Publicités intempestives Cid [Résolu]

Depuis quelques semaines j'ai des fenetres publicitaires Cid qui apparaissent.
J'ai fait une analyse avec Spybot mais ça n'a rien donné (je serais pas ici sinon )

De plus dès que j'allume le PC j'ai 2 processus iexplore.exe qui sont démarrés et que je n'arrive pas a supprimer.

Merci d'avance pour votre aide.

Voici Le Rapport Lop S&D

-----------------------------[ Lop S&D 2.2.2 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Matthieu ] [ "C:\Program Files\Lop SD" ]
[ 01/02/2008 | 19:31:41,92 ] [ PC : FOUCAULT-AA7069 ]
[ MAJ : 31-01-2008 | 22:40 ]

-------------[ Listing des dossiers dans Application Data ]------------

[02/10/2007|19:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[02/10/2007|19:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[31/08/2007|14:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/10/2007|19:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[31/08/2007|15:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[01/02/2008|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[01/02/2008|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[28/09/2007|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[31/08/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/09/2007|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[01/11/2007|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/11/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[31/08/2007|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[31/08/2007|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/02/2008|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[26/01/2008|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[01/09/2007|16:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lionhead Studios
[18/01/2008|12:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[01/09/2007|09:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/09/2007|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[22/09/2007|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[01/09/2007|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[01/02/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/01/2008|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
[31/08/2007|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[02/10/2007|19:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[02/10/2007|19:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[31/08/2007|14:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/10/2007|19:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[31/08/2007|15:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[31/08/2007|15:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[31/08/2007|15:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[05/10/2007|19:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[01/02/2008|17:55] C:\DOCUME~1\Matthieu\APPLIC~1\.
[01/02/2008|17:55] C:\DOCUME~1\Matthieu\APPLIC~1\..
[09/09/2007|13:46] C:\DOCUME~1\Matthieu\APPLIC~1\Adobe
[15/09/2007|10:51] C:\DOCUME~1\Matthieu\APPLIC~1\Ahead
[31/08/2007|14:28] C:\DOCUME~1\Matthieu\APPLIC~1\desktop.ini
[02/09/2007|13:50] C:\DOCUME~1\Matthieu\APPLIC~1\Google
[17/01/2008|18:16] C:\DOCUME~1\Matthieu\APPLIC~1\Gpl Bib
[02/12/2007|12:56] C:\DOCUME~1\Matthieu\APPLIC~1\Help
[31/08/2007|15:45] C:\DOCUME~1\Matthieu\APPLIC~1\Identities
[01/09/2007|11:32] C:\DOCUME~1\Matthieu\APPLIC~1\InstallShield
[22/10/2007|16:51] C:\DOCUME~1\Matthieu\APPLIC~1\LEGO Company
[01/09/2007|16:28] C:\DOCUME~1\Matthieu\APPLIC~1\Lionhead Studios
[31/08/2007|17:02] C:\DOCUME~1\Matthieu\APPLIC~1\Macromedia
[02/11/2007|15:52] C:\DOCUME~1\Matthieu\APPLIC~1\Media Player Classic
[13/11/2007|16:20] C:\DOCUME~1\Matthieu\APPLIC~1\Microsoft
[31/08/2007|18:31] C:\DOCUME~1\Matthieu\APPLIC~1\Mozilla
[06/11/2007|09:10] C:\DOCUME~1\Matthieu\APPLIC~1\Sierra
[01/09/2007|11:02] C:\DOCUME~1\Matthieu\APPLIC~1\Sony Corporation
[11/09/2007|07:06] C:\DOCUME~1\Matthieu\APPLIC~1\Sun
[02/09/2007|17:07] C:\DOCUME~1\Matthieu\APPLIC~1\teamspeak2
[01/09/2007|09:44] C:\DOCUME~1\Matthieu\APPLIC~1\WinRAR

