail.fr
O1 - Hosts: 212.30.118.74 recherche.neuf.fr
O1 - Hosts: 212.30.118.74 webmail.neuf.fr
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MySidesearch Search Assistant - {C17E102B-BD29-4e92-B699-1A21D2CB8E6C} - C:\windows\system32\mysidesearch_sidebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [TweakDUN] C:\Program Files\TweakDUN\tweakdun.exe splash
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Bonjour jlpjlp !

Jre viens de suivre à la lettre tout ce que tu viens de m'expliquer et voici le rapport qui m'a été donné après avoir lancer OTMoveIt :


File/Folder C:\windows\system32\mysidesearch_sidebar.dll not found.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 04102008_145121

Apparement cela n'a pas donné grand chose on dirait....

Bonne journée a toi

Décidement je ne sais pas si je vais m'en sortir....

Oui j'ai bien fait hoster comme tu me l'as indiqué.
Tu me dique je suis détourné quand je surf. Ca veut dire quoi exactement s'il te plait?

Ensuite j'ai cliqué sur le lient pour mettre à jour internet.... et Big problème tout s'est bloqué...

Je fais refaire plusieurs tentative, et je te dis bonne soirée. Tchusssss

CA y estt victoire j'e viens de mettre a jour internet explorer 7

Mais peux tu me dire ce que ca veut dire etre détournée???????

Je t'envoie le nouveau rapport que je viens de faire sur hijacktis :

Logfile of HijackThis v1.99.1
Scan saved at 19:16:53, on 10/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\windows\system32\atiptaxx.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\windows\System32\tcpsvcs.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\windows\System32\snmp.exe
C:\windows\System32\svchost.exe
C:\windows\system32\devldr32.exe
C:\windows\system32\wscntfy.exe
C:\windows\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Assistant MySidesearch - {6156A32A-C512-4e23-AA9A-2315F4265681} - C:\windows\system32\myss_sb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [TweakDUN] C:\Program Files\TweakDUN\tweakdun.exe splash
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Oupsss j'ai oublié de réinstaller AVG7 avec te t'envoyer le nouveau rapport fait sur hijacthis....

J'espère que cela n'a pas d'importance...

Bonne soirée

bonjour jlpjlp,

Je vien de retrouver le site qui s'était inscrit sur l'adresse d'un de mes contact sur msn. Il s'agit de www.Blockandroll.net.

Je ne sais pas si tout ce que je t'ai écris, ca va te parler...
Très bonne journée à toi.

bonjour jlpjlp !!!

Je viens de faire toute les manip que tu m'a indiqué. Je te poste donc le rapport fait par SDFix :


[b]SDFix: Version 1.169 [/b]
Run by Annie on 11/04/2008 at 11:40

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-11 11:45:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 32


[b]Remaining Services [/b]:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\a-squared Free\\a2free.exe"="C:\\Program Files\\a-squared Free\\a2free.exe:*:Enabled:a-squared Free"
"C:\\Program Files\\Neuf\\Kit\\9mail.exe"="C:\\Program Files\\Neuf\\Kit\\9mail.exe:*:Enabled:Assistant de messagerie"
"C:\\Program Files\\Neuf\\Kit\\9props.exe"="C:\\Program Files\\Neuf\\Kit\\9props.exe:*:Enabled:Etat de votre connexion"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing"
"C:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\Shareaza\\skin.exe"="C:\\Program Files\\Shareaza\\skin.exe:*:Enabled:skin"
"C:\\DOCUME~1\\Annie\\LOCALS~1\\Temp\\rspn‚‚œ'œ'%''msn'Š%'fix''.exe"="C:\\DOCUME~1\\Annie\\LOCALS~1\\Temp\\rspn‚‚œ'œ'%''msn'Š%'fix''.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:


[b]Finished![/b]


Voici aussi le rapport fait par Combofix.exe :

ComboFix 08-04-10.9 - Annie 2008-04-11 16:46:00.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.501 [GMT 2:00]
Endroit: C:\Documents and Settings\Annie\Bureau\Killbagle.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Adssite Games Collection
C:\Program Files\Adssite Games Collection\BattlesOfHelicopters.exe
C:\Program Files\Adssite Games Collection\BobAndBill.exe
C:\Program Files\Adssite Games Collection\CrazyBlocks.exe
C:\Program Files\Adssite Games Collection\Lines.exe
C:\Program Files\Adssite Games Collection\uninstall.exe
C:\Program Files\Adssite Games Collection\VideoPool.exe
C:\windows\system32\rightonadz-uninst.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IPRIP
-------\Service_Iprip


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-11 to 2008-04-11 ))))))))))))))))))))))))))))))))))))
.

