iexplore.exe pb

Ce sujet a été déplacé de la catégorie Hardware vers la catégorie Sécurité - Virus par Dafen@IDN

Une reponse svp ?

bonsoir

ce n'est pas forcément un virus
d'autant que ton log hijackthis n'est pas complet, c'est d'ailleurs le même que celui que tu as posté ici:
http://www.commentcamarche.net/forum/affich-7815776-iex...
 

poste un log entier stp

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:09:49, on 10/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
c:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\WebProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavBckPT.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\psimreal.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\avciman.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CAMP SHIM EXIT HECK] C:\Documents and Settings\All Users\Application Data\That Face Camp Shim\bold gram.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe

--
End of file - 8846 bytes

???????

bonsoir,
j'ai une vie, tout comme toi.  

il y a une infection lop, mais je pense que ton problème est plutôt d'ordre logiciel...

Télécharge Lop S&D.exe sur ton bureau

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton bureau

Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )

Patiente jusqu'à la fin du scan

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

merci de m'avoir répondu voici le rapport :



--------------------\\ Lop S&D 4.2.2-6 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Nath] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 12/08/2008 | 0:13:17,39 ] [ PC : -PERSO ]
[ MAJ : 09-08-2008 | 21:15 ]

--------------------\\ Listing des dossiers dans APPLIC~1



[17/07/2008|18:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[17/07/2008|22:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[17/04/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
[16/11/2007|21:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[09/08/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/07/2008|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/11/2007|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[11/08/2008|00:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[08/08/2008|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\That Face Camp Shim
[21/11/2007|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04/12/2007|22:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/07/2008|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller


[16/11/2007|21:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/11/2007|21:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[19/11/2007|19:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[04/04/2008|18:58] C:\DOCUME~1\Nathalie\APPLIC~1\Adobe
[16/11/2007|22:06] C:\DOCUME~1\Nathalie\APPLIC~1\ATI
[16/11/2007|21:33] C:\DOCUME~1\Nathalie\APPLIC~1\desktop.ini
[15/02/2008|17:53] C:\DOCUME~1\Nathalie\APPLIC~1\DivX
[17/07/2008|16:31] C:\DOCUME~1\Nathalie\APPLIC~1\Google
[16/11/2007|21:44] C:\DOCUME~1\Nathalie\APPLIC~1\Identities
[09/08/2008|12:38] C:\DOCUME~1\Nathalie\APPLIC~1\Launch Internet Explorer Browser.lnk
[27/11/2007|14:10] C:\DOCUME~1\Nathalie\APPLIC~1\LimeWire
[02/03/2008|22:37] C:\DOCUME~1\Nathalie\APPLIC~1\Macromedia
[05/06/2008|14:48] C:\DOCUME~1\Nathalie\APPLIC~1\Microsoft
[17/07/2008|18:20] C:\DOCUME~1\Nathalie\APPLIC~1\Mozilla
[27/04/2008|20:34] C:\DOCUME~1\Nathalie\APPLIC~1\MSN6
[24/01/2008|23:05] C:\DOCUME~1\Nathalie\APPLIC~1\Shareaza
[30/03/2008|20:20] C:\DOCUME~1\Nathalie\APPLIC~1\Sports Interactive
[16/04/2008|20:35] C:\DOCUME~1\Nathalie\APPLIC~1\stopbat(2)
[18/01/2008|23:00] C:\DOCUME~1\Nathalie\APPLIC~1\Sun
[05/05/2008|19:39] C:\DOCUME~1\Nathalie\APPLIC~1\teamspeak2
[12/08/2008|00:13] C:\DOCUME~1\Nathalie\APPLIC~1\uTorrent
[27/11/2007|19:45] C:\DOCUME~1\Nathalie\APPLIC~1\WinRAR
[01/02/2008|22:07] C:\DOCUME~1\Nathalie\APPLIC~1\Yahoo!