[31/08/2007|15:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[31/08/2007|15:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[31/08/2007|15:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[01/02/2008 19:00][--ah-----] C:\WINDOWS\tasks\AFD3C4C991BC7B95.job [--274--]
[01/11/2007 11:45][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
[01/02/2008 18:54][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[01/02/2008|19:31] C:\Program Files\Lop SD
[01/02/2008|19:31] C:\Program Files\..
[01/02/2008|19:31] C:\Program Files\.
[01/02/2008|18:27] C:\Program Files\eMule
[01/02/2008|17:59] C:\Program Files\Spybot - Search & Destroy
[26/01/2008|11:31] C:\Program Files\CCleaner
[25/01/2008|17:53] C:\Program Files\InstallShield Installation Information
[18/01/2008|08:09] C:\Program Files\Lionhead Studios
[17/01/2008|18:15] C:\Program Files\Gpl Bib
[17/01/2008|18:15] C:\Program Files\MSN Messenger
[12/01/2008|19:33] C:\Program Files\LucasArts
[06/01/2008|16:40] C:\Program Files\directx
[06/01/2008|16:37] C:\Program Files\Activision Value
[06/01/2008|11:52] C:\Program Files\THQ
[06/01/2008|11:30] C:\Program Files\Sony
[29/12/2007|15:25] C:\Program Files\Bethesda Softworks
[28/12/2007|18:53] C:\Program Files\Electronic Arts
[25/12/2007|19:49] C:\Program Files\TrackMania Nations ESWC
[12/12/2007|20:01] C:\Program Files\Internet Explorer
[08/12/2007|15:28] C:\Program Files\Ripp-it_AM
[16/11/2007|18:28] C:\Program Files\Micro Application
[06/11/2007|09:01] C:\Program Files\Sierra
[02/11/2007|15:51] C:\Program Files\K-Lite Codec Pack
[01/11/2007|11:46] C:\Program Files\QuickTime
[01/11/2007|11:45] C:\Program Files\Apple Software Update
[22/10/2007|16:51] C:\Program Files\LEGO Company
[19/10/2007|20:57] C:\Program Files\SlySoft
[19/10/2007|17:31] C:\Program Files\Java
[29/09/2007|17:35] C:\Program Files\Ripp-It Codec Pack
[29/09/2007|17:29] C:\Program Files\AviSynth 2.5
[17/09/2007|17:09] C:\Program Files\TmSunrise
[15/09/2007|14:06] C:\Program Files\Windows Media Player
[15/09/2007|12:10] C:\Program Files\Webshots
[15/09/2007|12:02] C:\Program Files\Windows Media Connect 2
[04/09/2007|09:42] C:\Program Files\WarRock
[01/09/2007|16:22] C:\Program Files\Lionhead Studios Ltd
[01/09/2007|14:44] C:\Program Files\MSXML 4.0
[01/09/2007|12:22] C:\Program Files\Lexmark 6200 Series
[01/09/2007|10:55] C:\Program Files\Fichiers communs
[01/09/2007|10:37] C:\Program Files\Nero
[01/09/2007|09:44] C:\Program Files\WinRAR
[01/09/2007|09:41] C:\Program Files\SLD Codec Pack
[31/08/2007|21:39] C:\Program Files\Mozilla Firefox
[31/08/2007|21:30] C:\Program Files\AbiSuite2
[31/08/2007|21:17] C:\Program Files\Adobe
[31/08/2007|21:16] C:\Program Files\Google
[31/08/2007|20:28] C:\Program Files\Webteh
[31/08/2007|17:24] C:\Program Files\CursorXP
[31/08/2007|17:19] C:\Program Files\Messenger
[31/08/2007|17:18] C:\Program Files\Outlook Express
[31/08/2007|16:57] C:\Program Files\Alwil Software
[31/08/2007|16:22] C:\Program Files\ASUSTeK
[31/08/2007|16:11] C:\Program Files\MSN
[31/08/2007|16:05] C:\Program Files\Analog Devices
[31/08/2007|16:03] C:\Program Files\DIFX
[31/08/2007|15:48] C:\Program Files\Services en ligne
[31/08/2007|15:44] C:\Program Files\Uninstall Information
[31/08/2007|15:40] C:\Program Files\xerox
[31/08/2007|15:40] C:\Program Files\microsoft frontpage
[31/08/2007|15:38] C:\Program Files\WindowsUpdate
[31/08/2007|15:37] C:\Program Files\NetMeeting
[31/08/2007|15:37] C:\Program Files\Movie Maker
[31/08/2007|15:36] C:\Program Files\ComPlus Applications
[31/08/2007|15:36] C:\Program Files\MSN Gaming Zone
[31/08/2007|15:35] C:\Program Files\Windows NT