2008-04-11 14:00 . <REP> C:\WINDOWS\LastGood.Tmp
2008-04-11 11:38 . 2008-04-11 11:38 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-11 11:33 . 2008-04-11 11:48 <REP> d-------- C:\SDFix
2008-04-11 11:16 . 2008-04-11 11:16 <REP> d--h----- C:\Documents and Settings\Administrateur.COUL-Y7GSZEPKKF\ModŠles
2008-04-11 11:16 . 2008-04-11 11:16 <REP> d-------- C:\Documents and Settings\Administrateur.COUL-Y7GSZEPKKF\Menu D‚marrer
2008-04-11 11:16 . 2008-04-11 11:16 <REP> dr------- C:\Documents and Settings\Administrateur.COUL-Y7GSZEPKKF\Favoris
2008-04-11 11:16 . 2008-04-11 11:16 <REP> d-------- C:\Documents and Settings\Administrateur.COUL-Y7GSZEPKKF\Bureau
2008-04-10 18:56 . 2008-04-10 18:56 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-04-10 18:54 . 2008-04-10 18:55 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-04-10 18:31 . 2008-04-10 18:31 <REP> d-------- C:\54ab825a422f0185fe441f67f3
2008-04-10 16:35 . 2007-07-01 05:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-10 16:35 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-10 16:35 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-10 16:35 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-10 16:34 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-10 16:34 . 2007-07-01 05:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-10 16:34 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-04-10 16:34 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-10 16:34 . 2006-10-27 15:09 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-04-10 16:34 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-10 16:31 . 2008-04-10 16:31 <REP> d-------- C:\39d5d18f1a5b757a6dba
2008-04-10 14:17 . 2008-04-10 14:17 <REP> d-------- C:\_OTMoveIt
2008-04-10 10:38 . 2008-04-11 02:12 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-04-10 01:24 . 2008-04-10 01:24 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-04-10 01:24 . 2008-04-10 01:24 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-04-10 01:23 . 2008-04-10 01:23 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-04-10 01:23 . 2008-04-10 01:23 <REP> d-------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-04-10 01:16 . 2008-04-10 01:16 89,070 --a------ C:\WINDOWS\system32\myss_sb_uninstall.exe
2008-04-09 17:35 . 2008-04-09 17:35 333,824 --a------ C:\WINDOWS\system32\myss_sb.dll
2008-04-09 10:36 . 2008-04-11 01:51 <REP> d-------- C:\Program Files\MSNFix
2008-04-09 00:28 . 2008-04-09 00:28 <REP> d-------- C:\VundoFix Backups
2008-04-09 00:21 . 2008-04-09 00:22 <REP> d-------- C:\Program Files\Windows Live Safety Center
2008-04-07 19:08 . 2008-04-07 19:08 <REP> d-------- C:\Documents and Settings\Annie\Application Data\Grisoft
2008-04-07 19:00 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-04-07 18:32 . 2008-04-10 19:27 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-04-07 16:10 . 2008-04-07 16:10 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2008-04-07 14:15 . 2008-04-07 14:15 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Emjysoft
2008-04-07 14:14 . 2008-04-07 14:14 <REP> d-------- C:\Program Files\Emjysoft
2008-04-07 11:37 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-04-07 11:36 . 2008-04-07 11:36 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-06 10:31 . 2008-04-06 10:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-04-06 09:59 . 2008-04-06 09:59 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-04-03 22:31 . 2006-10-04 16:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-04-03 22:31 . 2006-10-04 16:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-04-03 22:31 . 2006-10-04 16:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-04-03 22:30 . 2008-04-03 22:30 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-03-31 17:20 . 2004-08-04 01:54 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-03-29 21:52 . 2008-03-29 21:52 22 --a------ C:\WINDOWS\system32\ati64hl2.stb
2008-03-24 09:51 . 2008-03-24 09:51 <REP> d-------- C:\Films
2008-03-24 09:51 . 2008-04-03 23:11 <REP> d-------- C:\ANNIE
2008-03-22 20:33 . 2008-03-24 09:52 <REP> d-------- C:\Program Files\IrfanView
2008-03-22 20:27 . 2008-03-22 20:27 <REP> d-------- C:\Documents and Settings\Annie\Application Data\Leadertech
2008-03-22 12:14 . 2008-04-03 22:31 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-03-22 12:13 . 2008-04-03 22:30 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-03-20 21:03 . 2008-03-20 21:03 <REP> d-------- C:\Program Files\Shareaza
2008-03-20 01:04 . 2008-03-20 01:04 230,454 --a------ C:\WINDOWS\system32\a3.bmp
2008-03-15 01:34 . 2008-03-15 01:34 <REP> d-------- C:\Program Files\Easy cleaner
2008-03-15 01:10 . 2008-03-15 01:10 <REP> d-------- C:\Program Files\Languages
2008-03-15 01:10 . 2008-03-15 01:10 <REP> d-------- C:\Program Files\Helps
2008-03-11 11:45 . 2008-02-22 03:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-11 11:27 . 2008-03-11 11:26 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-03-11 11:23 . 2008-03-11 11:23 <REP> d-------- C:\WINDOWS\Sun
2008-03-11 11:22 . 2008-03-11 11:45 <REP> d-------- C:\Program Files\Java
2008-03-11 11:22 . 2008-03-11 11:22 <REP> d-------- C:\Program Files\Fichiers communs\Java

