Rapport Hijackthis

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau

Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

Voila le rapport et merci encore

-----------------------[ Lop S&D 4.2.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : kalash91 ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 29/04/2008 | 16:12:37,64 ] [ PC : KALASH ]
[ MAJ : 27-04-2008 | 11:15 ]

-------------[ Listing des dossiers dans Application Data ]------------

[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[22/09/2006|15:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[15/09/2006|16:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[05/03/2007|09:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba
[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Desktop Search

[28/04/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\118300.34
[05/08/2007|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[11/11/2007|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[28/03/2007|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[27/04/2008|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[15/09/2006|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/09/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[27/02/2008|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
[30/06/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/08/2007|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[05/03/2007|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[27/04/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[05/08/2007|01:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[08/03/2007|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[29/04/2008|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/04/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[25/03/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[25/05/2007|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[19/04/2008|02:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roam Program Comp About
[03/12/2007|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SimCity Societies
[29/04/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[05/03/2007|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[29/04/2008|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[27/02/2008|23:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[02/04/2007|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/12/2007|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[22/09/2006|15:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[15/09/2006|16:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/03/2007|09:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba
[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Windows Desktop Search

[23/12/2007|19:00] C:\DOCUME~1\kalash91\APPLIC~1\1&1
[28/04/2008|15:58] C:\DOCUME~1\kalash91\APPLIC~1\Adobe
[20/03/2007|20:14] C:\DOCUME~1\kalash91\APPLIC~1\AdobeUM
[26/04/2007|19:23] C:\DOCUME~1\kalash91\APPLIC~1\Ahead
[01/02/2008|16:57] C:\DOCUME~1\kalash91\APPLIC~1\AlauxSoft
[22/09/2006|15:12] C:\DOCUME~1\kalash91\APPLIC~1\ATI
[29/12/2007|18:35] C:\DOCUME~1\kalash91\APPLIC~1\Canon
[09/09/2007|18:26] C:\DOCUME~1\kalash91\APPLIC~1\Crystal FTP
[15/09/2006|16:31] C:\DOCUME~1\kalash91\APPLIC~1\desktop.ini
[02/07/2007|01:28] C:\DOCUME~1\kalash91\APPLIC~1\Disney Interactive Studios
[19/07/2007|13:33] C:\DOCUME~1\kalash91\APPLIC~1\dvdcss
[27/02/2008|23:32] C:\DOCUME~1\kalash91\APPLIC~1\EPSON
[19/04/2008|02:13] C:\DOCUME~1\kalash91\APPLIC~1\fast hide wma
[09/12/2007|19:42] C:\DOCUME~1\kalash91\APPLIC~1\Gearbox Software
[15/02/2008|22:36] C:\DOCUME~1\kalash91\APPLIC~1\GetRight
[06/03/2008|21:35] C:\DOCUME~1\kalash91\APPLIC~1\GetRightToGo
[25/03/2008|14:07] C:\DOCUME~1\kalash91\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
[09/04/2007|21:29] C:\DOCUME~1\kalash91\APPLIC~1\GlobalSCAPE
[08/03/2007|18:04] C:\DOCUME~1\kalash91\APPLIC~1\Help
[27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Identities
[09/03/2008|15:37] C:\DOCUME~1\kalash91\APPLIC~1\Imperium Romanum
[27/02/2008|23:14] C:\DOCUME~1\kalash91\APPLIC~1\InstallShield
[05/03/2007|09:45] C:\DOCUME~1\kalash91\APPLIC~1\Intel
[05/03/2007|09:52] C:\DOCUME~1\kalash91\APPLIC~1\InterVideo
[29/04/2008|12:10] C:\DOCUME~1\kalash91\APPLIC~1\Lavasoft
[08/03/2007|19:45] C:\DOCUME~1\kalash91\APPLIC~1\Macromedia
[09/12/2007|01:01] C:\DOCUME~1\kalash91\APPLIC~1\Microgaming
[27/04/2008|21:25] C:\DOCUME~1\kalash91\APPLIC~1\Microsoft
[05/03/2007|11:28] C:\DOCUME~1\kalash91\APPLIC~1\Mozilla
[05/03/2007|10:56] C:\DOCUME~1\kalash91\APPLIC~1\MSNInstaller
[30/11/2007|14:00] C:\DOCUME~1\kalash91\APPLIC~1\Nvu
[28/03/2007|23:04] C:\DOCUME~1\kalash91\APPLIC~1\Opera
[29/04/2008|11:42] C:\DOCUME~1\kalash91\APPLIC~1\PC Tools
[11/03/2007|00:50] C:\DOCUME~1\kalash91\APPLIC~1\Real
[21/06/2007|18:47] C:\DOCUME~1\kalash91\APPLIC~1\SecuROM
[27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Sonic
[18/03/2007|18:45] C:\DOCUME~1\kalash91\APPLIC~1\Sports Interactive
[16/03/2007|18:56] C:\DOCUME~1\kalash91\APPLIC~1\Sun
[27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\toshiba
[30/06/2007|20:30] C:\DOCUME~1\kalash91\APPLIC~1\UseNeXT
[31/03/2008|22:39] C:\DOCUME~1\kalash91\APPLIC~1\uTorrent
[05/05/2007|13:42] C:\DOCUME~1\kalash91\APPLIC~1\vlc
[27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Windows Desktop Search

