[Résolu]Pub CiD Qui Souvre Tout Le Temps Et Toute Seul[Résolu]
Forum Sécurité - Virus : [Résolu]Pub CiD Qui Souvre Tout Le Temps Et Toute Seul[Résolu]
Bonjour a toutes et a tous , voila , je poste se sujet pour vous expliké mon probleme , j'ai plein de pub apelé CiD qui souvre toute seul , ou quand je surf sur le net , Ou quand je joue a des jeu en ligne ( Cs ) se qui me fai faire des retour windows tres souvent 
Mes pare a feux windows sont activé , les mise a jour sont faite , et mon anti virus et KasperSky 7.0 anti virus . On ma dit te telecharger un logiciel apelé Hijackthis , donc sa cé bon je vien de le telecharger et installe , mais on ma dit aussi quil fallé faire un scan etc etc .... et la je ne comprend vraiment pas comment faire ( et cé en anglais ) 
Donc jaimerais vraiment bien que lont maide svp , g vraiment besoin daide et dsl pour lecriture si g fais des faute ou si jecrit trop en laguage MMS 
J'espere obtenir votre aide merci et enrevoir ++
Message édité par SnK91 le 30-04-2008 à 16:45:14
Bonjour , et d'abord merci de m'aider 
Donc g lancé Hijackthis , puis g cliké sur '' Do a system and save a logfile ''
Voici le raport du scan qui est sur mon block note :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:14, on 28/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mumble\bin\dbus-daemon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\program files\steam\steamapps\krimodu91\counter-strike source\hl2.exe
C:\Program Files\Steam\GameOverlayUI.exe
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: run=
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [warn default inter for] C:\Documents and Settings\All Users\Application Data\Time Dead Warn Default\Soap Global.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [BIKE FIND] C:\DOCUME~1\Costa\APPLIC~1\PINGNA~1\dvd rect.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activ [...] stubie.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] 0_4_13.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 7427 bytes
Voila voila merci et enrevoir 
Re , Donc voici le rapport Lop S&D :
-----------------------[ Lop S&D 4.2.0-2 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Costa ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 28/04/2008 | 14:59:13,93 ] [ PC : COSTA-A4A4BAC8E ]
[ MAJ : 27-04-2008 | 11:15 ]
-------------[ Listing des dossiers dans Application Data ]------------
[29/02/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[22/09/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[16/04/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[07/10/2007|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/04/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[16/04/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[24/04/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[23/11/2007|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/10/2007|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[22/10/2007|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[16/04/2008|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[20/10/2007|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[29/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