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-11 06:00 --------- d-----w C:\Documents and Settings\Annie\Application Data\AVG7
2008-04-11 00:12 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-04-10 17:27 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\avg7
2008-04-09 12:02 --------- d-----w C:\Program Files\Windows Live
2008-04-07 09:51 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2008-03-23 10:45 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-23 10:45 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-03-20 19:03 --------- d-----w C:\Documents and Settings\Annie\Application Data\Shareaza
2008-03-20 08:09 1,845,376 ----a-w C:\windows\system32\win32k.sys
2008-03-18 23:39 84,729 ----a-w C:\windows\system32\mysidesearch_sidebar_uninstall.exe
2008-03-12 12:42 --------- d-----w C:\Program Files\Weight Watchers FlexiPoints
2008-03-11 20:19 155,995 ----a-w C:\windows\java\Packages\KWHR7ZPZ.ZIP
2008-03-09 09:50 --------- d-----w C:\Program Files\Trend Micro
2008-03-09 09:27 --------- d--h--w C:\Program Files\Zero G Registry
2008-03-09 08:22 --------- d-----w C:\Program Files\Smart Projects
2008-03-08 23:11 --------- d-----w C:\Program Files\BitComet
2008-03-07 12:06 --------- d-----w C:\Program Files\Shareaza Applications
2008-03-07 04:37 --------- d-----w C:\Program Files\Astonsoft
2008-03-07 04:37 --------- d-----w C:\Documents and Settings\Annie\Application Data\DeepBurner
2008-03-06 22:00 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-06 22:00 --------- d-----w C:\Documents and Settings\Annie\Application Data\Microsoft Web Folders
2008-03-03 07:12 --------- d-----w C:\Program Files\TweakDUN
2008-03-03 07:08 --------- d-----w C:\Program Files\Macrogaming
2008-03-02 21:28 --------- d-----w C:\Program Files\Google
2008-03-02 18:42 --------- d-----w C:\Program Files\DivX
2008-03-02 18:32 --------- d-----w C:\Program Files\Real
2008-03-02 18:32 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-03-02 18:32 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-03-02 17:01 --------- d-----w C:\Program Files\AIDA32 - Enterprise System Information
2008-03-01 12:58 826,368 ----a-w C:\windows\system32\wininet.dll
2008-03-01 11:03 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-03-01 10:44 499,712 ----a-w C:\windows\system32\msvcp71.dll
2008-03-01 10:44 348,160 ----a-w C:\windows\system32\msvcr71.dll
2008-03-01 10:44 --------- d-----w C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\AVG7
2008-02-29 17:58 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-02-20 06:51 282,624 ----a-w C:\windows\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\windows\system32\dnsrslvr.dll
2008-02-01 09:17 587,264 ----a-w C:\windows\WLXPGSS.SCR
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6156A32A-C512-4e23-AA9A-2315F4265681}]
2008-04-09 17:35 333824 --a------ C:\windows\system32\myss_sb.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\windows\system32\ctfmon.exe" [2004-08-04 01:54 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-04 00:18 68856]
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 18:49 4739072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtiPTA"="atiptaxx.exe" [2002-04-11 23:06 282624 C:\WINDOWS\system32\atiptaxx.exe]
"TweakDUN"="C:\Program Files\TweakDUN\tweakdun.exe" [2001-09-20 00:29 720896]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-03-02 20:32 185896]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [ ]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-10 19:27 579072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2004-08-04 01:54 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-04-10 19:27 219136]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Neuf\\Kit\\9mail.exe"=
"C:\\Program Files\\Neuf\\Kit\\9props.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\Shareaza\\skin.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"23749:TCP"= 23749:TCP:BitComet 23749 TCP
"23749:UDP"= 23749:UDP:BitComet 23749 UDP
"6346:TCP"= 6346:TCP:shareaza
"6346:UDP"= 6346:UDP:shareaza