[05/03/2007|09:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
[27/09/2006|23:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[27/09/2006|23:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

[05/03/2007|09:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
[27/09/2006|23:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\windows\tasks ]---------------

[29/04/2008 15:00][--ah-----] C:\windows\tasks\B8CA41DD81E1F45D.job
[29/04/2008 13:54][--ah-----] C:\windows\tasks\SA.DAT
[10/08/2004 14:00][-r-h-----] C:\windows\tasks\desktop.ini

B8CA41DD81E1F45D.job <--> c:\docume~1\kalash91\applic~1\fasthi~1\Acidtrustjump.exe

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[05/03/2007|18:40] C:\Program Files\ACE Mega CoDecS Pack
[28/04/2008|15:58] C:\Program Files\Adobe
[07/02/2008|00:42] C:\Program Files\AGEIA Technologies
[05/03/2007|10:23] C:\Program Files\Alwil Software
[27/02/2008|23:15] C:\Program Files\Canon
[28/04/2008|15:47] C:\Program Files\CCleaner
[27/09/2006|23:49] C:\Program Files\Common Files
[15/09/2006|14:36] C:\Program Files\ComPlus Applications
[18/11/2007|11:47] C:\Program Files\Creative
[01/08/2007|19:45] C:\Program Files\DAEMON Tools
[31/12/2007|17:57] C:\Program Files\DivX
[29/04/2008|12:07] C:\Program Files\eMule
[28/04/2008|15:59] C:\Program Files\epson
[28/04/2008|17:06] C:\Program Files\Fichiers communs
[28/04/2008|17:04] C:\Program Files\FileZilla
[28/04/2008|16:54] C:\Program Files\InstallShield Installation Information
[05/03/2007|09:44] C:\Program Files\Intel
[09/04/2008|13:12] C:\Program Files\Internet Explorer
[13/03/2008|20:00] C:\Program Files\Java
[28/04/2008|16:21] C:\Program Files\Kodak
[05/08/2007|09:07] C:\Program Files\Lavasoft
[27/09/2006|23:52] C:\Program Files\ltmoh
[27/09/2006|23:52] C:\Program Files\Messenger
[31/12/2007|05:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[27/09/2006|23:52] C:\Program Files\microsoft frontpage
[01/04/2007|22:26] C:\Program Files\Microsoft Office
[01/04/2007|22:26] C:\Program Files\Microsoft Visual Studio
[01/04/2007|22:20] C:\Program Files\Microsoft Visual Studio 8
[01/04/2007|22:27] C:\Program Files\Microsoft Works
[01/04/2007|22:24] C:\Program Files\Microsoft.NET
[28/04/2008|16:20] C:\Program Files\Movie Collection
[27/09/2006|23:52] C:\Program Files\Movie Maker
[29/04/2008|15:12] C:\Program Files\Mozilla Firefox
[20/03/2007|21:26] C:\Program Files\MSN
[27/09/2006|23:52] C:\Program Files\MSN Gaming Zone
[05/03/2007|23:32] C:\Program Files\MSXML 4.0
[25/03/2007|23:08] C:\Program Files\Nero
[28/04/2008|15:41] C:\Program Files\NetAnts
[27/09/2006|23:52] C:\Program Files\NetMeeting
[18/11/2007|18:15] C:\Program Files\Neuf
[27/09/2006|23:53] C:\Program Files\Online Services
[24/06/2007|10:04] C:\Program Files\Outlook Express
[27/04/2008|19:00] C:\Program Files\QuickTime
[27/09/2006|23:53] C:\Program Files\Realtek
[27/09/2006|23:53] C:\Program Files\Services en ligne
[29/04/2008|12:11] C:\Program Files\Spybot - Search & Destroy
[29/04/2008|11:58] C:\Program Files\Spyware Doctor