[27/04/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[26/10/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/10/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[10/02/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[05/02/2008|10:57] C:\DOCUME~1\Costa\APPLIC~1\Adobe
[06/10/2007|15:39] C:\DOCUME~1\Costa\APPLIC~1\BitTorrent
[29/02/2008|11:42] C:\DOCUME~1\Costa\APPLIC~1\Creative
[22/09/2007|23:08] C:\DOCUME~1\Costa\APPLIC~1\desktop.ini
[07/10/2007|11:07] C:\DOCUME~1\Costa\APPLIC~1\Google
[22/09/2007|16:05] C:\DOCUME~1\Costa\APPLIC~1\Identities
[18/02/2008|23:37] C:\DOCUME~1\Costa\APPLIC~1\InstallShield
[24/04/2008|10:23] C:\DOCUME~1\Costa\APPLIC~1\ma-config.com
[22/09/2007|17:54] C:\DOCUME~1\Costa\APPLIC~1\Macromedia
[21/10/2007|18:52] C:\DOCUME~1\Costa\APPLIC~1\Microsoft
[24/04/2008|17:21] C:\DOCUME~1\Costa\APPLIC~1\mIRC
[15/04/2008|17:53] C:\DOCUME~1\Costa\APPLIC~1\Mozilla
[29/03/2008|23:03] C:\DOCUME~1\Costa\APPLIC~1\PingNameSafe
[08/04/2008|13:14] C:\DOCUME~1\Costa\APPLIC~1\PnkBstrK.sys
[02/02/2008|21:02] C:\DOCUME~1\Costa\APPLIC~1\PowerChallenge
[13/02/2008|17:53] C:\DOCUME~1\Costa\APPLIC~1\SecuROM
[07/10/2007|11:23] C:\DOCUME~1\Costa\APPLIC~1\Sun
[27/04/2008|19:22] C:\DOCUME~1\Costa\APPLIC~1\teamspeak2
[30/01/2008|13:36] C:\DOCUME~1\Costa\APPLIC~1\ubi.com
[29/02/2008|11:33] C:\DOCUME~1\Costa\APPLIC~1\WinBatch
[04/03/2008|18:38] C:\DOCUME~1\Costa\APPLIC~1\WinRAR
[22/09/2007|23:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[22/09/2007|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/09/2007|16:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[22/09/2007|17:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[28/04/2008 14:00][--ah-----] C:\WINDOWS\tasks\A29B2B5F90C8DF07.job
[28/04/2008 12:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
A29B2B5F90C8DF07.job <--> c:\docume~1\costa\applic~1\pingna~1\bindbitsreadme.exe
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[08/04/2008|13:01] C:\Program Files\Activision
[13/02/2008|17:30] C:\Program Files\AGEIA Technologies
[10/11/2007|19:30] C:\Program Files\Canon
[01/03/2008|17:19] C:\Program Files\Creative
[27/04/2008|19:57] C:\Program Files\Dofus
[13/02/2008|17:29] C:\Program Files\Fichiers communs
[22/09/2007|16:05] C:\Program Files\HighMAT CD Writing Wizard
[15/04/2008|21:32] C:\Program Files\InstallShield Installation Information
[16/04/2008|22:18] C:\Program Files\Intel
[25/04/2008|18:49] C:\Program Files\Internet Explorer
[02/04/2008|10:58] C:\Program Files\Java
[15/04/2008|21:49] C:\Program Files\Kaspersky Lab
[04/03/2008|18:35] C:\Program Files\ma-config.com
[24/04/2008|10:29] C:\Program Files\Messenger
[24/04/2008|17:17] C:\Program Files\Messenger Plus! Live
[22/10/2007|19:49] C:\Program Files\microsoft frontpage
[09/04/2008|12:37] C:\Program Files\Microsoft Games
[11/04/2008|21:14] C:\Program Files\Microsoft IntelliPoint
[01/02/2008|23:15] C:\Program Files\Microsoft SQL Server Compact Edition
[24/04/2008|17:20] C:\Program Files\mIRC
[28/11/2007|19:13] C:\Program Files\Movie Maker
[28/04/2008|14:55] C:\Program Files\Mozilla Firefox 3 Beta 5
[16/04/2008|22:02] C:\Program Files\MSN Gaming Zone
[27/04/2008|19:59] C:\Program Files\MSXML 4.0