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[01/09/2007|10:56] C:\Program Files\Fichiers communs\Sony Shared
[01/09/2007|10:55] C:\Program Files\Fichiers communs\..
[01/09/2007|10:55] C:\Program Files\Fichiers communs\.
[01/09/2007|10:55] C:\Program Files\Fichiers communs\InstallShield
[01/09/2007|10:40] C:\Program Files\Fichiers communs\Ahead
[01/09/2007|09:43] C:\Program Files\Fichiers communs\Java
[31/08/2007|21:17] C:\Program Files\Fichiers communs\Adobe
[31/08/2007|17:18] C:\Program Files\Fichiers communs\System
[31/08/2007|17:09] C:\Program Files\Fichiers communs\Microsoft Shared
[31/08/2007|15:37] C:\Program Files\Fichiers communs\Services
[31/08/2007|15:37] C:\Program Files\Fichiers communs\MSSoap
[31/08/2007|14:28] C:\Program Files\Fichiers communs\ODBC
[31/08/2007|14:28] C:\Program Files\Fichiers communs\SpeechEngines

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default\free tool.exe
C:\WINDOWS\Tasks\AFD3C4C991BC7B95.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"warn default inter for"="C:\\Documents and Settings\\All Users\\Application Data\\Time Dead Warn Default\\free tool.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 19:32:29
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:141][Doss:10] C:\DOCUME~1\Matthieu\LOCALS~1\Temp
/!\ [Fich:135][Doss:0] C:\DOCUME~1\Matthieu\Cookies
/!\ [Fich:5869][Doss:8] C:\DOCUME~1\Matthieu\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:32:41,35 ]----------------------

<<<<<Et le rapport Hijackthis>>>>>>

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:38:54, on 01/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [warn default inter for] C:\Documents and Settings\All Users\Application Data\Time Dead Warn Default\free tool.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AnteWarn] C:\DOCUME~1\Matthieu\APPLIC~1\GPLBIB~1\purethird.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/re [...] oscan8.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O24 - Desktop Component 0: (no name) - http://static.v41.skyrock.com/img/m/blog/photo.png

--
End of file - 8440 bytes

Message édité par drazhar37 le 01-02-2008 à 22:23:05

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

bonsoir

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

Voici le rapport apres suppression

-----------------------------[ Lop S&D 2.2.2 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Matthieu ] [ "C:\Program Files\Lop SD" ]
[ 01/02/2008 | 21:29:06,53 ] [ PC : FOUCAULT-AA7069 ]
[ MAJ : 31-01-2008 | 22:40 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default\free tool.exe
Supprimé! - C:\WINDOWS\Tasks\AFD3C4C991BC7B95.job
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

[02/10/2007|19:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[02/10/2007|19:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[31/08/2007|14:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/10/2007|19:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[31/08/2007|15:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[01/02/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[01/02/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[28/09/2007|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[01/02/2008|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[31/08/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/09/2007|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[01/11/2007|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/11/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/02/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[31/08/2007|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[31/08/2007|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/02/2008|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[26/01/2008|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[01/09/2007|16:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lionhead Studios
[18/01/2008|12:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[01/09/2007|09:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/09/2007|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[22/09/2007|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[01/09/2007|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[01/02/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[31/08/2007|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[02/10/2007|19:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[02/10/2007|19:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[31/08/2007|14:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/10/2007|19:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[31/08/2007|15:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[31/08/2007|15:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[31/08/2007|15:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[05/10/2007|19:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[01/02/2008|17:55] C:\DOCUME~1\Matthieu\APPLIC~1\.
[01/02/2008|17:55] C:\DOCUME~1\Matthieu\APPLIC~1\..
[01/02/2008|20:03] C:\DOCUME~1\Matthieu\APPLIC~1\Adobe
[15/09/2007|10:51] C:\DOCUME~1\Matthieu\APPLIC~1\Ahead
[31/08/2007|14:28] C:\DOCUME~1\Matthieu\APPLIC~1\desktop.ini
[02/09/2007|13:50] C:\DOCUME~1\Matthieu\APPLIC~1\Google
[01/02/2008|21:25] C:\DOCUME~1\Matthieu\APPLIC~1\Gpl Bib
[02/12/2007|12:56] C:\DOCUME~1\Matthieu\APPLIC~1\Help
[31/08/2007|15:45] C:\DOCUME~1\Matthieu\APPLIC~1\Identities
[01/09/2007|11:32] C:\DOCUME~1\Matthieu\APPLIC~1\InstallShield
[22/10/2007|16:51] C:\DOCUME~1\Matthieu\APPLIC~1\LEGO Company
[01/09/2007|16:28] C:\DOCUME~1\Matthieu\APPLIC~1\Lionhead Studios
[31/08/2007|17:02] C:\DOCUME~1\Matthieu\APPLIC~1\Macromedia
[02/11/2007|15:52] C:\DOCUME~1\Matthieu\APPLIC~1\Media Player Classic
[13/11/2007|16:20] C:\DOCUME~1\Matthieu\APPLIC~1\Microsoft
[31/08/2007|18:31] C:\DOCUME~1\Matthieu\APPLIC~1\Mozilla
[06/11/2007|09:10] C:\DOCUME~1\Matthieu\APPLIC~1\Sierra
[01/09/2007|11:02] C:\DOCUME~1\Matthieu\APPLIC~1\Sony Corporation
[11/09/2007|07:06] C:\DOCUME~1\Matthieu\APPLIC~1\Sun
[02/09/2007|17:07] C:\DOCUME~1\Matthieu\APPLIC~1\teamspeak2
[01/09/2007|09:44] C:\DOCUME~1\Matthieu\APPLIC~1\WinRAR