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R1 VIAPFD;VIAPFD;C:\windows\system32\Drivers\VIAPFD.SYS [2001-12-18 14:45]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05f1c5ac-ff36-11dc-8fdc-0030bd079dca}]
\Shell\AutoRun\command - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-11 16:50:06
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\snmp.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-11 16:53:08 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-11 14:52:49
Pre-Run: 42,558,353,408 octets libres
Post-Run: 42,488,393,728 octets libres
.
2008-04-11 12:00:56 --- E O F ---


Merci pour tout cette patience ;)

Voilà j'ai crée le fichier CFScript comme tu me l'as indiqué (je n'ai pas mis l'extension.txt) Voic donc le rapport de Combofix :

ComboFix 08-04-10.9 - Annie 2008-04-11 18:20:53.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.660 [GMT 2:00]
Endroit: C:\Documents and Settings\Annie\Bureau\Killbagle.exe
Command switches used :: C:\Documents and Settings\Annie\Bureau\CFScript
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\windows\system32\mysidesearch_sidebar_uninstall.exe
C:\windows\system32\myss_sb.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\windows\system32\mysidesearch_sidebar_uninstall.exe
C:\windows\system32\myss_sb.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-11 to 2008-04-11 ))))))))))))))))))))))))))))))))))))
.

2008-04-11 11:38 . 2008-04-11 11:38 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-11 11:33 . 2008-04-11 11:48 <REP> d-------- C:\SDFix
2008-04-11 11:16 . 2008-04-11 11:16 <REP> d--h----- C:\Documents and Settings\Administrateur.COUL-Y7GSZEPKKF\Modèles
2008-04-11 11:16 . 2008-04-11 11:16 <REP> d-------- C:\Documents and Settings\Administrateur.COUL-Y7GSZEPKKF\Menu Démarrer
2008-04-11 11:16 . 2008-04-11 11:16 <REP> dr------- C:\Documents and Settings\Administrateur.COUL-Y7GSZEPKKF\Favoris
2008-04-11 11:16 . 2008-04-11 11:16 <REP> d-------- C:\Documents and Settings\Administrateur.COUL-Y7GSZEPKKF\Bureau
2008-04-10 18:56 . 2008-04-10 18:56 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-04-10 18:54 . 2008-04-10 18:55 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-04-10 18:31 . 2008-04-10 18:31 <REP> d-------- C:\54ab825a422f0185fe441f67f3
2008-04-10 16:35 . 2007-07-01 05:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-10 16:35 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-10 16:35 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-10 16:35 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-10 16:34 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-10 16:34 . 2007-07-01 05:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-10 16:34 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-04-10 16:34 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-10 16:34 . 2006-10-27 15:09 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-04-10 16:34 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-10 16:31 . 2008-04-10 16:31 <REP> d-------- C:\39d5d18f1a5b757a6dba
2008-04-10 14:17 . 2008-04-10 14:17 <REP> d-------- C:\_OTMoveIt
2008-04-10 10:38 . 2008-04-11 02:12 <REP> d-------- C:\Program Files\Hijackthis Version Française