[16/04/2008|17:57] C:\Program Files\Mumble
[28/11/2007|19:13] C:\Program Files\NetMeeting
[06/10/2007|15:13] C:\Program Files\Outlook Express
[08/10/2007|18:00] C:\Program Files\PowerChallenge
[11/04/2008|21:10] C:\Program Files\Realtek
[28/04/2008|13:38] C:\Program Files\Steam
[31/03/2008|17:29] C:\Program Files\Teamspeak2_RC2
[28/04/2008|14:31] C:\Program Files\Trend Micro
[22/09/2007|16:05] C:\Program Files\Uninstall Information
[16/04/2008|22:03] C:\Program Files\Windows Live
[16/04/2008|12:58] C:\Program Files\Windows Media Player
[22/09/2007|18:22] C:\Program Files\Windows NT
[22/09/2007|15:59] C:\Program Files\WindowsUpdate
[22/09/2007|16:00] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[07/10/2007|18:29] C:\Program Files\Fichiers communs\DirectX
[02/11/2007|09:54] C:\Program Files\Fichiers communs\InstallShield
[10/02/2008|21:36] C:\Program Files\Fichiers communs\Java
[09/04/2008|12:42] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2007|15:58] C:\Program Files\Fichiers communs\MSSoap
[22/09/2007|23:09] C:\Program Files\Fichiers communs\ODBC
[22/09/2007|15:59] C:\Program Files\Fichiers communs\Services
[22/09/2007|23:09] C:\Program Files\Fichiers communs\SpeechEngines
[06/10/2007|15:13] C:\Program Files\Fichiers communs\System
[01/02/2008|23:09] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/04/2008|21:07] C:\Program Files\Fichiers communs\Wise Installation Wizard
---------------------------[ Process ]--------------------------
... 39
iexplore.exe ~ [556]
iexplore.exe ~ [732]
----------------------[ Recherche avec S_Lop ]---------------------
C:\DOCUME~1\Costa\LOCALS~1\Temp\bis33.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default\Soap Global.exe
C:\DOCUME~1\Costa\APPLIC~1\pingna~1
C:\DOCUME~1\Costa\APPLIC~1\pingna~1\bind bits readme.exe
C:\DOCUME~1\Costa\APPLIC~1\pingna~1\dvd rect.exe
C:\DOCUME~1\Costa\APPLIC~1\pingna~1\Lies Dumb Media Love.exe
C:\DOCUME~1\Costa\APPLIC~1\pingna~1\qetmoowb.exe
C:\WINDOWS\Tasks\A29B2B5F90C8DF07.job
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BIKE FIND"="C:\\DOCUME~1\\Costa\\APPLIC~1\\PINGNA~1\\dvd rect.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"warn default inter for"="C:\\Documents and Settings\\All Users\\Application Data\\Time Dead Warn Default\\Soap Global.exe"
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 XXX.drivecleaner.com ## added by CiD
127.0.0.1 XXX.errorprotector.com ## added by CiD
127.0.0.1 XXX.errorsafe.com ## added by CiD
127.0.0.1 XXX.systemdoctor.com ## added by CiD
127.0.0.1 XXX.utils.winfixer.com ## added by CiD
127.0.0.1 XXX.win-anti-virus-pro.com ## added by CiD
127.0.0.1 XXX.win-virus-pro.com ## added by CiD
127.0.0.1 XXX.winantispam.com ## added by CiD
127.0.0.1 XXX.winantispy.com ## added by CiD
127.0.0.1 XXX.winantispyware.com ## added by CiD
127.0.0.1 XXX.winantivirus.com ## added by CiD
127.0.0.1 XXX.winantiviruspro.com ## added by CiD
127.0.0.1 XXX.windrivecleaner.com ## added by CiD
127.0.0.1 XXX.windrivesafe.com ## added by CiD
127.0.0.1 XXX.winfixer.com ## added by CiD
127.0.0.1 XXX.winfixer2006.com ## added by CiD
127.0.0.1 XXX.winsoftware.com ## added by CiD
-> 72 ( 70 ## added by CiD )
/!\ 1 Not 127.0.0.1 !!