[31/08/2007|15:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[31/08/2007|15:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[31/08/2007|15:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[01/11/2007 11:45][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
[01/02/2008 18:54][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[01/02/2008|21:29] C:\Program Files\Lop SD
[01/02/2008|21:27] C:\Program Files\Mozilla Firefox
[01/02/2008|20:25] C:\Program Files\..
[01/02/2008|20:25] C:\Program Files\.
[01/02/2008|20:25] C:\Program Files\Avira
[01/02/2008|19:49] C:\Program Files\eMule
[01/02/2008|19:38] C:\Program Files\Trend Micro
[01/02/2008|17:59] C:\Program Files\Spybot - Search & Destroy
[26/01/2008|11:31] C:\Program Files\CCleaner
[25/01/2008|17:53] C:\Program Files\InstallShield Installation Information
[18/01/2008|08:09] C:\Program Files\Lionhead Studios
[17/01/2008|18:15] C:\Program Files\Gpl Bib
[17/01/2008|18:15] C:\Program Files\MSN Messenger
[12/01/2008|19:33] C:\Program Files\LucasArts
[06/01/2008|16:40] C:\Program Files\directx
[06/01/2008|16:37] C:\Program Files\Activision Value
[06/01/2008|11:52] C:\Program Files\THQ
[06/01/2008|11:30] C:\Program Files\Sony
[29/12/2007|15:25] C:\Program Files\Bethesda Softworks
[28/12/2007|18:53] C:\Program Files\Electronic Arts
[25/12/2007|19:49] C:\Program Files\TrackMania Nations ESWC
[12/12/2007|20:01] C:\Program Files\Internet Explorer
[08/12/2007|15:28] C:\Program Files\Ripp-it_AM
[16/11/2007|18:28] C:\Program Files\Micro Application
[06/11/2007|09:01] C:\Program Files\Sierra
[02/11/2007|15:51] C:\Program Files\K-Lite Codec Pack
[01/11/2007|11:46] C:\Program Files\QuickTime
[01/11/2007|11:45] C:\Program Files\Apple Software Update
[22/10/2007|16:51] C:\Program Files\LEGO Company
[19/10/2007|20:57] C:\Program Files\SlySoft
[19/10/2007|17:31] C:\Program Files\Java
[29/09/2007|17:35] C:\Program Files\Ripp-It Codec Pack
[29/09/2007|17:29] C:\Program Files\AviSynth 2.5
[17/09/2007|17:09] C:\Program Files\TmSunrise
[15/09/2007|14:06] C:\Program Files\Windows Media Player
[15/09/2007|12:10] C:\Program Files\Webshots
[15/09/2007|12:02] C:\Program Files\Windows Media Connect 2
[04/09/2007|09:42] C:\Program Files\WarRock
[01/09/2007|16:22] C:\Program Files\Lionhead Studios Ltd
[01/09/2007|14:44] C:\Program Files\MSXML 4.0
[01/09/2007|12:22] C:\Program Files\Lexmark 6200 Series
[01/09/2007|10:55] C:\Program Files\Fichiers communs
[01/09/2007|10:37] C:\Program Files\Nero
[01/09/2007|09:44] C:\Program Files\WinRAR
[01/09/2007|09:41] C:\Program Files\SLD Codec Pack
[31/08/2007|21:30] C:\Program Files\AbiSuite2
[31/08/2007|21:17] C:\Program Files\Adobe
[31/08/2007|21:16] C:\Program Files\Google
[31/08/2007|20:28] C:\Program Files\Webteh
[31/08/2007|17:24] C:\Program Files\CursorXP
[31/08/2007|17:19] C:\Program Files\Messenger
[31/08/2007|17:18] C:\Program Files\Outlook Express
[31/08/2007|16:57] C:\Program Files\Alwil Software
[31/08/2007|16:22] C:\Program Files\ASUSTeK
[31/08/2007|16:11] C:\Program Files\MSN
[31/08/2007|16:05] C:\Program Files\Analog Devices
[31/08/2007|16:03] C:\Program Files\DIFX
[31/08/2007|15:48] C:\Program Files\Services en ligne
[31/08/2007|15:44] C:\Program Files\Uninstall Information
[31/08/2007|15:40] C:\Program Files\xerox
[31/08/2007|15:40] C:\Program Files\microsoft frontpage
[31/08/2007|15:38] C:\Program Files\WindowsUpdate
[31/08/2007|15:37] C:\Program Files\NetMeeting
[31/08/2007|15:37] C:\Program Files\Movie Maker
[31/08/2007|15:36] C:\Program Files\ComPlus Applications
[31/08/2007|15:36] C:\Program Files\MSN Gaming Zone
[31/08/2007|15:35] C:\Program Files\Windows NT

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[01/09/2007|10:56] C:\Program Files\Fichiers communs\Sony Shared
[01/09/2007|10:55] C:\Program Files\Fichiers communs\..
[01/09/2007|10:55] C:\Program Files\Fichiers communs\.
[01/09/2007|10:55] C:\Program Files\Fichiers communs\InstallShield
[01/09/2007|10:40] C:\Program Files\Fichiers communs\Ahead
[01/09/2007|09:43] C:\Program Files\Fichiers communs\Java
[31/08/2007|21:17] C:\Program Files\Fichiers communs\Adobe
[31/08/2007|17:18] C:\Program Files\Fichiers communs\System
[31/08/2007|17:09] C:\Program Files\Fichiers communs\Microsoft Shared
[31/08/2007|15:37] C:\Program Files\Fichiers communs\Services
[31/08/2007|15:37] C:\Program Files\Fichiers communs\MSSoap
[31/08/2007|14:28] C:\Program Files\Fichiers communs\ODBC
[31/08/2007|14:28] C:\Program Files\Fichiers communs\SpeechEngines

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 21:29:49
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:141][Doss:8] C:\DOCUME~1\Matthieu\LOCALS~1\Temp
/!\ [Fich:28][Doss:0] C:\DOCUME~1\Matthieu\Cookies
/!\ [Fich:408][Doss:8] C:\DOCUME~1\Matthieu\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 21:30:07,65 ]----------------------

Répondre à drazhar37

bien
reposte un log hijackthis stp

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

et voila

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:38:08, on 01/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AnteWarn] C:\DOCUME~1\Matthieu\APPLIC~1\GPLBIB~1\purethird.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/re [...] oscan8.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O24 - Desktop Component 0: (no name) - http://static.v41.skyrock.com/img/m/blog/photo.png

--
End of file - 8117 bytes

Répondre à drazhar37

re

~Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.

~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.

O4 - HKCU\..\Run: [AnteWarn] C:\DOCUME~1\Matthieu\APPLIC~1\GPLBIB~1\purethird.exe

Clique sur Fix checked (en bas à gauche)

Sélectionne TOUS les emplacements en gras ci-dessous :

C:\DOCUME~1\Matthieu\APPLIC~1\Gpl Bib
C:\Program Files\Gpl Bib

---> Clique-droit puis Copier (ou Ctrl+C)

Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur MoveIt!

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

->Informations sur le logiciel<-

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

J'aimerais bien mais tes liens ne marchent pas

[EDIT]: c bon j'ai trouvé un autre lien dans le topic d'en dessous

Message édité par drazhar37 le 01-02-2008 à 21:57:01

Répondre à drazhar37

Voila le rapport:

C:\DOCUME~1\Matthieu\APPLIC~1\Gpl Bib moved successfully.
C:\Program Files\Gpl Bib moved successfully.

OTMoveIt2 v1.0.17 log created on 02012008_215915

Répondre à drazhar37

ok
reposte un log hijackthis stp

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

voili voilou

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:12:08, on 01/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/re [...] oscan8.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O24 - Desktop Component 0: (no name) - http://static.v41.skyrock.com/img/m/blog/photo.png

--
End of file - 8035 bytes

Répondre à drazhar37

ok
d'autres soucis?

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

non je ne pense pas (pas pour l'instant du moins).

Merci beaucoup pour ton aide.

Dites non aux infections!!!!!!!!!!!

Répondre à drazhar37

bien
bon surf :hello:

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

Publicités intempestives Cid [Résolu]

Forum Sécurité - Virus : Publicités intempestives Cid [Résolu]

Attention