[27/09/2006|23:54] C:\Program Files\Synaptics
[29/04/2008|12:13] C:\Program Files\Toshiba
[15/09/2006|15:50] C:\Program Files\Uninstall Information
[23/06/2007|19:02] C:\Program Files\uTorrent
[05/05/2007|13:37] C:\Program Files\VideoLAN
[06/03/2008|22:42] C:\Program Files\VirtualDJ
[08/03/2007|18:13] C:\Program Files\WinAce
[27/09/2006|23:55] C:\Program Files\Windows Desktop Search
[29/04/2008|12:15] C:\Program Files\Windows Live
[25/04/2008|20:00] C:\Program Files\Windows Live Safety Center
[06/03/2007|17:02] C:\Program Files\Windows Media Player
[27/09/2006|23:55] C:\Program Files\Windows NT
[27/09/2006|23:55] C:\Program Files\Windows Plus
[15/09/2006|14:39] C:\Program Files\WindowsUpdate
[27/09/2006|23:55] C:\Program Files\X10 Hardware
[27/09/2006|23:55] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[28/04/2008|15:58] C:\Program Files\Fichiers communs\Adobe
[28/03/2007|18:52] C:\Program Files\Fichiers communs\Adobe Systems Shared
[25/03/2007|23:11] C:\Program Files\Fichiers communs\Ahead
[01/04/2007|22:26] C:\Program Files\Fichiers communs\DESIGNER
[12/05/2007|14:13] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[27/02/2008|23:21] C:\Program Files\Fichiers communs\InstallShield
[27/09/2006|23:49] C:\Program Files\Fichiers communs\Java
[30/12/2007|18:03] C:\Program Files\Fichiers communs\Labtec
[01/02/2008|17:06] C:\Program Files\Fichiers communs\LogiShrd
[24/12/2007|13:50] C:\Program Files\Fichiers communs\Microsoft Shared
[27/09/2006|23:50] C:\Program Files\Fichiers communs\MSSoap
[27/09/2006|23:50] C:\Program Files\Fichiers communs\ODBC
[27/09/2006|23:50] C:\Program Files\Fichiers communs\Services
[27/09/2006|23:50] C:\Program Files\Fichiers communs\SpeechEngines
[05/03/2007|10:02] C:\Program Files\Fichiers communs\Symantec Shared
[24/06/2007|10:04] C:\Program Files\Fichiers communs\System
[24/12/2007|13:50] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07/02/2008|00:42] C:\Program Files\Fichiers communs\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 65

iexplore.exe ~ [2052]
iexplore.exe ~ [2380]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1
C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\Acidtrustjump.exe
C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\Dupe peak hole time.exe
C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\kigmhkps.exe
C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\SpamFlap.exe
C:\windows\Tasks\B8CA41DD81E1F45D.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"second dart"="C:\\DOCUME~1\\kalash91\\APPLIC~1\\FASTHI~1\\SpamFlap.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE


-> 8142 ( 70 ## added by CiD )

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-29 16:14:07
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:11][Doss:3] C:\DOCUME~1\kalash91\LOCALS~1\Temp
/!\ [Fich:18][Doss:0] C:\DOCUME~1\kalash91\Cookies
/!\ [Fich:120][Doss:6] C:\DOCUME~1\kalash91\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 16:14:33,09 ]----------------------