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-28 14:59:57
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\66WL1EH8\csp_b1[1]\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\66WL1EH8\csp_b1[1]\cspromod\materials\cspromod\nuke\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\BlendSandCrack.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\DustCrack.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\cspromod\materials\cspromod\nuke\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\csp_b103[1]\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\csp_b103[1]\cspromod\materials\cspromod\nuke\DustCrackb.vtf
/!\ [Fich:5221][Doss:220] C:\DOCUME~1\Costa\LOCALS~1\Temp
/!\ [Fich:1703][Doss:0] C:\DOCUME~1\Costa\Cookies
/!\ [Fich:41376][Doss:325] C:\DOCUME~1\Costa\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 15:01:56,87 ]----------------------
Voila , enrevoir
Re , voici le rapport Lop S&D avec loption 2 ( suppresion ) :
-----------------------[ Lop S&D 4.2.0-2 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Costa ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 28/04/2008 | 15:28:29,68 ] [ PC : COSTA-A4A4BAC8E ]
[ MAJ : 27-04-2008 | 11:15 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default\Soap Global.exe
Supprimé! - C:\DOCUME~1\Costa\APPLIC~1\pingna~1\bind bits readme.exe
Supprimé! - C:\DOCUME~1\Costa\APPLIC~1\pingna~1\dvd rect.exe
Supprimé! - C:\DOCUME~1\Costa\APPLIC~1\pingna~1\Lies Dumb Media Love.exe
Supprimé! - C:\DOCUME~1\Costa\APPLIC~1\pingna~1\qetmoowb.exe
Supprimé! - C:\WINDOWS\Tasks\A29B2B5F90C8DF07.job
Supprimé! - C:\DOCUME~1\Costa\LOCALS~1\Temp\bis33.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Time Dead Warn Default
Supprimé! - C:\DOCUME~1\Costa\APPLIC~1\pingna~1
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[29/02/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[22/09/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[16/04/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[07/10/2007|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/04/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[16/04/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[24/04/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[23/11/2007|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/10/2007|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[22/10/2007|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[16/04/2008|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[20/10/2007|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[27/04/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[26/10/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/10/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[10/02/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[05/02/2008|10:57] C:\DOCUME~1\Costa\APPLIC~1\Adobe
[06/10/2007|15:39] C:\DOCUME~1\Costa\APPLIC~1\BitTorrent
[29/02/2008|11:42] C:\DOCUME~1\Costa\APPLIC~1\Creative
[22/09/2007|23:08] C:\DOCUME~1\Costa\APPLIC~1\desktop.ini
[07/10/2007|11:07] C:\DOCUME~1\Costa\APPLIC~1\Google
[22/09/2007|16:05] C:\DOCUME~1\Costa\APPLIC~1\Identities
[18/02/2008|23:37] C:\DOCUME~1\Costa\APPLIC~1\InstallShield
[24/04/2008|10:23] C:\DOCUME~1\Costa\APPLIC~1\ma-config.com
[22/09/2007|17:54] C:\DOCUME~1\Costa\APPLIC~1\Macromedia
[21/10/2007|18:52] C:\DOCUME~1\Costa\APPLIC~1\Microsoft
[24/04/2008|17:21] C:\DOCUME~1\Costa\APPLIC~1\mIRC
[15/04/2008|17:53] C:\DOCUME~1\Costa\APPLIC~1\Mozilla
[08/04/2008|13:14] C:\DOCUME~1\Costa\APPLIC~1\PnkBstrK.sys
[02/02/2008|21:02] C:\DOCUME~1\Costa\APPLIC~1\PowerChallenge
[13/02/2008|17:53] C:\DOCUME~1\Costa\APPLIC~1\SecuROM
[07/10/2007|11:23] C:\DOCUME~1\Costa\APPLIC~1\Sun
[27/04/2008|19:22] C:\DOCUME~1\Costa\APPLIC~1\teamspeak2
[30/01/2008|13:36] C:\DOCUME~1\Costa\APPLIC~1\ubi.com
[29/02/2008|11:33] C:\DOCUME~1\Costa\APPLIC~1\WinBatch
[04/03/2008|18:38] C:\DOCUME~1\Costa\APPLIC~1\WinRAR
[22/09/2007|23:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[22/09/2007|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/09/2007|16:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[22/09/2007|17:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[28/04/2008 12:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[08/04/2008|13:01] C:\Program Files\Activision