2008-04-10 01:24 . 2008-04-10 01:24 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-04-10 01:24 . 2008-04-10 01:24 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-04-10 01:23 . 2008-04-10 01:23 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-04-10 01:23 . 2008-04-10 01:23 <REP> d-------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-04-10 01:16 . 2008-04-10 01:16 89,070 --a------ C:\WINDOWS\system32\myss_sb_uninstall.exe
2008-04-09 10:36 . 2008-04-11 01:51 <REP> d-------- C:\Program Files\MSNFix
2008-04-09 00:28 . 2008-04-09 00:28 <REP> d-------- C:\VundoFix Backups
2008-04-09 00:21 . 2008-04-09 00:22 <REP> d-------- C:\Program Files\Windows Live Safety Center
2008-04-07 19:08 . 2008-04-07 19:08 <REP> d-------- C:\Documents and Settings\Annie\Application Data\Grisoft
2008-04-07 19:00 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-04-07 18:32 . 2008-04-10 19:27 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-04-07 16:10 . 2008-04-07 16:10 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2008-04-07 14:15 . 2008-04-07 14:15 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Emjysoft
2008-04-07 14:14 . 2008-04-07 14:14 <REP> d-------- C:\Program Files\Emjysoft
2008-04-07 11:37 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-04-07 11:36 . 2008-04-07 11:36 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-06 10:31 . 2008-04-06 10:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-04-06 09:59 . 2008-04-06 09:59 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-04-03 22:31 . 2006-10-04 16:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-04-03 22:31 . 2006-10-04 16:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-04-03 22:31 . 2006-10-04 16:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-04-03 22:30 . 2008-04-03 22:30 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-03-31 17:20 . 2004-08-04 01:54 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-03-29 21:52 . 2008-03-29 21:52 22 --a------ C:\WINDOWS\system32\ati64hl2.stb
2008-03-24 09:51 . 2008-03-24 09:51 <REP> d-------- C:\Films
2008-03-24 09:51 . 2008-04-03 23:11 <REP> d-------- C:\ANNIE
2008-03-22 20:33 . 2008-03-24 09:52 <REP> d-------- C:\Program Files\IrfanView
2008-03-22 20:27 . 2008-03-22 20:27 <REP> d-------- C:\Documents and Settings\Annie\Application Data\Leadertech
2008-03-22 12:14 . 2008-04-03 22:31 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-03-22 12:13 . 2008-04-03 22:30 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-03-20 21:03 . 2008-03-20 21:03 <REP> d-------- C:\Program Files\Shareaza
2008-03-20 01:04 . 2008-03-20 01:04 230,454 --a------ C:\WINDOWS\system32\a3.bmp
2008-03-15 01:34 . 2008-03-15 01:34 <REP> d-------- C:\Program Files\Easy cleaner
2008-03-15 01:10 . 2008-03-15 01:10 <REP> d-------- C:\Program Files\Languages
2008-03-15 01:10 . 2008-03-15 01:10 <REP> d-------- C:\Program Files\Helps
2008-03-11 11:45 . 2008-02-22 03:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-11 11:27 . 2008-03-11 11:26 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-03-11 11:23 . 2008-03-11 11:23 <REP> d-------- C:\WINDOWS\Sun
2008-03-11 11:22 . 2008-03-11 11:45 <REP> d-------- C:\Program Files\Java
2008-03-11 11:22 . 2008-03-11 11:22 <REP> d-------- C:\Program Files\Fichiers communs\Java