Re,

Relance Lop S&D

Choisis cette fois ci l'Option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

Ok voilà le deuxième rapport Lop S&D



-----------------------[ Lop S&D 4.2.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : kalash91 ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 29/04/2008 | 16:25:11,65 ] [ PC : KALASH ]
[ MAJ : 27-04-2008 | 11:15 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\Acidtrustjump.exe
Supprimé! - C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\Dupe peak hole time.exe
Supprimé! - C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\kigmhkps.exe
Supprimé! - C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\SpamFlap.exe
Supprimé! - C:\windows\Tasks\B8CA41DD81E1F45D.job
Supprimé! - C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[22/09/2006|15:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[15/09/2006|16:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[05/03/2007|09:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba
[27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Desktop Search

[28/04/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\118300.34
[05/08/2007|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[11/11/2007|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[28/03/2007|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[27/04/2008|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[15/09/2006|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/09/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[27/02/2008|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
[30/06/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/08/2007|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[05/03/2007|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[27/04/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[05/08/2007|01:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[08/03/2007|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[29/04/2008|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/04/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[25/03/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[25/05/2007|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[19/04/2008|02:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roam Program Comp About
[03/12/2007|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SimCity Societies
[29/04/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[05/03/2007|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[29/04/2008|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[27/02/2008|23:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[02/04/2007|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/12/2007|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[22/09/2006|15:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[15/09/2006|16:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/03/2007|09:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba
[27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Windows Desktop Search

[23/12/2007|19:00] C:\DOCUME~1\kalash91\APPLIC~1\1&1
[28/04/2008|15:58] C:\DOCUME~1\kalash91\APPLIC~1\Adobe
[20/03/2007|20:14] C:\DOCUME~1\kalash91\APPLIC~1\AdobeUM
[26/04/2007|19:23] C:\DOCUME~1\kalash91\APPLIC~1\Ahead
[01/02/2008|16:57] C:\DOCUME~1\kalash91\APPLIC~1\AlauxSoft
[22/09/2006|15:12] C:\DOCUME~1\kalash91\APPLIC~1\ATI
[29/12/2007|18:35] C:\DOCUME~1\kalash91\APPLIC~1\Canon
[09/09/2007|18:26] C:\DOCUME~1\kalash91\APPLIC~1\Crystal FTP
[15/09/2006|16:31] C:\DOCUME~1\kalash91\APPLIC~1\desktop.ini
[02/07/2007|01:28] C:\DOCUME~1\kalash91\APPLIC~1\Disney Interactive Studios
[19/07/2007|13:33] C:\DOCUME~1\kalash91\APPLIC~1\dvdcss
[27/02/2008|23:32] C:\DOCUME~1\kalash91\APPLIC~1\EPSON
[09/12/2007|19:42] C:\DOCUME~1\kalash91\APPLIC~1\Gearbox Software
[15/02/2008|22:36] C:\DOCUME~1\kalash91\APPLIC~1\GetRight
[06/03/2008|21:35] C:\DOCUME~1\kalash91\APPLIC~1\GetRightToGo
[25/03/2008|14:07] C:\DOCUME~1\kalash91\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
[09/04/2007|21:29] C:\DOCUME~1\kalash91\APPLIC~1\GlobalSCAPE
[08/03/2007|18:04] C:\DOCUME~1\kalash91\APPLIC~1\Help
[27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Identities
[09/03/2008|15:37] C:\DOCUME~1\kalash91\APPLIC~1\Imperium Romanum
[27/02/2008|23:14] C:\DOCUME~1\kalash91\APPLIC~1\InstallShield
[05/03/2007|09:45] C:\DOCUME~1\kalash91\APPLIC~1\Intel
[05/03/2007|09:52] C:\DOCUME~1\kalash91\APPLIC~1\InterVideo
[29/04/2008|12:10] C:\DOCUME~1\kalash91\APPLIC~1\Lavasoft
[08/03/2007|19:45] C:\DOCUME~1\kalash91\APPLIC~1\Macromedia
[09/12/2007|01:01] C:\DOCUME~1\kalash91\APPLIC~1\Microgaming
[27/04/2008|21:25] C:\DOCUME~1\kalash91\APPLIC~1\Microsoft
[05/03/2007|11:28] C:\DOCUME~1\kalash91\APPLIC~1\Mozilla
[05/03/2007|10:56] C:\DOCUME~1\kalash91\APPLIC~1\MSNInstaller
[30/11/2007|14:00] C:\DOCUME~1\kalash91\APPLIC~1\Nvu
[28/03/2007|23:04] C:\DOCUME~1\kalash91\APPLIC~1\Opera
[29/04/2008|11:42] C:\DOCUME~1\kalash91\APPLIC~1\PC Tools
[11/03/2007|00:50] C:\DOCUME~1\kalash91\APPLIC~1\Real
[21/06/2007|18:47] C:\DOCUME~1\kalash91\APPLIC~1\SecuROM
[27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Sonic
[18/03/2007|18:45] C:\DOCUME~1\kalash91\APPLIC~1\Sports Interactive
[16/03/2007|18:56] C:\DOCUME~1\kalash91\APPLIC~1\Sun
[27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\toshiba
[30/06/2007|20:30] C:\DOCUME~1\kalash91\APPLIC~1\UseNeXT
[31/03/2008|22:39] C:\DOCUME~1\kalash91\APPLIC~1\uTorrent
[05/05/2007|13:42] C:\DOCUME~1\kalash91\APPLIC~1\vlc
[27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Windows Desktop Search