[13/02/2008|17:30] C:\Program Files\AGEIA Technologies
[10/11/2007|19:30] C:\Program Files\Canon
[01/03/2008|17:19] C:\Program Files\Creative
[27/04/2008|19:57] C:\Program Files\Dofus
[13/02/2008|17:29] C:\Program Files\Fichiers communs
[22/09/2007|16:05] C:\Program Files\HighMAT CD Writing Wizard
[15/04/2008|21:32] C:\Program Files\InstallShield Installation Information
[16/04/2008|22:18] C:\Program Files\Intel
[25/04/2008|18:49] C:\Program Files\Internet Explorer
[02/04/2008|10:58] C:\Program Files\Java
[15/04/2008|21:49] C:\Program Files\Kaspersky Lab
[04/03/2008|18:35] C:\Program Files\ma-config.com
[24/04/2008|10:29] C:\Program Files\Messenger
[24/04/2008|17:17] C:\Program Files\Messenger Plus! Live
[22/10/2007|19:49] C:\Program Files\microsoft frontpage
[09/04/2008|12:37] C:\Program Files\Microsoft Games
[11/04/2008|21:14] C:\Program Files\Microsoft IntelliPoint
[01/02/2008|23:15] C:\Program Files\Microsoft SQL Server Compact Edition
[24/04/2008|17:20] C:\Program Files\mIRC
[28/11/2007|19:13] C:\Program Files\Movie Maker
[28/04/2008|15:27] C:\Program Files\Mozilla Firefox 3 Beta 5
[16/04/2008|22:02] C:\Program Files\MSN Gaming Zone
[27/04/2008|19:59] C:\Program Files\MSXML 4.0
[16/04/2008|17:57] C:\Program Files\Mumble
[28/11/2007|19:13] C:\Program Files\NetMeeting
[06/10/2007|15:13] C:\Program Files\Outlook Express
[08/10/2007|18:00] C:\Program Files\PowerChallenge
[11/04/2008|21:10] C:\Program Files\Realtek
[28/04/2008|15:09] C:\Program Files\Steam
[31/03/2008|17:29] C:\Program Files\Teamspeak2_RC2
[28/04/2008|14:31] C:\Program Files\Trend Micro
[22/09/2007|16:05] C:\Program Files\Uninstall Information
[16/04/2008|22:03] C:\Program Files\Windows Live
[16/04/2008|12:58] C:\Program Files\Windows Media Player
[22/09/2007|18:22] C:\Program Files\Windows NT
[22/09/2007|15:59] C:\Program Files\WindowsUpdate
[22/09/2007|16:00] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[07/10/2007|18:29] C:\Program Files\Fichiers communs\DirectX
[02/11/2007|09:54] C:\Program Files\Fichiers communs\InstallShield
[10/02/2008|21:36] C:\Program Files\Fichiers communs\Java
[09/04/2008|12:42] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2007|15:58] C:\Program Files\Fichiers communs\MSSoap
[22/09/2007|23:09] C:\Program Files\Fichiers communs\ODBC
[22/09/2007|15:59] C:\Program Files\Fichiers communs\Services
[22/09/2007|23:09] C:\Program Files\Fichiers communs\SpeechEngines
[06/10/2007|15:13] C:\Program Files\Fichiers communs\System
[01/02/2008|23:09] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/04/2008|21:07] C:\Program Files\Fichiers communs\Wise Installation Wizard
---------------------------[ Process ]--------------------------
... 37
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-28 15:29:11
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\66WL1EH8\csp_b1[1]\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\66WL1EH8\csp_b1[1]\cspromod\materials\cspromod\nuke\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\BlendSandCrack.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\DustCrack.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\GOFZJJ7F\csp_mappack_b1[1]\csp_mappack_b1\cstrike\materials\aTam\Sand\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\cspromod\materials\cspromod\nuke\DustCrackb.vtf
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\csp_b103[1]\cspromod\materials\cspromod\nuke\DustCrackb.vmt
=> C:\Documents and Settings\Costa\Local Settings\Temporary Internet Files\Content.IE5\L3TQIKYO\csp_b103[1]\cspromod\materials\cspromod\nuke\DustCrackb.vtf
/!\ [Fich:5220][Doss:220] C:\DOCUME~1\Costa\LOCALS~1\Temp
/!\ [Fich:1703][Doss:0] C:\DOCUME~1\Costa\Cookies
/!\ [Fich:41414][Doss:325] C:\DOCUME~1\Costa\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 15:30:06,45 ]----------------------
Bye bye
Re , voila un nouveau rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:29:14, on 28/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Steam\Steam.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mumble\bin\dbus-daemon.exe
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: run=
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activ [...] stubie.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] 0_4_13.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 7519 bytes
Suis-je encore infecté ?
