d'accord je le fais sur le champ

j'ai une question est-ce ces fichier sont utile dans c: sqmnoopt00 à 09.sqm ce sont des fichier caché

Ce sont des résidus de MSN/WLM. Non infectieux. Non indispensables.

Avira AntiVir Personal
Report file date: mardi 12 août 2008 16:01

Scanning for 1549254 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: MIKE

Version information:
BUILD.DAT : 8.1.0.326 16933 Bytes 2008-07-11 12:57:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 14:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 13:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 18:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 13:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 16:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 19:54:15
ANTIVIR2.VDF : 7.0.5.207 2316800 Bytes 2008-08-04 19:55:35
ANTIVIR3.VDF : 7.0.6.2 258560 Bytes 2008-08-12 19:55:36
Engineversion : 8.1.1.19
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-07-09 14:46:50
AESCRIPT.DLL : 8.1.0.63 311673 Bytes 2008-08-12 19:55:42
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-08-12 19:55:41
AERDL.DLL : 8.1.0.20 418165 Bytes 2008-07-09 14:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-08-12 19:55:41
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 2008-08-12 19:55:40
AEHEUR.DLL : 8.1.0.47 1368437 Bytes 2008-08-12 19:55:39
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-09 14:46:50
AEGEN.DLL : 8.1.0.35 315764 Bytes 2008-08-12 19:55:38
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-08-12 19:55:37
AECORE.DLL : 8.1.1.8 172406 Bytes 2008-08-12 19:55:37
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-04-24 14:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 14:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 15:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-08-12 19:55:36
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 17:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 14:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 18:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 23:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 18:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 18:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 19:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 19:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, G:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 12 août 2008 16:01

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PSIService.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'Runservice.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'G:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '58' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\All Users\Application Data\tkdgdulu\tgpotsvk.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE] The file was moved to '4911ecb3.qua'!
C:\System Volume Information\_restore{BA5D1D97-B507-45A5-9499-EE7DB93B4D05}\RP604\A0098082.bat
[DETECTION] Contains a recognition pattern of the (harmful) BDS/ProcKill.A.1 back-door program
[NOTE] The file was moved to '48d1f3fb.qua'!
C:\System Volume Information\_restore{BA5D1D97-B507-45A5-9499-EE7DB93B4D05}\RP604\A0098084.dll
[DETECTION] Contains recognition pattern of the WORM/Rbot.495616 worm
[NOTE] The file was moved to '49ae621c.qua'!
C:\System Volume Information\_restore{BA5D1D97-B507-45A5-9499-EE7DB93B4D05}\RP607\A0102402.exe
[DETECTION] Contains recognition pattern of the DR/Dldr.FraudLoad.vaxg.1 dropper
[NOTE] The file was moved to '48d2f409.qua'!
C:\System Volume Information\_restore{BA5D1D97-B507-45A5-9499-EE7DB93B4D05}\RP607\A0102421.exe
[DETECTION] Contains recognition pattern of the DR/Dldr.FraudLoad.vaxg.1 dropper
[NOTE] The file was moved to '48d2f40a.qua'!
C:\System Volume Information\_restore{BA5D1D97-B507-45A5-9499-EE7DB93B4D05}\RP607\A0102468.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '49ad65eb.qua'!
C:\System Volume Information\_restore{BA5D1D97-B507-45A5-9499-EE7DB93B4D05}\RP610\A0102714.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE] The file was moved to '48d2f414.qua'!
C:\System Volume Information\_restore{BA5D1D97-B507-45A5-9499-EE7DB93B4D05}\RP611\A0102931.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE] The file was moved to '48d2f420.qua'!
C:\WINDOWS\system32\mmf.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\vkjsfade.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE] The file was moved to '490bf6ad.qua'!
C:\WINDOWS\system32\dllcache\1396\Mssvc.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Servu.4004.E.10 back-door program
[NOTE] The file was moved to '4914f6db.qua'!
C:\WINDOWS\system32\dllcache\1396\RUN.PIF
[DETECTION] Is the TR/XdcBot.B Trojan
[NOTE] The file was moved to '48eff6bd.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Storage>
D:\Programme\PatchCrack\ROLLERCOASTER.TYCOON.2.V10.ENG.GIMPSRUS.NOCD.ZIP
[0] Archive type: ZIP
--> rct2.exe
[DETECTION] Contains recognition pattern of the WORM/SdBot.6802895 worm
[NOTE] The file was moved to '48edf94b.qua'!
Begin scan in 'G:\' <Game>
G:\System Volume Information\_restore{BA5D1D97-B507-45A5-9499-EE7DB93B4D05}\RP611\A0102932.exe
[DETECTION] Contains recognition pattern of the WORM/SdBot.6802895 worm
[NOTE] The file was moved to '48d2fe8e.qua'!


End of the scan: mardi 12 août 2008 17:19
Used time: 1:18:12 Hour(s)

The scan has been done completely.

13230 Scanning directories
760202 Files were scanned
13 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
13 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
760186 Files not concerned
5683 Archives were scanned
3 Warnings
13 Notes

voici le rapport de avira

je croix que tout est beau

C'est une belle récolte. Voilà en tout cas une saleté que tu as apporté toi-même dans la machine, et du genre coriace (SDbot, ce n'est pas un tendre) :

D:\Programme\PatchCrack\ROLLERCOASTER.TYCOON.2.V10.ENG.GIMPSRUS.NOCD.ZIP
[0] Archive type: ZIP
--> rct2.exe
[DETECTION] Contains recognition pattern of the WORM/SdBot.6802895 worm

On dit pourtant que les cracks sont vecteurs d'infection, mais on ne nous croit pas souvent, en mémoire d'une époque radieuse où tout se téléchargeait tranquillement sans infection. Cette époque est révolue. D'ailleurs ce jeu est disponible en collection économique à moins de 10 euros je crois. Passons.
Cette vidéo sera plus explicite que de longs discours, et plutôt marrante :
Cracks, Keygens, ... es-tu sûr de ton choix ?

Evidemment, tu seras réinfecté dans quelques jours si tu réutilises ce type de cracks...

Poste un nouveau (et sans doute dernier) rapport HijackThis stp. Plus de symptômes infectieux ?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:25:52, on 2008-08-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\runservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe
D:\Programme\logiciel utile\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Michael Trudel\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/d ... ontrol.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-U ... E_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6397672906
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 9890 bytes

j'ai une petite comment tu fait pour lire les rapports hijacks

Le rapport est clean.

j'ai une petite comment tu fait pour lire les rapports hijacks

Il faut connaître les infections et leurs mécanismes, les variantes, et les outils spéciaux, différencier un fichier infectieux d'un fichier légitime.

Il faut bien garder ton système et les logiciels à jour.
PSI de Secunia peut t'y aider. https://psi.secunia.com/
JavaRa peut t'y aider pour Java : http://raproducts.org/

Voici un peu de lecture, explicatiosn sur les cracks et le p2p, et une compilation de conseils pour éviter une réinfection et sécuriser la machine.

Plus d'infos dans la FAQ sécurité du site.

N'hésite pas à poser des questions, cette partie est aussi importante que la désinfection.

Tu peux marquer résolu dans le titre, (en éditant le premier post, le titre devient modifiable).

merci pour tout et je n'hésiterai pas a te poser des questions

justement j'ai une question, java sa sert a quoi

Java sert à faire fonctionner de petits programmes lancés par des pages web, par exemple certains scans en ligne, des test de bande passante, etc...

Javara va te permettre de télécharger et installer le dernier, et ensuite de faire le ménage dans les anciennes versions.
Voici un petit descriptif : http://www.libellules.ch/dotclear/index ... 689-javara

comment je fait pour enlever les processus du startup menu de window je les est désactiver dans msconfig mais pas supprimer

Pourquoi veux-tu enlever des processus du démarrage ? Ceux qui sont là sont légitimes, et en retirer n'optimisera pas énormément.
MSconfig n'est pas génial.

c'est pcq je suis sur que il y en na quelqu un qui sert complètement a rien

Si tu veux alléger un peu le démarrage, on peut empêcher à certains programmes de démarrer automatiquement. Ca ne les empêchera pas de fonctionner en les lançant manuellement par la suite. Note que ces lignes ne sont pas infectieuses et parfaitement légitimes, il ne s'agit que d'une petite optimisation (qui ne divisera pas par 10 le temps de chargement, loin de là). si ça te tente, relance HijackThis, coche les lignes suivantes et clique sur le bouton Fix checked, en bas à gauche :

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Michael Trudel\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/d ... ontrol.cab
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

merci c'est parfait comme cela