[05/03/2007|09:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
[27/09/2006|23:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[27/09/2006|23:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

[05/03/2007|09:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
[27/09/2006|23:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\windows\tasks ]---------------

[29/04/2008 13:54][--ah-----] C:\windows\tasks\SA.DAT
[10/08/2004 14:00][-r-h-----] C:\windows\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[05/03/2007|18:40] C:\Program Files\ACE Mega CoDecS Pack
[28/04/2008|15:58] C:\Program Files\Adobe
[07/02/2008|00:42] C:\Program Files\AGEIA Technologies
[05/03/2007|10:23] C:\Program Files\Alwil Software
[27/02/2008|23:15] C:\Program Files\Canon
[28/04/2008|15:47] C:\Program Files\CCleaner
[27/09/2006|23:49] C:\Program Files\Common Files
[15/09/2006|14:36] C:\Program Files\ComPlus Applications
[18/11/2007|11:47] C:\Program Files\Creative
[01/08/2007|19:45] C:\Program Files\DAEMON Tools
[31/12/2007|17:57] C:\Program Files\DivX
[29/04/2008|16:22] C:\Program Files\eMule
[28/04/2008|15:59] C:\Program Files\epson
[28/04/2008|17:06] C:\Program Files\Fichiers communs
[28/04/2008|17:04] C:\Program Files\FileZilla
[28/04/2008|16:54] C:\Program Files\InstallShield Installation Information
[05/03/2007|09:44] C:\Program Files\Intel
[09/04/2008|13:12] C:\Program Files\Internet Explorer
[13/03/2008|20:00] C:\Program Files\Java
[28/04/2008|16:21] C:\Program Files\Kodak
[05/08/2007|09:07] C:\Program Files\Lavasoft
[27/09/2006|23:52] C:\Program Files\ltmoh
[27/09/2006|23:52] C:\Program Files\Messenger
[31/12/2007|05:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[27/09/2006|23:52] C:\Program Files\microsoft frontpage
[01/04/2007|22:26] C:\Program Files\Microsoft Office
[01/04/2007|22:26] C:\Program Files\Microsoft Visual Studio
[01/04/2007|22:20] C:\Program Files\Microsoft Visual Studio 8
[01/04/2007|22:27] C:\Program Files\Microsoft Works
[01/04/2007|22:24] C:\Program Files\Microsoft.NET
[28/04/2008|16:20] C:\Program Files\Movie Collection
[27/09/2006|23:52] C:\Program Files\Movie Maker
[29/04/2008|15:12] C:\Program Files\Mozilla Firefox
[20/03/2007|21:26] C:\Program Files\MSN
[27/09/2006|23:52] C:\Program Files\MSN Gaming Zone
[05/03/2007|23:32] C:\Program Files\MSXML 4.0
[25/03/2007|23:08] C:\Program Files\Nero
[28/04/2008|15:41] C:\Program Files\NetAnts
[27/09/2006|23:52] C:\Program Files\NetMeeting
[18/11/2007|18:15] C:\Program Files\Neuf
[27/09/2006|23:53] C:\Program Files\Online Services
[24/06/2007|10:04] C:\Program Files\Outlook Express
[27/04/2008|19:00] C:\Program Files\QuickTime