encore merci de ton aide tres precieuse enrevoir ++
Oh Non stp michel51490 créer toi un sujet pour toi vien pas sur ceux des autres posté tes messages 
edit Angeldark : message supprimé
Message édité par Angeldark le 28-04-2008 à 16:48:46
Euh lol le message cé pour moi ou pour michel xD ?? ^^
Ok cé pour moi lol , merci bon je vis essayer se que tu ma di
Oui c'est pour toi et merci d'éviter le langage SMS
Répondre à Angeldark
Oui desole pour le language SMS bon ba j'ai fais le scan avec malwarebyte's ati virus et apparament cé bon il n'a rien trouvé de detecté , je te poste le resultat du scan :
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 692
Type de recherche: Examen complet (A:\|C:\|D:\|)
Eléments examinés: 171322
Temps écoulé: 2 hour(s), 3 minute(s), 31 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Voila voila , crois tu que je suis encore infecté , si oui , que dois - je faire ?
Merci et enrevoir
Voila je te redonne une derniere fois un nouveau rapport hijacthis pour etre bien sur que sa soit bon 
:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:37, on 28/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mumble\bin\dbus-daemon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\program files\steam\steamapps\krimodu91\counter-strike source\hl2.exe
C:\Program Files\Steam\GameOverlayUI.exe
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: run=
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activ [...] stubie.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] 0_4_13.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 7639 bytes
Et encore un tres GROS merci a toi vraiment MERCIIIIII
A lol excuse moi , c'est l'habitude sa , donc je disais que j'ai fais exactement comme il disaient et je ne sais pas pourquoi sa ne marche pas ?
Oui , je ne comprend pas pourquoi sa ne marche pas 
Oh non , les pub CiD revienne encore
Voila le rapport de LopS&D option 1 :
-----------------------[ Lop S&D 4.2.0-2 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Costa ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 29/04/2008 | 13:31:39,12 ] [ PC : COSTA-A4A4BAC8E ]
[ MAJ : 27-04-2008 | 11:15 ]
-------------[ Listing des dossiers dans Application Data ]------------
[29/02/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[22/09/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[16/04/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[07/10/2007|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[29/04/2008|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[16/04/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[28/04/2008|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[24/04/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[23/11/2007|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/10/2007|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[22/10/2007|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[28/04/2008|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[20/10/2007|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[27/04/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[26/10/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/10/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[10/02/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[05/02/2008|10:57] C:\DOCUME~1\Costa\APPLIC~1\Adobe
[06/10/2007|15:39] C:\DOCUME~1\Costa\APPLIC~1\BitTorrent
[29/02/2008|11:42] C:\DOCUME~1\Costa\APPLIC~1\Creative
[22/09/2007|23:08] C:\DOCUME~1\Costa\APPLIC~1\desktop.ini
[07/10/2007|11:07] C:\DOCUME~1\Costa\APPLIC~1\Google
[22/09/2007|16:05] C:\DOCUME~1\Costa\APPLIC~1\Identities
[18/02/2008|23:37] C:\DOCUME~1\Costa\APPLIC~1\InstallShield