[16/11/2007|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/08/2008 14:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[17/07/2008|22:13] C:\Program Files\Adobe
[19/11/2007|19:07] C:\Program Files\Alwil Software
[16/11/2007|22:04] C:\Program Files\ATI Technologies
[10/08/2008|18:19] C:\Program Files\CCleaner
[14/01/2008|14:12] C:\Program Files\changes.txt
[16/11/2007|21:38] C:\Program Files\ComPlus Applications
[20/11/2007|19:38] C:\Program Files\DIFX
[01/02/2008|22:07] C:\Program Files\DivX
[24/01/2008|22:45] C:\Program Files\eMule
[09/08/2008|21:04] C:\Program Files\Fichiers communs
[10/08/2008|14:20] C:\Program Files\FlashGet
[14/01/2008|14:51] C:\Program Files\fraps.dll
[14/01/2008|14:53] C:\Program Files\fraps.exe
[14/01/2008|14:51] C:\Program Files\fraps64.dat
[14/01/2008|14:51] C:\Program Files\fraps64.dll
[14/01/2008|14:51] C:\Program Files\frapslcd.dll
[10/08/2008|00:32] C:\Program Files\Google
[08/08/2008|17:21] C:\Program Files\HELP
[09/08/2008|21:04] C:\Program Files\InstallShield Installation Information
[09/08/2008|12:56] C:\Program Files\Internet Explorer
[17/07/2008|15:51] C:\Program Files\Java
[16/04/2008|20:34] C:\Program Files\Java(2)
[17/04/2008|19:50] C:\Program Files\Logitech
[21/11/2007|01:03] C:\Program Files\Messenger
[17/07/2008|22:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[16/11/2007|21:40] C:\Program Files\microsoft frontpage
[16/11/2007|23:00] C:\Program Files\Microsoft Office
[16/11/2007|23:00] C:\Program Files\Microsoft Visual Studio
[19/11/2007|20:38] C:\Program Files\Movie Maker
[11/08/2008|23:05] C:\Program Files\Mozilla Firefox
[19/11/2007|18:56] C:\Program Files\MSN
[16/11/2007|21:38] C:\Program Files\MSN Gaming Zone
[22/11/2007|10:47] C:\Program Files\MSXML 4.0
[19/11/2007|20:37] C:\Program Files\NetMeeting
[21/11/2007|01:03] C:\Program Files\Outlook Express
[17/04/2008|19:06] C:\Program Files\Panda Software
[09/08/2008|12:29] C:\Program Files\Power IE
[14/01/2008|14:07] C:\Program Files\README.HTM
[16/11/2007|22:52] C:\Program Files\Realtek
[04/01/2002|15:43] C:\Program Files\rfactor
[16/11/2007|21:38] C:\Program Files\Services en ligne
[24/01/2008|23:05] C:\Program Files\Shareaza
[11/08/2008|22:12] C:\Program Files\steam
[24/02/2008|17:35] C:\Program Files\Teamspeak2_RC2
[19/11/2007|18:45] C:\Program Files\TELE2
[18/07/2008|11:02] C:\Program Files\Trend Micro
[16/11/2007|21:44] C:\Program Files\Uninstall Information
[08/08/2008|17:21] C:\Program Files\uninstall.exe
[10/08/2008|14:22] C:\Program Files\uTorrent
[09/08/2008|21:04] C:\Program Files\WebTV
[18/07/2008|21:04] C:\Program Files\Windows Live
[04/12/2007|18:57] C:\Program Files\Windows Media Player
[19/11/2007|20:37] C:\Program Files\Windows NT
[19/11/2007|19:20] C:\Program Files\WindowsUpdate
[27/11/2007|19:45] C:\Program Files\WinRAR
[16/11/2007|21:40] C:\Program Files\xerox
[10/08/2008|18:19] C:\Program Files\Yahoo!
[30/03/2008|20:23] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[14/01/2008|19:48] C:\Program Files\Fichiers communs\Adobe
[16/11/2007|22:04] C:\Program Files\Fichiers communs\ATI Technologies
[16/11/2007|23:00] C:\Program Files\Fichiers communs\Designer
[16/11/2007|22:01] C:\Program Files\Fichiers communs\InstallShield
[16/04/2008|20:35] C:\Program Files\Fichiers communs\Java
[16/04/2008|20:34] C:\Program Files\Fichiers communs\Java(2)
[21/11/2007|15:53] C:\Program Files\Fichiers communs\Logitech
[10/08/2008|00:23] C:\Program Files\Fichiers communs\Microsoft Shared
[16/11/2007|21:39] C:\Program Files\Fichiers communs\MSSoap
[16/11/2007|21:33] C:\Program Files\Fichiers communs\ODBC
[17/04/2008|19:05] C:\Program Files\Fichiers communs\Panda Software
[16/11/2007|21:39] C:\Program Files\Fichiers communs\Services
[16/11/2007|21:33] C:\Program Files\Fichiers communs\SpeechEngines
[21/11/2007|01:03] C:\Program Files\Fichiers communs\System
[17/07/2008|18:29] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