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-11 06:00 --------- d-----w C:\Documents and Settings\Annie\Application Data\AVG7
2008-04-10 17:27 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\avg7
2008-04-09 12:02 --------- d-----w C:\Program Files\Windows Live
2008-04-07 09:51 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2008-03-23 10:45 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-23 10:45 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-03-20 19:03 --------- d-----w C:\Documents and Settings\Annie\Application Data\Shareaza
2008-03-20 08:09 1,845,376 ----a-w C:\windows\system32\win32k.sys
2008-03-12 12:42 --------- d-----w C:\Program Files\Weight Watchers FlexiPoints
2008-03-11 20:19 155,995 ----a-w C:\windows\java\Packages\KWHR7ZPZ.ZIP
2008-03-09 09:50 --------- d-----w C:\Program Files\Trend Micro
2008-03-09 09:27 --------- d--h--w C:\Program Files\Zero G Registry
2008-03-09 08:22 --------- d-----w C:\Program Files\Smart Projects
2008-03-08 23:11 --------- d-----w C:\Program Files\BitComet
2008-03-07 12:06 --------- d-----w C:\Program Files\Shareaza Applications
2008-03-07 04:37 --------- d-----w C:\Program Files\Astonsoft
2008-03-07 04:37 --------- d-----w C:\Documents and Settings\Annie\Application Data\DeepBurner
2008-03-06 22:00 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-06 22:00 --------- d-----w C:\Documents and Settings\Annie\Application Data\Microsoft Web Folders
2008-03-03 07:12 --------- d-----w C:\Program Files\TweakDUN
2008-03-03 07:08 --------- d-----w C:\Program Files\Macrogaming
2008-03-02 21:28 --------- d-----w C:\Program Files\Google
2008-03-02 18:42 --------- d-----w C:\Program Files\DivX
2008-03-02 18:32 --------- d-----w C:\Program Files\Real
2008-03-02 18:32 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-03-02 18:32 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-03-02 17:01 --------- d-----w C:\Program Files\AIDA32 - Enterprise System Information
2008-03-01 12:58 826,368 ----a-w C:\windows\system32\wininet.dll
2008-03-01 11:03 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-03-01 10:44 499,712 ----a-w C:\windows\system32\msvcp71.dll
2008-03-01 10:44 348,160 ----a-w C:\windows\system32\msvcr71.dll
2008-03-01 10:44 --------- d-----w C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\AVG7
2008-02-29 17:58 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-02-20 06:51 282,624 ----a-w C:\windows\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\windows\system32\dnsrslvr.dll
2008-02-01 09:17 587,264 ----a-w C:\windows\WLXPGSS.SCR
.

((((((((((((((((((((((((((((( snapshot@2008-04-11_16.52.26.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-11 16:17:07 16,384 ----atw C:\windows\Temp\Perflib_Perfdata_7a4.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\windows\system32\ctfmon.exe" [2004-08-04 01:54 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-04 00:18 68856]
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 18:49 4739072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtiPTA"="atiptaxx.exe" [2002-04-11 23:06 282624 C:\WINDOWS\system32\atiptaxx.exe]
"TweakDUN"="C:\Program Files\TweakDUN\tweakdun.exe" [2001-09-20 00:29 720896]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-03-02 20:32 185896]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 12:45 63712]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-10 19:27 579072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2004-08-04 01:54 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-04-10 19:27 219136]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-18 00:05:56 65588]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Neuf\\Kit\\9mail.exe"=
"C:\\Program Files\\Neuf\\Kit\\9props.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\Shareaza\\skin.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"23749:TCP"= 23749:TCP:BitComet 23749 TCP
"23749:UDP"= 23749:UDP:BitComet 23749 UDP
"6346:TCP"= 6346:TCP:shareaza
"6346:UDP"= 6346:UDP:shareaza

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R1 VIAPFD;VIAPFD;C:\windows\system32\Drivers\VIAPFD.SYS [2001-12-18 14:45]

.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-11 18:22:33
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-04-11 18:23:23
ComboFix-quarantined-files.txt 2008-04-11 16:23:04
ComboFix2.txt 2008-04-11 14:53:09
Pre-Run: 42,458,509,312 octets libres
Post-Run: 42,448,150,528 octets libres
.
2008-04-11 12:00:56 --- E O F ---

Et voici le nouveau rapport Hijckthis :

Logfile of HijackThis v1.99.1
Scan saved at 18:35:26, on 11/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\atiptaxx.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\windows\System32\tcpsvcs.exe
C:\windows\System32\snmp.exe
C:\windows\System32\svchost.exe
C:\windows\system32\devldr32.exe
C:\windows\System32\svchost.exe
C:\windows\system32\wscntfy.exe
C:\windows\system32\notepad.exe
C:\windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [TweakDUN] C:\Program Files\TweakDUN\tweakdun.exe splash
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Par contre pourquoi dans le rapport de msnfix j'avais d' indiqué

!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\windows\system32\spoolsv(2).exe] B4EF928E4FAD79364A80ACBA6D999934

[color=#FF0000][b]==>/b/color SVP merci d'envoyer le fichier [b] C:\DOCUME~1\Annie\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr

Est ce que ca veut dire spoolsv(2) est un virus?

ouppps c'est encore moi.......