[28/04/2008|23:54] C:\DOCUME~1\Costa\APPLIC~1\ma-config.com
[22/09/2007|17:54] C:\DOCUME~1\Costa\APPLIC~1\Macromedia
[28/04/2008|17:04] C:\DOCUME~1\Costa\APPLIC~1\Malwarebytes
[21/10/2007|18:52] C:\DOCUME~1\Costa\APPLIC~1\Microsoft
[24/04/2008|17:21] C:\DOCUME~1\Costa\APPLIC~1\mIRC
[15/04/2008|17:53] C:\DOCUME~1\Costa\APPLIC~1\Mozilla
[08/04/2008|13:14] C:\DOCUME~1\Costa\APPLIC~1\PnkBstrK.sys
[28/04/2008|23:10] C:\DOCUME~1\Costa\APPLIC~1\PowerChallenge
[13/02/2008|17:53] C:\DOCUME~1\Costa\APPLIC~1\SecuROM
[07/10/2007|11:23] C:\DOCUME~1\Costa\APPLIC~1\Sun
[27/04/2008|19:22] C:\DOCUME~1\Costa\APPLIC~1\teamspeak2
[30/01/2008|13:36] C:\DOCUME~1\Costa\APPLIC~1\ubi.com
[28/04/2008|16:54] C:\DOCUME~1\Costa\APPLIC~1\Uniblue
[29/02/2008|11:33] C:\DOCUME~1\Costa\APPLIC~1\WinBatch
[04/03/2008|18:38] C:\DOCUME~1\Costa\APPLIC~1\WinRAR
[22/09/2007|23:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[22/09/2007|16:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/09/2007|16:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[22/09/2007|17:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[29/04/2008 11:21][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[08/04/2008|13:01] C:\Program Files\Activision
[13/02/2008|17:30] C:\Program Files\AGEIA Technologies
[10/11/2007|19:30] C:\Program Files\Canon
[01/03/2008|17:19] C:\Program Files\Creative
[13/02/2008|17:29] C:\Program Files\Fichiers communs
[22/09/2007|16:05] C:\Program Files\HighMAT CD Writing Wizard
[15/04/2008|21:32] C:\Program Files\InstallShield Installation Information
[16/04/2008|22:18] C:\Program Files\Intel
[28/04/2008|16:21] C:\Program Files\Internet Explorer
[02/04/2008|10:58] C:\Program Files\Java
[15/04/2008|21:49] C:\Program Files\Kaspersky Lab
[28/04/2008|20:15] C:\Program Files\ma-config.com
[24/04/2008|10:29] C:\Program Files\Messenger
[24/04/2008|17:17] C:\Program Files\Messenger Plus! Live
[22/10/2007|19:49] C:\Program Files\microsoft frontpage
[09/04/2008|12:37] C:\Program Files\Microsoft Games
[11/04/2008|21:14] C:\Program Files\Microsoft IntelliPoint
[01/02/2008|23:15] C:\Program Files\Microsoft SQL Server Compact Edition
[24/04/2008|17:20] C:\Program Files\mIRC
[28/11/2007|19:13] C:\Program Files\Movie Maker
[29/04/2008|13:29] C:\Program Files\Mozilla Firefox 3 Beta 5
[16/04/2008|22:02] C:\Program Files\MSN Gaming Zone
[27/04/2008|19:59] C:\Program Files\MSXML 4.0
[16/04/2008|17:57] C:\Program Files\Mumble
[28/11/2007|19:13] C:\Program Files\NetMeeting
[06/10/2007|15:13] C:\Program Files\Outlook Express
[08/10/2007|18:00] C:\Program Files\PowerChallenge
[11/04/2008|21:10] C:\Program Files\Realtek
[29/04/2008|13:11] C:\Program Files\Steam
[31/03/2008|17:29] C:\Program Files\Teamspeak2_RC2
[22/09/2007|16:05] C:\Program Files\Uninstall Information
[16/04/2008|22:03] C:\Program Files\Windows Live
[16/04/2008|12:58] C:\Program Files\Windows Media Player
[22/09/2007|18:22] C:\Program Files\Windows NT
[22/09/2007|15:59] C:\Program Files\WindowsUpdate
[22/09/2007|16:00] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[07/10/2007|18:29] C:\Program Files\Fichiers communs\DirectX
[02/11/2007|09:54] C:\Program Files\Fichiers communs\InstallShield
[10/02/2008|21:36] C:\Program Files\Fichiers communs\Java
[09/04/2008|12:42] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2007|15:58] C:\Program Files\Fichiers communs\MSSoap
[22/09/2007|23:09] C:\Program Files\Fichiers communs\ODBC
[22/09/2007|15:59] C:\Program Files\Fichiers communs\Services
[22/09/2007|23:09] C:\Program Files\Fichiers communs\SpeechEngines
[06/10/2007|15:13] C:\Program Files\Fichiers communs\System
[01/02/2008|23:09] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/04/2008|21:07] C:\Program Files\Fichiers communs\Wise Installation Wizard