[27/09/2006|23:53] C:\Program Files\Realtek
[27/09/2006|23:53] C:\Program Files\Services en ligne
[29/04/2008|12:11] C:\Program Files\Spybot - Search & Destroy
[29/04/2008|11:58] C:\Program Files\Spyware Doctor
[27/09/2006|23:54] C:\Program Files\Synaptics
[29/04/2008|12:13] C:\Program Files\Toshiba
[15/09/2006|15:50] C:\Program Files\Uninstall Information
[23/06/2007|19:02] C:\Program Files\uTorrent
[05/05/2007|13:37] C:\Program Files\VideoLAN
[06/03/2008|22:42] C:\Program Files\VirtualDJ
[08/03/2007|18:13] C:\Program Files\WinAce
[27/09/2006|23:55] C:\Program Files\Windows Desktop Search
[29/04/2008|12:15] C:\Program Files\Windows Live
[25/04/2008|20:00] C:\Program Files\Windows Live Safety Center
[06/03/2007|17:02] C:\Program Files\Windows Media Player
[27/09/2006|23:55] C:\Program Files\Windows NT
[27/09/2006|23:55] C:\Program Files\Windows Plus
[15/09/2006|14:39] C:\Program Files\WindowsUpdate
[27/09/2006|23:55] C:\Program Files\X10 Hardware
[27/09/2006|23:55] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[28/04/2008|15:58] C:\Program Files\Fichiers communs\Adobe
[28/03/2007|18:52] C:\Program Files\Fichiers communs\Adobe Systems Shared
[25/03/2007|23:11] C:\Program Files\Fichiers communs\Ahead
[01/04/2007|22:26] C:\Program Files\Fichiers communs\DESIGNER
[12/05/2007|14:13] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[27/02/2008|23:21] C:\Program Files\Fichiers communs\InstallShield
[27/09/2006|23:49] C:\Program Files\Fichiers communs\Java
[30/12/2007|18:03] C:\Program Files\Fichiers communs\Labtec
[01/02/2008|17:06] C:\Program Files\Fichiers communs\LogiShrd
[24/12/2007|13:50] C:\Program Files\Fichiers communs\Microsoft Shared
[27/09/2006|23:50] C:\Program Files\Fichiers communs\MSSoap
[27/09/2006|23:50] C:\Program Files\Fichiers communs\ODBC
[27/09/2006|23:50] C:\Program Files\Fichiers communs\Services
[27/09/2006|23:50] C:\Program Files\Fichiers communs\SpeechEngines
[05/03/2007|10:02] C:\Program Files\Fichiers communs\Symantec Shared
[24/06/2007|10:04] C:\Program Files\Fichiers communs\System
[24/12/2007|13:50] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07/02/2008|00:42] C:\Program Files\Fichiers communs\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 65

iexplore.exe ~ [1180]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-29 16:27:25
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:11][Doss:4] C:\DOCUME~1\kalash91\LOCALS~1\Temp
/!\ [Fich:18][Doss:0] C:\DOCUME~1\kalash91\Cookies
/!\ [Fich:120][Doss:6] C:\DOCUME~1\kalash91\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 16:27:44,79 ]----------------------

Up

Reposte un rapport Hijackthis et pas besoin de uper.