J'ai analysé comme tu m'as dit le fichier C:\windows\system32\spoolsv(2).exe]
en allant sur https://www.virustotal.com/gui/ et voici ce qu'il m'a fait comme rapport :


Fichier spoolsv_2_.exe reçu le 2008.04.09 20:23:11 (CET)
Situation actuelle: terminé

Résultat: 1/32 (3.12%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.9.0 2008.04.09 -
AntiVir 7.6.0.81 2008.04.09 -
Authentium 4.93.8 2008.04.09 -
Avast 4.8.1169.0 2008.04.09 -
AVG 7.5.0.516 2008.04.09 -
BitDefender 7.2 2008.04.09 -
CAT-QuickHeal 9.50 2008.04.08 -
ClamAV 0.92.1 2008.04.09 -
DrWeb 4.44.0.09170 2008.04.09 -
eSafe 7.0.15.0 2008.04.09 -
eTrust-Vet 31.3.5684 2008.04.09 -
Ewido 4.0 2008.04.09 -
F-Prot 4.4.2.54 2008.04.08 -
F-Secure 6.70.13260.0 2008.04.09 -
FileAdvisor 1 2008.04.09 No threat detected, but known vulnerabilities exist
Fortinet 3.14.0.0 2008.04.09 -
Ikarus T3.1.1.26 2008.04.09 -
Kaspersky 7.0.0.125 2008.04.09 -
McAfee 5270 2008.04.09 -
Microsoft 1.3408 2008.04.09 -
NOD32v2 3014 2008.04.09 -
Norman 5.80.02 2008.04.09 -
Panda 9.0.0.4 2008.04.08 -
Prevx1 V2 2008.04.09 -
Rising 20.39.12.00 2008.04.08 -
Sophos 4.28.0 2008.04.09 -
Sunbelt 3.0.1032.0 2008.04.08 -
Symantec 10 2008.04.09 -
TheHacker 6.2.92.269 2008.04.09 -
VBA32 3.12.6.4 2008.04.06 -
VirusBuster 4.3.26:9 2008.04.09 -
Webwasher-Gateway 6.6.2 2008.04.09 -
Information additionnelle
File size: 57856 bytes
MD5...: b4ef928e4fad79364a80acba6d999934
SHA1..: 80b08e9edd4edb697688e2d1266241569999a277
SHA256: f85b656091995c3a6916ee94160732f52a3b5e9387a27ead3c740fda92363936
SHA512: 445f7e9f1e34422a5cf7e906757e096eb1dbde8af3c1e73ed852b8179d573434
110b758a2a42b68633e40ce0db1699f8119cebb0ff1eccb4dd1c41fcb5304428
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x100637a
timedatestamp.....: 0x41107eb4 (Wed Aug 04 06:14:12 2004)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xba30 0xbc00 5.96 6b6d77f62f681e85b31f1d9c22531a38
.data 0xd000 0x138c 0x1400 2.23 c5a21bf1e7d86df2c21db3ef5c7e28ac
.rsrc 0xf000 0xc78 0xe00 6.19 379eff6fefd381cd4ad70f1dde3b3161