---------------------------[ Process ]--------------------------
... 30
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-29 13:32:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:5413][Doss:236] C:\DOCUME~1\Costa\LOCALS~1\Temp
/!\ [Fich:39][Doss:0] C:\DOCUME~1\Costa\Cookies
/!\ [Fich:1349][Doss:5] C:\DOCUME~1\Costa\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 13:32:49,48 ]----------------------
Sinon , n'y a t'il pas d'autre logiciel contre les pub CiD comme lop ou Hijacthis ?
Merci a toi
Voila , sayez , j'ai desisntaller MSN + , j'ai largement moins de pub qu'avant mais j'en nai encore kelke unes du style '' casino "" ou " meetic " , sa vien dou je comprend pas 
Donne moi des noms de logiciel comme hajktihis ou autre pour bien netoyé mon pc STP 
A si cé bon , je n'ai plus de pub CiD , Merci angelDarK , vaiment un tres grand merci
MESSAGE SUPPRIME : chacun son sujet !
Bon surf alors
- Télécharge ToolsCleaner sur ton Bureau.
- Clique sur Recherche et laisse le scan se terminer.
- Clique sur Suppression pour finaliser.
- Clique sur Quitter, pour que le rapport puisse se créer.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)
Désactive puis réactive la restauration du système : Voir aide
Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer" 
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"
Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :
Répondre à Angeldark
Voici le rapport du scan avec ToolsCleaner :
-->- Recherche:
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\tar.exe: trouvé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\remove.reg: trouvé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\LFiles.exe: trouvé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\gzip.exe: trouvé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\delsiri.cmd: trouvé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\delr.cmd: trouvé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\del3.cmd: trouvé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\del2.cmd: trouvé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\clean.cmd: trouvé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\cherche.cmd: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\tar.exe: supprimé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\remove.reg: supprimé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\LFiles.exe: supprimé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\gzip.exe: supprimé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\delsiri.cmd: supprimé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\delr.cmd: supprimé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\del3.cmd: supprimé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\del2.cmd: supprimé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\clean.cmd: supprimé !
C:\Documents and Settings\Costa\Local Settings\Temp\clean-1\clean\cherche.cmd: supprimé !
Voila et si il ya dautre logiciel donne moi les noms stp cars des logiciel trouve des virus que dautre logiciel ne peuvent pas trouver
enrevoir et merci
Ok ba encore un tres grand merci et j'espere que sa recommencera plus , que mon pc est nikel ( plus de saleté ... ) ^^ allez ++
Est-ce normal que mon pc est tres lent pour ouvrir un fichier ou surfé sur le net est quil plante beaucoup pour presque rien , je vais jamais men sortir lol les pub cid et maitenant ce probleme
Ba si ce n'est pas un virus , cé quoi alors , se me le faisait pas ya 2 jour et maitenant il ram boucoup , tres tres lent , il plante tres souvent aussi
Il faut arrêter de penser ralentissements=infections 
Et je t'ai déjà assez prévenu pour le sms.
Répondre à Angeldark