... OK !

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\Nathalie\LOCALS~1\Temp\bis2D.exe
C:\DOCUME~1\Nathalie\LOCALS~1\Temp\bis69.exe
C:\DOCUME~1\Nathalie\LOCALS~1\Temp\bisF.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\That Face Camp Shim
C:\DOCUME~1\ALLUSE~1\APPLIC~1\That Face Camp Shim\bold gram.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\That Face Camp Shim\PHONE OPEN.exe
C:\DOCUME~1\Nathalie\Cookies\nathalie@adin.bigpoint[1].txt
C:\DOCUME~1\Nathalie\Cookies\nathalie@bigpoint[1].txt
C:\DOCUME~1\Nathalie\Cookies\nathalie@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\Nathalie\Cookies\nathalie@fr1.seafight.bigpoint[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CAMP SHIM EXIT HECK"="C:\\Documents and Settings\\All Users\\Application Data\\That Face Camp Shim\\bold gram.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

/!\ 1 Not 127.0.0.1 !!

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-12 00:15:05
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 10

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

=> C:\DOCUME~1\Nathalie\Application Data\uTorrent\Football Manager 2008 (PC) + crack.torrent


[F:391][D:8]-> C:\DOCUME~1\Nathalie\LOCALS~1\Temp
[F:17][D:0]-> C:\DOCUME~1\Nathalie\Cookies
[F:194][D:4]-> C:\DOCUME~1\Nathalie\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 0:15:50,40

bonsoir

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )


ajoute un log hijackthis stp

Bonsoir :
Voici le rapport lopR.txt



--------------------\\ Lop S&D 4.2.2-6 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 12/08/2008 | 22:14:03,39 ] [ PC : PERSO ]
[ MAJ : 09-08-2008 | 21:15 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\That Face Camp Shim\bold gram.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\That Face Camp Shim\PHONE OPEN.exe
Supprime! - C:\DOCUME~1\Nathalie\Cookies\nathalie@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\Nathalie\Cookies\nathalie@bigpoint[1].txt
Supprime! - C:\DOCUME~1\Nathalie\Cookies\nathalie@fr1.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\Nathalie\LOCALS~1\Temp\bis2D.exe
Supprime! - C:\DOCUME~1\Nathalie\LOCALS~1\Temp\bis69.exe
Supprime! - C:\DOCUME~1\Nathalie\LOCALS~1\Temp\bisF.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\That Face Camp Shim
RestaurÚ! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1



[17/07/2008|18:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[17/07/2008|22:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[17/04/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
[16/11/2007|21:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[09/08/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/07/2008|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/11/2007|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[11/08/2008|00:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[21/11/2007|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04/12/2007|22:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/07/2008|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller


[16/11/2007|21:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/11/2007|21:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[19/11/2007|19:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[04/04/2008|18:58] C:\DOCUME~1\Nathalie\APPLIC~1\Adobe
[16/11/2007|22:06] C:\DOCUME~1\Nathalie\APPLIC~1\ATI
[16/11/2007|21:33] C:\DOCUME~1\Nathalie\APPLIC~1\desktop.ini
[15/02/2008|17:53] C:\DOCUME~1\Nathalie\APPLIC~1\DivX
[17/07/2008|16:31] C:\DOCUME~1\Nathalie\APPLIC~1\Google
[16/11/2007|21:44] C:\DOCUME~1\Nathalie\APPLIC~1\Identities
[09/08/2008|12:38] C:\DOCUME~1\Nathalie\APPLIC~1\Launch Internet Explorer Browser.lnk
[27/11/2007|14:10] C:\DOCUME~1\Nathalie\APPLIC~1\LimeWire
[02/03/2008|22:37] C:\DOCUME~1\Nathalie\APPLIC~1\Macromedia
[05/06/2008|14:48] C:\DOCUME~1\Nathalie\APPLIC~1\Microsoft
[17/07/2008|18:20] C:\DOCUME~1\Nathalie\APPLIC~1\Mozilla
[27/04/2008|20:34] C:\DOCUME~1\Nathalie\APPLIC~1\MSN6
[24/01/2008|23:05] C:\DOCUME~1\Nathalie\APPLIC~1\Shareaza
[30/03/2008|20:20] C:\DOCUME~1\Nathalie\APPLIC~1\Sports Interactive
[16/04/2008|20:35] C:\DOCUME~1\Nathalie\APPLIC~1\stopbat(2)
[18/01/2008|23:00] C:\DOCUME~1\Nathalie\APPLIC~1\Sun
[05/05/2008|19:39] C:\DOCUME~1\Nathalie\APPLIC~1\teamspeak2
[12/08/2008|17:28] C:\DOCUME~1\Nathalie\APPLIC~1\uTorrent
[27/11/2007|19:45] C:\DOCUME~1\Nathalie\APPLIC~1\WinRAR
[01/02/2008|22:07] C:\DOCUME~1\Nathalie\APPLIC~1\Yahoo!

[16/11/2007|21:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/08/2008 09:54][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[17/07/2008|22:13] C:\Program Files\Adobe
[19/11/2007|19:07] C:\Program Files\Alwil Software
[16/11/2007|22:04] C:\Program Files\ATI Technologies
[10/08/2008|18:19] C:\Program Files\CCleaner
[14/01/2008|14:12] C:\Program Files\changes.txt
[16/11/2007|21:38] C:\Program Files\ComPlus Applications
[20/11/2007|19:38] C:\Program Files\DIFX
[01/02/2008|22:07] C:\Program Files\DivX
[24/01/2008|22:45] C:\Program Files\eMule
[12/08/2008|17:02] C:\Program Files\Fichiers communs
[10/08/2008|14:20] C:\Program Files\FlashGet
[14/01/2008|14:51] C:\Program Files\fraps.dll
[14/01/2008|14:53] C:\Program Files\fraps.exe
[14/01/2008|14:51] C:\Program Files\fraps64.dat
[14/01/2008|14:51] C:\Program Files\fraps64.dll
[14/01/2008|14:51] C:\Program Files\frapslcd.dll
[10/08/2008|00:32] C:\Program Files\Google
[08/08/2008|17:21] C:\Program Files\HELP
[12/08/2008|15:11] C:\Program Files\InstallShield Installation Information
[09/08/2008|12:56] C:\Program Files\Internet Explorer
[17/07/2008|15:51] C:\Program Files\Java
[16/04/2008|20:34] C:\Program Files\Java(2)
[17/04/2008|19:50] C:\Program Files\Logitech
[21/11/2007|01:03] C:\Program Files\Messenger
[17/07/2008|22:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[16/11/2007|21:40] C:\Program Files\microsoft frontpage
[16/11/2007|23:00] C:\Program Files\Microsoft Office
[16/11/2007|23:00] C:\Program Files\Microsoft Visual Studio
[19/11/2007|20:38] C:\Program Files\Movie Maker
[12/08/2008|22:12] C:\Program Files\Mozilla Firefox
[19/11/2007|18:56] C:\Program Files\MSN
[16/11/2007|21:38] C:\Program Files\MSN Gaming Zone
[22/11/2007|10:47] C:\Program Files\MSXML 4.0
[19/11/2007|20:37] C:\Program Files\NetMeeting
[21/11/2007|01:03] C:\Program Files\Outlook Express
[17/04/2008|19:06] C:\Program Files\Panda Software
[09/08/2008|12:29] C:\Program Files\Power IE
[14/01/2008|14:07] C:\Program Files\README.HTM
[16/11/2007|22:52] C:\Program Files\Realtek
[04/01/2002|15:43] C:\Program Files\rfactor
[16/11/2007|21:38] C:\Program Files\Services en ligne
[24/01/2008|23:05] C:\Program Files\Shareaza
[12/08/2008|21:04] C:\Program Files\steam
[24/02/2008|17:35] C:\Program Files\Teamspeak2_RC2
[19/11/2007|18:45] C:\Program Files\TELE2
[18/07/2008|11:02] C:\Program Files\Trend Micro
[16/11/2007|21:44] C:\Program Files\Uninstall Information
[08/08/2008|17:21] C:\Program Files\uninstall.exe
[10/08/2008|14:22] C:\Program Files\uTorrent
[09/08/2008|21:04] C:\Program Files\WebTV
[18/07/2008|21:04] C:\Program Files\Windows Live
[04/12/2007|18:57] C:\Program Files\Windows Media Player
[19/11/2007|20:37] C:\Program Files\Windows NT
[19/11/2007|19:20] C:\Program Files\WindowsUpdate
[27/11/2007|19:45] C:\Program Files\WinRAR
[16/11/2007|21:40] C:\Program Files\xerox
[10/08/2008|18:19] C:\Program Files\Yahoo!
[30/03/2008|20:23] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[14/01/2008|19:48] C:\Program Files\Fichiers communs\Adobe
[16/11/2007|22:04] C:\Program Files\Fichiers communs\ATI Technologies
[16/11/2007|23:00] C:\Program Files\Fichiers communs\Designer
[12/08/2008|17:02] C:\Program Files\Fichiers communs\DirectX
[16/11/2007|22:01] C:\Program Files\Fichiers communs\InstallShield
[16/04/2008|20:35] C:\Program Files\Fichiers communs\Java
[16/04/2008|20:34] C:\Program Files\Fichiers communs\Java(2)
[21/11/2007|15:53] C:\Program Files\Fichiers communs\Logitech
[10/08/2008|00:23] C:\Program Files\Fichiers communs\Microsoft Shared
[16/11/2007|21:39] C:\Program Files\Fichiers communs\MSSoap
[16/11/2007|21:33] C:\Program Files\Fichiers communs\ODBC
[17/04/2008|19:05] C:\Program Files\Fichiers communs\Panda Software
[16/11/2007|21:39] C:\Program Files\Fichiers communs\Services
[16/11/2007|21:33] C:\Program Files\Fichiers communs\SpeechEngines
[21/11/2007|01:03] C:\Program Files\Fichiers communs\System
[17/07/2008|18:29] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Nathalie\Cookies\nathalie@adopt.euroclick[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

/!\ 1 Not 127.0.0.1 !!

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-12 22:15:39
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 10

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

=> C:\DOCUME~1\Nathalie\Application Data\uTorrent\Football Manager 2008 (PC) + crack.torrent


[F:402][D:7]-> C:\DOCUME~1\Nathalie\LOCALS~1\Temp
[F:45][D:0]-> C:\DOCUME~1\Nathalie\Cookies
[F:471][D:7]-> C:\DOCUME~1\Nathalie\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 22:16:18,03


Et le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:19:23, on 12/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
c:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\WebProxy.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavBckPT.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe

--
End of file - 8529 bytes

re

~Fais une analyse antivirus en ligne sur le site de Kaspersky
http://www.kaspersky.com/kos/eng/partner/default/kavweb...

* Clique sur Accept
* Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
* clique une nouvelle fois sur "Accept"
* Les bases de mises à jour vont s'installer, patiente un moment
* Clique sur Next.
* Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera.

Tuto du scan en ligne

Dsl de répondre 1 semaine apres mais j'ai réglé mon probleme merci pour les renseignement .


Mais là j'ai un autre probleme, c'est que les mises à jour automatiques sont désactivé et quand je veux les activés, il me refuse de les activés.

Ca me met :

Erreur 1058: Le service ne peut pas etre démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.

Bonsoir...
commence par faire ce que je te demande.