Ok voila le rapport hijack, et j'up plus desoler :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:43:50, on 29/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\windows\system32\TPSMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\windows\system32\TPSBattM.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\windows\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\windows\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\windows\System32\alg.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\kalash91\Bureau\HiJackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.1and1.fr/?ref=EasyLogin
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: NetAnts.IE.Monitor - {57E91B41-F40A-11D1-B792-444553540000} - C:\Program Files\NetAnts\AntAPI.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [Comp about extra bin] C:\Documents and Settings\All Users\Application Data\Roam Program Comp About\bait fork.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S120.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download by NetAnts - C:\PROGRA~1\NetAnts\NAGet.htm
O8 - Extra context menu item: Download &All by NetAnts - C:\PROGRA~1\NetAnts\NAGetAll.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://mppv2flash3.valueactive.com/UniBet/FlashAX.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 12016 bytes

Re,

Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES



Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne l'emplacement dans le cadre ci-dessous :


---> Clique-droit puis Copier (ou Ctrl+C)

Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]

[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

->Informations sur le logiciel<-

Voila :


C:\Documents and Settings\All Users\Application Data\Roam Program Comp About moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 04292008_205858

Bonjour,
Est ce le bon fichier .log ??

Oui.
Reposte un rapport Hijackthis.

Bonjour
voila le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:16:17, on 30/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\windows\System32\alg.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\AGRSMMSG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\windows\system32\TPSMain.exe
C:\windows\system32\rundll32.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\system32\TPSBattM.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\kalash91\Bureau\HiJackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.1and1.fr/?ref=EasyLogin
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: NetAnts.IE.Monitor - {57E91B41-F40A-11D1-B792-444553540000} - C:\Program Files\NetAnts\AntAPI.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S120.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download by NetAnts - C:\PROGRA~1\NetAnts\NAGet.htm
O8 - Extra context menu item: Download &All by NetAnts - C:\PROGRA~1\NetAnts\NAGetAll.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://mppv2flash3.valueactive.com/UniBet/FlashAX.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 11751 bytes

On termine  

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

Bonjour

j'essai d'effectuer un scan complet mais celui ci bloque a 15,9%

et je ne sais pas pourquoi.

Meci

Nan c'est bon sa scan, je posterai le log des le scan terminé

Ok  

Voici enfin le rapport de antivir :




Avira AntiVir Personal
Report file date: jeudi 1 mai 2008 12:24

Scanning for 1245960 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: KALASH

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 30/04/2008 16:06:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 30/04/2008 16:06:56
LUKE.DLL : 8.1.2.9 151809 Bytes 30/04/2008 16:06:57
LUKERES.DLL : 8.1.2.1 12033 Bytes 30/04/2008 16:06:57
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 16:06:58
ANTIVIR2.VDF : 7.0.3.197 1260032 Bytes 22/04/2008 16:06:59
ANTIVIR3.VDF : 7.0.3.235 248832 Bytes 30/04/2008 16:06:59
Engineversion : 8.1.0.37
AEVDF.DLL : 8.1.0.5 102772 Bytes 30/04/2008 16:07:00
AESCRIPT.DLL : 8.1.0.28 233851 Bytes 30/04/2008 16:07:00
AESCN.DLL : 8.1.0.15 119157 Bytes 30/04/2008 16:07:00
AERDL.DLL : 8.1.0.20 418165 Bytes 30/04/2008 16:07:00
AEPACK.DLL : 8.1.1.4 364918 Bytes 30/04/2008 16:06:59
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 30/04/2008 16:06:59
AEHEUR.DLL : 8.1.0.21 1196407 Bytes 30/04/2008 16:06:59
AEHELP.DLL : 8.1.0.14 115063 Bytes 30/04/2008 16:06:59
AEGEN.DLL : 8.1.0.18 299381 Bytes 30/04/2008 16:06:59
AEEMU.DLL : 8.1.0.5 430450 Bytes 30/04/2008 16:06:59
AECORE.DLL : 8.1.0.27 168310 Bytes 30/04/2008 16:06:59
AVWINLL.DLL : 1.0.0.7 14593 Bytes 30/04/2008 16:06:56
AVPREF.DLL : 8.0.0.1 25857 Bytes 30/04/2008 16:06:56
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVREG.DLL : 8.0.0.0 30977 Bytes 30/04/2008 16:06:56
AVARKT.DLL : 1.0.0.23 307457 Bytes 30/04/2008 16:06:56
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 30/04/2008 16:06:56
SQLITE3.DLL : 3.3.17.1 339968 Bytes 30/04/2008 16:06:58
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 30/04/2008 16:06:58
NETNT.DLL : 8.0.0.1 7937 Bytes 30/04/2008 16:06:57
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 30/04/2008 16:06:51
RCTEXT.DLL : 8.0.32.0 86273 Bytes 30/04/2008 16:06:51