( 6 imports )
> msvcrt.dll: __initenv, _exit, __getmainargs, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _controlfp, _XcptFilter, wcsrchr, wcslen, _c_exit, _stricmp, _wcsnicmp, _except_handler3
> ADVAPI32.dll: SetServiceStatus, RegQueryValueExW, AllocateAndInitializeSid, FreeSid, InitializeSecurityDescriptor, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, GetLengthSid, InitializeAcl, AddAccessAllowedAce, AddAccessDeniedAce, GetAce, SetSecurityDescriptorDacl, GetSecurityDescriptorLength, MakeSelfRelativeSD, RegDisablePredefinedCache, RegOpenKeyExW, RegCloseKey, RegisterServiceCtrlHandlerExW, StartServiceCtrlDispatcherW
> KERNEL32.dll: GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, GetCurrentProcessId, SetUnhandledExceptionFilter, GetModuleHandleA, GetCurrentThreadId, GetTickCount, UnhandledExceptionFilter, QueryPerformanceCounter, FreeLibrary, InterlockedExchange, GetModuleHandleW, GetLastError, ExitThread, CloseHandle, WaitForSingleObject, CreateEventW, CreateThread, ExitProcess, Sleep, OpenEventW, LoadLibraryA, InitializeCriticalSection, LocalFree, LocalAlloc, SetEvent, LeaveCriticalSection, EnterCriticalSection, SetLastError, OpenProcess, InterlockedIncrement, RaiseException, InterlockedDecrement, GetProcAddress, GetSystemDirectoryW
> GDI32.dll: bMakePathNameW, GdiInitSpool, GdiGetSpoolMessage
> RPCRT4.dll: RpcServerRegisterIf2, I_RpcBindingIsClientLocal, I_RpcSessionStrictContextHandle, RpcRaiseException, RpcImpersonateClient, RpcRevertToSelf, NdrServerCall2, RpcServerUseProtseqEpA, I_RpcSsDontSerializeContext, RpcMgmtSetServerStackSize, RpcServerListen
> ntdll.dll: RtlValidRelativeSecurityDescriptor

( 12 exports )
YDriverUnloadComplete, YEndDocPrinter, YFlushPrinter, YGetPrinter, YGetPrinterDriver2, YGetPrinterDriverDirectory, YReadPrinter, YSeekPrinter, YSetJob, YSetPort, YSplReadPrinter, YWritePrinter

Bit9 info: http://fileadvisor.bit9.com/services/extinfo.aspx?md5=b4ef928e4fad79364a80acba6d999934


Peux tu me confirmer si je dois le virer car FileAdvisor a écrit un truc bizarre?

Tres bonne soirée a toi.. Tchusss

Je te poste maintenant le rapport fait avec navilo1 :

Search Navipromo version 3.5.3 commencé le 12/04/2008 à 18:36:50,77

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Annie"

Mise à jour le 09.04.2008 à 20h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\windows ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1 ***




*** Recherche dossiers dans "C:\Documents and Settings\Annie\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\Annie\locals~1\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\Annie\menudm~1\progra~1" ***


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\windows\system32 *

* Recherche dans "C:\Documents and Settings\Annie\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1.COU\locals~1\applic~1" *



*** Recherche fichiers ***




*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans C:\windows\system32 :


* Dans "C:\Documents and Settings\Annie\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1.COU\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 12/04/2008 à 18:39:30,88 ***

Ca y est désinstaller avg pour mettre a la place Antivir :

Voici le rapport qu'il m'a fait ;



AntiVir PersonalEdition Classic
Report file date: samedi 12 avril 2008 20:57

Scanning for 1198942 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: COUL-Y7GSZEPKKF

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 18:56:48
ANTIVIR2.VDF : 7.0.3.156 795136 Bytes 11/04/2008 18:56:48
ANTIVIR3.VDF : 7.0.3.158 61952 Bytes 11/04/2008 18:56:48
AVEWIN32.DLL : 7.6.0.85 3461632 Bytes 12/04/2008 18:56:49
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 12/04/2008 18:56:49
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: samedi 12 avril 2008 20:57

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'devldr32.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'snmp.exe' - '1' Module(s) have been scanned
Scan process 'tcpsvcs.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
34 processes with 34 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '13' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!


End of the scan: samedi 12 avril 2008 21:24
Used time: 27:01 min

The scan has been done completely.

3122 Scanning directories
151593 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
151593 Files not concerned
805 Archives were scanned
2 Warnings
0 Notes


Pour info, j'ai déjà d'installer CCleaner, Malvayrebytes Ant-Malvware, AVG anti spywares le pare feu de windows et Antir. Dois je quand meme installer Ad aware ?

Et ma dernière question pourquoi je garder Antivi plutot que AVG? Car j'ai plein de trojan qui ont été mis en quarantaine alors qu'a l'époque j'avais Antivir et il ne m'avait rien détecté....

Bonne soirée

SAlut jlplp!!!

Ok merci toute la patience que tu a eu pour me donner toutes ces infos.

Très très bonne soirée a toi... Je vais aller maintenant dans un autre salons pour savoir s'il y a une solution a mon pb sur live messenger...

Très bonne soirée à toi et encore MERCI !!!!!!!!