Bonjour a toutes et a tous , voila , je poste se sujet pour vous expliké mon probleme , j'ai plein de pub apelé CiD qui souvre toute seul , ou quand je surf sur le net , Ou quand je joue a des jeu en ligne ( Cs ) se qui me fai faire des retour windows tres souvent Mes pare a feux windows sont activé , les mise a jour sont faite , et mon anti virus et KasperSky 7.0 anti virus . On ma dit te telecharger un logiciel apelé Hijackthis , donc sa cé bon je vien de le telecharger et installe , mais on ma dit aussi quil fallé faire un scan etc etc .... et la je ne comprend vraiment pas comment faire ( et cé en anglais ) Donc jaimerais vraiment bien que lont maide svp , g vraiment besoin daide et dsl pour lecriture si g fais des faute ou si jecrit trop en laguage MMS J'espere obtenir votre aide merci et enrevoir ++

Bonjour,

Télécharge puis installe HijackThis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser HijackThis v2.0.2

Bonjour , et d'abord merci de m'aider
Donc g lancé Hijackthis , puis g cliké sur '' Do a system and save a logfile ''
Voici le raport du scan qui est sur mon block note :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:14, on 28/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mumble\bin\dbus-daemon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\program files\steam\steamapps\krimodu91\counter-strike source\hl2.exe
C:\Program Files\Steam\GameOverlayUI.exe
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: run=
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [warn default inter for] C:\Documents and Settings\All Users\Application Data\Time Dead Warn Default\Soap Global.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [BIKE FIND] C:\DOCUME~1\Costa\APPLIC~1\PINGNA~1\dvd rect.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activ [...] stubie.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] 0_4_13.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 7427 bytes

Voila voila merci et enrevoir

Re,

Télécharge Lop S&D.exe sur ton Bureau.

• Double-clique dessus pour lancer l'installation
• Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
• Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
• Patiente jusqu'à la fin du scan
• Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

Re , Donc voici le rapport Lop S&D :


-----------------------[ Lop S&D 4.2.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Costa ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 28/04/2008 | 14:59:13,93 ] [ PC : COSTA-A4A4BAC8E ]
[ MAJ : 27-04-2008 | 11:15 ]

-------------[ Listing des dossiers dans Application Data ]------------

[29/02/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[22/09/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[16/04/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[07/10/2007|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/04/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[16/04/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[24/04/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[23/11/2007|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/10/2007|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[22/10/2007|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[16/04/2008|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[20/10/2007|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[29/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
[27/04/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[26/10/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/10/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[10/02/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[05/02/2008|10:57] C:\DOCUME~1\Costa\APPLIC~1\Adobe
[06/10/2007|15:39] C:\DOCUME~1\Costa\APPLIC~1\BitTorrent
[29/02/2008|11:42] C:\DOCUME~1\Costa\APPLIC~1\Creative
[22/09/2007|23:08] C:\DOCUME~1\Costa\APPLIC~1\desktop.ini
[07/10/2007|11:07] C:\DOCUME~1\Costa\APPLIC~1\Google
[22/09/2007|16:05] C:\DOCUME~1\Costa\APPLIC~1\Identities
[18/02/2008|23:37] C:\DOCUME~1\Costa\APPLIC~1\InstallShield
[24/04/2008|10:23] C:\DOCUME~1\Costa\APPLIC~1\ma-config.com
[22/09/2007|17:54] C:\DOCUME~1\Costa\APPLIC~1\Macromedia
[21/10/2007|18:52] C:\DOCUME~1\Costa\APPLIC~1\Microsoft
[24/04/2008|17:21] C:\DOCUME~1\Costa\APPLIC~1\mIRC
[15/04/2008|17:53] C:\DOCUME~1\Costa\APPLIC~1\Mozilla
[29/03/2008|23:03] C:\DOCUME~1\Costa\APPLIC~1\PingNameSafe
[08/04/2008|13:14] C:\DOCUME~1\Costa\APPLIC~1\PnkBstrK.sys
[02/02/2008|21:02] C:\DOCUME~1\Costa\APPLIC~1\PowerChallenge
[13/02/2008|17:53] C:\DOCUME~1\Costa\APPLIC~1\SecuROM
[07/10/2007|11:23] C:\DOCUME~1\Costa\APPLIC~1\Sun
[27/04/2008|19:22] C:\DOCUME~1\Costa\APPLIC~1\teamspeak2
[30/01/2008|13:36] C:\DOCUME~1\Costa\APPLIC~1\ubi.com
[29/02/2008|11:33] C:\DOCUME~1\Costa\APPLIC~1\WinBatch
[04/03/2008|18:38] C:\DOCUME~1\Costa\APPLIC~1\WinRAR

[22/09/2007|23:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[22/09/2007|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[22/09/2007|16:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[22/09/2007|17:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/04/2008 14:00][--ah-----] C:\WINDOWS\tasks\A29B2B5F90C8DF07.job
[28/04/2008 12:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

A29B2B5F90C8DF07.job <--> c:\docume~1\costa\applic~1\pingna~1\bindbitsreadme.exe

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[08/04/2008|13:01] C:\Program Files\Activision
[13/02/2008|17:30] C:\Program Files\AGEIA Technologies
[10/11/2007|19:30] C:\Program Files\Canon
[01/03/2008|17:19] C:\Program Files\Creative
[27/04/2008|19:57] C:\Program Files\Dofus
[13/02/2008|17:29] C:\Program Files\Fichiers communs
[22/09/2007|16:05] C:\Program Files\HighMAT CD Writing Wizard
[15/04/2008|21:32] C:\Program Files\InstallShield Installation Information
[16/04/2008|22:18] C:\Program Files\Intel
[25/04/2008|18:49] C:\Program Files\Internet Explorer
[02/04/2008|10:58] C:\Program Files\Java
[15/04/2008|21:49] C:\Program Files\Kaspersky Lab
[04/03/2008|18:35] C:\Program Files\ma-config.com
[24/04/2008|10:29] C:\Program Files\Messenger
[24/04/2008|17:17] C:\Program Files\Messenger Plus! Live
[22/10/2007|19:49] C:\Program Files\microsoft frontpage
[09/04/2008|12:37] C:\Program Files\Microsoft Games
[11/04/2008|21:14] C:\Program Files\Microsoft IntelliPoint
[01/02/2008|23:15] C:\Program Files\Microsoft SQL Server Compact Edition
[24/04/2008|17:20] C:\Program Files\mIRC
[28/11/2007|19:13] C:\Program Files\Movie Maker
[28/04/2008|14:55] C:\Program Files\Mozilla Firefox 3 Beta 5
[16/04/2008|22:02] C:\Program Files\MSN Gaming Zone
[27/04/2008|19:59] C:\Program Files\MSXML 4.0
[16/04/2008|17:57] C:\Program Files\Mumble
[28/11/2007|19:13] C:\Program Files\NetMeeting
[06/10/2007|15:13] C:\Program Files\Outlook Express
[08/10/2007|18:00] C:\Program Files\PowerChallenge
[11/04/2008|21:10] C:\Program Files\Realtek
[28/04/2008|13:38] C:\Program Files\Steam
[31/03/2008|17:29] C:\Program Files\Teamspeak2_RC2
[28/04/2008|14:31] C:\Program Files\Trend Micro
[22/09/2007|16:05] C:\Program Files\Uninstall Information
[16/04/2008|22:03] C:\Program Files\Windows Live
[16/04/2008|12:58] C:\Program Files\Windows Media Player
[22/09/2007|18:22] C:\Program Files\Windows NT
[22/09/2007|15:59] C:\Program Files\WindowsUpdate
[22/09/2007|16:00] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[07/10/2007|18:29] C:\Program Files\Fichiers communs\DirectX
[02/11/2007|09:54] C:\Program Files\Fichiers communs\InstallShield
[10/02/2008|21:36] C:\Program Files\Fichiers communs\Java
[09/04/2008|12:42] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2007|15:58] C:\Program Files\Fichiers communs\MSSoap
[22/09/2007|23:09] C:\Program Files\Fichiers communs\ODBC
[22/09/2007|15:59] C:\Program Files\Fichiers communs\Services
[22/09/2007|23:09] C:\Program Files\Fichiers communs\SpeechEngines
[06/10/2007|15:13] C:\Program Files\Fichiers communs\System
[01/02/2008|23:09] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/04/2008|21:07] C:\Program Files\Fichiers communs\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 39

iexplore.exe ~ [556]
iexplore.exe ~ [732]

----------------------[ Recherche avec S_Lop ]---------------------

C:\DOCUME~1\Costa\LOCALS~1\Temp\bis33.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default\Soap Global.exe
C:\DOCUME~1\Costa\APPLIC~1\pingna~1
C:\DOCUME~1\Costa\APPLIC~1\pingna~1\bind bits readme.exe
C:\DOCUME~1\Costa\APPLIC~1\pingna~1\dvd rect.exe
C:\DOCUME~1\Costa\APPLIC~1\pingna~1\Lies Dumb Media Love.exe
C:\DOCUME~1\Costa\APPLIC~1\pingna~1\qetmoowb.exe
C:\WINDOWS\Tasks\A29B2B5F90C8DF07.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BIKE FIND"="C:\\DOCUME~1\\Costa\\APPLIC~1\\PINGNA~1\\dvd rect.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"warn default inter for"="C:\\Documents and Settings\\All Users\\Application Data\\Time Dead Warn Default\\Soap Global.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 XXX.drivecleaner.com ## added by CiD
127.0.0.1 XXX.errorprotector.com ## added by CiD
127.0.0.1 XXX.errorsafe.com ## added by CiD
127.0.0.1 XXX.systemdoctor.com ## added by CiD
127.0.0.1 XXX.utils.winfixer.com ## added by CiD
127.0.0.1 XXX.win-anti-virus-pro.com ## added by CiD
127.0.0.1 XXX.win-virus-pro.com ## added by CiD
127.0.0.1 XXX.winantispam.com ## added by CiD
127.0.0.1 XXX.winantispy.com ## added by CiD
127.0.0.1 XXX.winantispyware.com ## added by CiD
127.0.0.1 XXX.winantivirus.com ## added by CiD
127.0.0.1 XXX.winantiviruspro.com ## added by CiD
127.0.0.1 XXX.windrivecleaner.com ## added by CiD
127.0.0.1 XXX.windrivesafe.com ## added by CiD
127.0.0.1 XXX.winfixer.com ## added by CiD
127.0.0.1 XXX.winfixer2006.com ## added by CiD
127.0.0.1 XXX.winsoftware.com ## added by CiD

-> 72 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-28 14:59:57
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\66WL1EH8\csp_b1[1]\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\66WL1EH8\csp_b1[1]\cspromod\materials\cspromod\nuke\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\BlendSandCrack.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\DustCrack.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\cspromod\materials\cspromod\nuke\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\csp_b103[1]\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\csp_b103[1]\cspromod\materials\cspromod\nuke\DustCrackb.vtf


/!\ [Fich:5221][Doss:220] C:\DOCUME~1\Costa\LOCALS~1\Temp
/!\ [Fich:1703][Doss:0] C:\DOCUME~1\Costa\Cookies
/!\ [Fich:41376][Doss:325] C:\DOCUME~1\Costa\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 15:01:56,87 ]----------------------


Voila , enrevoir

Re,

Relance Lop S&D

• Choisis cette fois ci l'Option 2 (Suppression)
• Ne ferme pas la fenêtre lors de la suppression !
• Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

Re , voici le rapport Lop S&D avec loption 2 ( suppresion ) :


-----------------------[ Lop S&D 4.2.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Costa ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 28/04/2008 | 15:28:29,68 ] [ PC : COSTA-A4A4BAC8E ]
[ MAJ : 27-04-2008 | 11:15 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default\Soap Global.exe
Supprimé! - C:\DOCUME~1\Costa\APPLIC~1\pingna~1\bind bits readme.exe
Supprimé! - C:\DOCUME~1\Costa\APPLIC~1\pingna~1\dvd rect.exe
Supprimé! - C:\DOCUME~1\Costa\APPLIC~1\pingna~1\Lies Dumb Media Love.exe
Supprimé! - C:\DOCUME~1\Costa\APPLIC~1\pingna~1\qetmoowb.exe
Supprimé! - C:\WINDOWS\Tasks\A29B2B5F90C8DF07.job
Supprimé! - C:\DOCUME~1\Costa\LOCALS~1\Temp\bis33.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
Supprimé! - C:\DOCUME~1\Costa\APPLIC~1\pingna~1
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[29/02/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[22/09/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[16/04/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[07/10/2007|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/04/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[16/04/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[24/04/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[23/11/2007|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/10/2007|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[22/10/2007|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[16/04/2008|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[20/10/2007|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[27/04/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[26/10/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/10/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[10/02/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[05/02/2008|10:57] C:\DOCUME~1\Costa\APPLIC~1\Adobe
[06/10/2007|15:39] C:\DOCUME~1\Costa\APPLIC~1\BitTorrent
[29/02/2008|11:42] C:\DOCUME~1\Costa\APPLIC~1\Creative
[22/09/2007|23:08] C:\DOCUME~1\Costa\APPLIC~1\desktop.ini
[07/10/2007|11:07] C:\DOCUME~1\Costa\APPLIC~1\Google
[22/09/2007|16:05] C:\DOCUME~1\Costa\APPLIC~1\Identities
[18/02/2008|23:37] C:\DOCUME~1\Costa\APPLIC~1\InstallShield
[24/04/2008|10:23] C:\DOCUME~1\Costa\APPLIC~1\ma-config.com
[22/09/2007|17:54] C:\DOCUME~1\Costa\APPLIC~1\Macromedia
[21/10/2007|18:52] C:\DOCUME~1\Costa\APPLIC~1\Microsoft
[24/04/2008|17:21] C:\DOCUME~1\Costa\APPLIC~1\mIRC
[15/04/2008|17:53] C:\DOCUME~1\Costa\APPLIC~1\Mozilla
[08/04/2008|13:14] C:\DOCUME~1\Costa\APPLIC~1\PnkBstrK.sys
[02/02/2008|21:02] C:\DOCUME~1\Costa\APPLIC~1\PowerChallenge
[13/02/2008|17:53] C:\DOCUME~1\Costa\APPLIC~1\SecuROM
[07/10/2007|11:23] C:\DOCUME~1\Costa\APPLIC~1\Sun
[27/04/2008|19:22] C:\DOCUME~1\Costa\APPLIC~1\teamspeak2
[30/01/2008|13:36] C:\DOCUME~1\Costa\APPLIC~1\ubi.com
[29/02/2008|11:33] C:\DOCUME~1\Costa\APPLIC~1\WinBatch
[04/03/2008|18:38] C:\DOCUME~1\Costa\APPLIC~1\WinRAR

[22/09/2007|23:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[22/09/2007|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[22/09/2007|16:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[22/09/2007|17:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/04/2008 12:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[08/04/2008|13:01] C:\Program Files\Activision
[13/02/2008|17:30] C:\Program Files\AGEIA Technologies
[10/11/2007|19:30] C:\Program Files\Canon
[01/03/2008|17:19] C:\Program Files\Creative
[27/04/2008|19:57] C:\Program Files\Dofus
[13/02/2008|17:29] C:\Program Files\Fichiers communs
[22/09/2007|16:05] C:\Program Files\HighMAT CD Writing Wizard
[15/04/2008|21:32] C:\Program Files\InstallShield Installation Information
[16/04/2008|22:18] C:\Program Files\Intel
[25/04/2008|18:49] C:\Program Files\Internet Explorer
[02/04/2008|10:58] C:\Program Files\Java
[15/04/2008|21:49] C:\Program Files\Kaspersky Lab
[04/03/2008|18:35] C:\Program Files\ma-config.com
[24/04/2008|10:29] C:\Program Files\Messenger
[24/04/2008|17:17] C:\Program Files\Messenger Plus! Live
[22/10/2007|19:49] C:\Program Files\microsoft frontpage
[09/04/2008|12:37] C:\Program Files\Microsoft Games
[11/04/2008|21:14] C:\Program Files\Microsoft IntelliPoint
[01/02/2008|23:15] C:\Program Files\Microsoft SQL Server Compact Edition
[24/04/2008|17:20] C:\Program Files\mIRC
[28/11/2007|19:13] C:\Program Files\Movie Maker
[28/04/2008|15:27] C:\Program Files\Mozilla Firefox 3 Beta 5
[16/04/2008|22:02] C:\Program Files\MSN Gaming Zone
[27/04/2008|19:59] C:\Program Files\MSXML 4.0
[16/04/2008|17:57] C:\Program Files\Mumble
[28/11/2007|19:13] C:\Program Files\NetMeeting
[06/10/2007|15:13] C:\Program Files\Outlook Express
[08/10/2007|18:00] C:\Program Files\PowerChallenge
[11/04/2008|21:10] C:\Program Files\Realtek
[28/04/2008|15:09] C:\Program Files\Steam
[31/03/2008|17:29] C:\Program Files\Teamspeak2_RC2
[28/04/2008|14:31] C:\Program Files\Trend Micro
[22/09/2007|16:05] C:\Program Files\Uninstall Information
[16/04/2008|22:03] C:\Program Files\Windows Live
[16/04/2008|12:58] C:\Program Files\Windows Media Player
[22/09/2007|18:22] C:\Program Files\Windows NT
[22/09/2007|15:59] C:\Program Files\WindowsUpdate
[22/09/2007|16:00] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[07/10/2007|18:29] C:\Program Files\Fichiers communs\DirectX
[02/11/2007|09:54] C:\Program Files\Fichiers communs\InstallShield
[10/02/2008|21:36] C:\Program Files\Fichiers communs\Java
[09/04/2008|12:42] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2007|15:58] C:\Program Files\Fichiers communs\MSSoap
[22/09/2007|23:09] C:\Program Files\Fichiers communs\ODBC
[22/09/2007|15:59] C:\Program Files\Fichiers communs\Services
[22/09/2007|23:09] C:\Program Files\Fichiers communs\SpeechEngines
[06/10/2007|15:13] C:\Program Files\Fichiers communs\System
[01/02/2008|23:09] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/04/2008|21:07] C:\Program Files\Fichiers communs\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 37

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-28 15:29:11
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\66WL1EH8\csp_b1[1]\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\66WL1EH8\csp_b1[1]\cspromod\materials\cspromod\nuke\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\BlendSandCrack.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\DustCrack.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\cspromod\materials\cspromod\nuke\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\csp_b103[1]\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\csp_b103[1]\cspromod\materials\cspromod\nuke\DustCrackb.vtf


/!\ [Fich:5220][Doss:220] C:\DOCUME~1\Costa\LOCALS~1\Temp
/!\ [Fich:1703][Doss:0] C:\DOCUME~1\Costa\Cookies
/!\ [Fich:41414][Doss:325] C:\DOCUME~1\Costa\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 15:30:06,45 ]----------------------


Bye bye

Reposte un rapport Hijackthis.

Re , voila un nouveau rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:29:14, on 28/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Steam\Steam.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mumble\bin\dbus-daemon.exe
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: run=
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activ [...] stubie.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] 0_4_13.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 7519 bytes


Suis-je encore infecté ?
encore merci de ton aide tres precieuse enrevoir ++

Oh Non stp michel51490 créer toi un sujet pour toi vien pas sur ceux des autres posté tes messages
edit Angeldark : message supprimé