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 1 mai 2008 12:24

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'Dot1XCfg.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'CFXFER.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'X10nets.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'TAPPSRV.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'pctsSvc.exe' - '1' Module(s) have been scanned
Scan process 'pctsAuxs.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'CFSvcs.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'TOSCDSPD.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'pctsTray.exe' - '1' Module(s) have been scanned
Scan process '9wifi.exe' - '1' Module(s) have been scanned
Scan process 'CFSServ.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'TPSBattM.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned
Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned
Scan process 'TFncKy.exe' - '1' Module(s) have been scanned
Scan process 'Toshiba.exe' - '1' Module(s) have been scanned
Scan process 'TvsTray.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'NDSTray.exe' - '1' Module(s) have been scanned
Scan process 'TPSMain.exe' - '1' Module(s) have been scanned
Scan process 'THotkey.exe' - '1' Module(s) have been scanned
Scan process 'agrsmmsg.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
66 processes with 66 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '35' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Lop SD\Backup-Lop\F\Acidtrustjump.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '4882ba8f.qua'!
C:\Lop SD\Backup-Lop\F\SpamFlap.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '487abaa2.qua'!
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP461\A0120098.exe
[DETECTION] Contains detection pattern of the dropper DR/Mostofate.DO
[NOTE] The file was moved to '484ac1b0.qua'!
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP461\A0120099.exe
[DETECTION] Contains detection pattern of the dropper DR/Mostofate.AH.27
[NOTE] The file was moved to '484ac1b3.qua'!
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP477\A0122853.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '484ac20d.qua'!
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP519\A0124065.exe
[DETECTION] Contains detection pattern of the dropper DR/Mostofate.DO
[NOTE] The file was moved to '484ac26f.qua'!
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP519\A0124066.exe
[DETECTION] Contains detection pattern of the dropper DR/Mostofate.AH.27
[NOTE] The file was moved to '484ac270.qua'!
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP522\A0124432.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '484ac281.qua'!
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP522\A0124435.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '484ac282.qua'!
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP524\A0124777.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '484ac2ad.qua'!
C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP524\A0124778.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '49f74db6.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!


End of the scan: jeudi 1 mai 2008 15:28
Used time: 3:04:07 min

The scan has been done completely.

6851 Scanning directories
305714 Files were scanned
11 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
11 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
305703 Files not concerned
8383 Archives were scanned
3 Warnings
11 Notes

Reposte un rapport Hijackthis.

voila le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:54:37, on 01/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\system32\rundll32.exe
C:\windows\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\windows\system32\TPSMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\windows\system32\TPSBattM.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\windows\System32\alg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\kalash91\Bureau\HiJackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.1and1.fr/?ref=EasyLogin
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: NetAnts.IE.Monitor - {57E91B41-F40A-11D1-B792-444553540000} - C:\Program Files\NetAnts\AntAPI.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S120.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download by NetAnts - C:\PROGRA~1\NetAnts\NAGet.htm
O8 - Extra context menu item: Download &All by NetAnts - C:\PROGRA~1\NetAnts\NAGetAll.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://mppv2flash3.valueactive.com/UniBet/FlashAX.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 11735 bytes

Encore des soucis ?

Parfois oui on dirais que mon pc est lent mais des que je redemarre tout redevient normal

merci

Pas lié à un virus ça.

ok mais en tout cas je te remercie beaucoup parce je n'est plus de fenetre qui s'ouvre a tout bout de champ

MERCI

Bonne continuation  

Télécharge ToolsCleaner sur ton Bureau.

Clique sur Recherche et laisse le scan se terminer.

Clique sur Suppression pour finaliser.

Clique sur Quitter, pour que le rapport puisse se créer.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

Désactive puis réactive la restauration du système : Voir aide

Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer"
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"

Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :