Se connecter / S'enregistrer
Votre question

Help "Your computer is infected"

Tags :
  • Ordinateur
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
3 Mai 2008 14:13:38

Bonjour,
Mon PC a été infecté récemment j'ai utilisé Ad-Aware il y a eu quelques améliorations mais un message qui s'affiche en bas de l'écran disant "Warning: Your computer is infected..." n'arrête pas de s'afficher.
Je viens de faire un scan avec Hijackthis et je voudrais savoir se que je dois faire a présent, voila le résultat.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:24:57, on 03/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\sxpjbwvahn.exe
C:\WINDOWS\sxnwhbvrzc.exe
C:\WINDOWS\sxgnsvuxct.exe
C:\WINDOWS\sxjecknqhu.exe
C:\WINDOWS\sxpgknrwva.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talti.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSV - {69F6C0AE-0C78-4999-B6D1-62932A265C5D} - C:\WINDOWS\ssvanasus.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Zango /fleok=1D8A83A5C5E610799FAC602A1FBB39BFE4976E26CAEDA120180A196D6093 - {E1BACF55-35E1-4E47-9247-2D48660E5545} - C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll (file missing)
O3 - Toolbar: Zango - {E1BACF55-35E1-4E47-9247-2D48660E5545} - C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.1.181.0\ZangoSA.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [{F758F78B-0885-490e-AA3C-4A38D28B0240}] "C:\WINDOWS\sxpjbwvahn.exe"
O4 - HKLM\..\Run: [{A4C928E8-0ABA-4fd3-83DF-23BE54ADF9A4}] "C:\WINDOWS\sxnwhbvrzc.exe"
O4 - HKLM\..\Run: [1234klsjdc uiar924c af] "C:\WINDOWS\sxgnsvuxct.exe"
O4 - HKLM\..\Run: [{78B578D7-BCE1-4d83-9CD4-195BC34D8CB3}] "C:\WINDOWS\sxjecknqhu.exe"
O4 - HKLM\..\Run: [{2C70168B-97CE-4f31-B85D-1FEC5002721D}] "C:\WINDOWS\sxpgknrwva.exe"
O4 - HKLM\..\Run: [SpyBurner] "C:\Program Files\SpyBurner\SpyBurner.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [coal ping] C:\DOCUME~1\THEKIN~1\APPLIC~1\ABOUTT~1\manager mpeg eq.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [antispy] C:\Program Files\IEAntiVirus\ANTIVIRUS.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

Merci d'avance Ourk

Autres pages sur : help your computer infected

a b 8 Sécurité
3 Mai 2008 14:29:16

Bonjour,

Bien infecté.

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    Anonyme
    3 Mai 2008 16:52:58

    Me revoilà j'ai fait le scan total de mon PC voici le résultat:

    Malwarebytes' Anti-Malware 1.11
    Version de la base de données: 711

    Type de recherche: Examen complet (A:\|C:\|D:\|)
    Eléments examinés: 147485
    Temps écoulé: 1 hour(s), 29 minute(s), 1 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 95
    Valeur(s) du Registre infectée(s): 4
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 18
    Fichier(s) infecté(s): 25

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\ssv.ssvhelper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{69f6c0ae-0c78-4999-b6d1-62932a265c5d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{69f6c0ae-0c78-4999-b6d1-62932a265c5d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69f6c0ae-0c78-4999-b6d1-62932a265c5d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{a2facffe-5638-4190-a610-39ec82c9999c} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{9a68de30-5717-4bb6-a504-bba851bfb08c} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{08755390-f46d-4d09-968c-3430166b3189} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{087c4054-0a2b-4f35-b0db-bed3e21650f4} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{229d2451-a617-4b30-b5e8-8138694240cb} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{9720de03-5820-4059-b4a4-639d5e52bd09} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{c23fa5a4-1fea-419f-8b14-f7465df062bc} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{ccc6e232-aa4c-4813-a019-9c14b27776b6} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\SpyBurner (Rogue.SpyBurner) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\zangosa (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Zango (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\zangoax.clientdetector (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\zangoax.clientdetector.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\zangoax.userprofiles (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\zangoax.userprofiles.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\instie.hbinstobj (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\instie.hbinstobj.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\Software\zango (Adware.180Solutions) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{2c70168b-97ce-4f31-b85d-1fec5002721d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SpyBurner (Rogue.SpyBurner) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\Zango@Zango.com (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\Zango 10.1.181.0 (Adware.Zango) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Bin\2.0.26 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\WINDOWS\ssvanasus.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Local Settings\Temp\AF5-tmpapi.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Local Settings\Temp\ginstall.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Local Settings\Temporary Internet Files\Content.IE5\VLWFOBI9\drv32[1].data (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA.dat (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAau.dat (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAEULA.mht (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf_update.dat (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\The King\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Lauras\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    Contenus similaires
    a b 8 Sécurité
    3 Mai 2008 18:04:21

    Reposte un rapport Hijackthis.
    Anonyme
    3 Mai 2008 18:18:25

    Rapport Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:17:37, on 03/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\sxpjbwvahn.exe
    C:\WINDOWS\sxnwhbvrzc.exe
    C:\WINDOWS\sxgnsvuxct.exe
    C:\WINDOWS\sxjecknqhu.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talti.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Zango /fleok=1D8A83A5C5E610799FAC602A1FBB39BFE4976E26CAEDA120180A196D6093 - {E1BACF55-35E1-4E47-9247-2D48660E5545} - C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll (file missing)
    O3 - Toolbar: Zango - {E1BACF55-35E1-4E47-9247-2D48660E5545} - C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.1.181.0\ZangoSA.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [{F758F78B-0885-490e-AA3C-4A38D28B0240}] "C:\WINDOWS\sxpjbwvahn.exe"
    O4 - HKLM\..\Run: [{A4C928E8-0ABA-4fd3-83DF-23BE54ADF9A4}] "C:\WINDOWS\sxnwhbvrzc.exe"
    O4 - HKLM\..\Run: [1234klsjdc uiar924c af] "C:\WINDOWS\sxgnsvuxct.exe"
    O4 - HKLM\..\Run: [{78B578D7-BCE1-4d83-9CD4-195BC34D8CB3}] "C:\WINDOWS\sxjecknqhu.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [coal ping] C:\DOCUME~1\THEKIN~1\APPLIC~1\ABOUTT~1\manager mpeg eq.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [antispy] C:\Program Files\IEAntiVirus\ANTIVIRUS.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    a b 8 Sécurité
    3 Mai 2008 19:03:43

    Re,

    Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de LopS&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré (C:\lopR.txt*)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    * le nom de la partition peut changer
    Anonyme
    3 Mai 2008 19:36:39

    Voila le scan avec LopS&D:


    -----------------------[ Lop S&D 4.2.0-4 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : The King ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 03/05/2008 | 19:22:48,79 ] [ PC : LAURAS-52F82F23 ]
    [ MAJ : 03-05-2008 | 11:15 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [01/12/2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [10/01/2007|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [15/04/2007|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
    [01/12/2006|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [13/07/2007|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [26/07/2007|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grim setup tool bolt
    [02/05/2008|11:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [15/04/2007|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [02/05/2008|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [03/05/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [11/01/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [08/06/2007|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [18/02/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [08/03/2007|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [15/04/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    [14/02/2007|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [10/01/2007|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
    [11/01/2007|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [06/12/2006|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

    [01/12/2006|19:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [01/12/2006|18:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft


    [01/12/2006|19:10] C:\DOCUME~1\Lauras\APPLIC~1\ABBYY
    [02/05/2008|21:21] C:\DOCUME~1\Lauras\APPLIC~1\Adobe
    [01/12/2006|19:30] C:\DOCUME~1\Lauras\APPLIC~1\desktop.ini
    [02/05/2008|21:17] C:\DOCUME~1\Lauras\APPLIC~1\Grisoft
    [18/07/2007|21:31] C:\DOCUME~1\Lauras\APPLIC~1\Help
    [01/12/2006|18:50] C:\DOCUME~1\Lauras\APPLIC~1\Identities
    [07/12/2006|22:50] C:\DOCUME~1\Lauras\APPLIC~1\Macromedia
    [01/01/2007|02:29] C:\DOCUME~1\Lauras\APPLIC~1\Microsoft
    [17/12/2006|22:42] C:\DOCUME~1\Lauras\APPLIC~1\Mozilla
    [22/05/2007|09:47] C:\DOCUME~1\Lauras\APPLIC~1\ScanSoft
    [01/12/2006|19:32] C:\DOCUME~1\Lauras\APPLIC~1\sversion.ini
    [17/12/2006|22:42] C:\DOCUME~1\Lauras\APPLIC~1\Talkback

    [08/12/2006|00:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft


    [01/12/2006|18:40] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [08/03/2007|19:27] C:\DOCUME~1\THEKIN~1\APPLIC~1\ABBYY
    [13/04/2008|14:43] C:\DOCUME~1\THEKIN~1\APPLIC~1\AboutTrust
    [29/04/2008|00:52] C:\DOCUME~1\THEKIN~1\APPLIC~1\Adobe
    [18/03/2007|12:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\AdobeUM
    [10/01/2007|16:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\Apple Computer
    [09/02/2007|00:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\ArcSoft
    [15/04/2007|12:11] C:\DOCUME~1\THEKIN~1\APPLIC~1\Brother
    [07/03/2007|22:18] C:\DOCUME~1\THEKIN~1\APPLIC~1\CopyToDvd
    [16/12/2006|21:19] C:\DOCUME~1\THEKIN~1\APPLIC~1\DeepBurner
    [01/12/2006|19:30] C:\DOCUME~1\THEKIN~1\APPLIC~1\desktop.ini
    [04/01/2007|00:50] C:\DOCUME~1\THEKIN~1\APPLIC~1\DivX
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\ezpinst.exe
    [11/12/2006|15:24] C:\DOCUME~1\THEKIN~1\APPLIC~1\Help
    [01/12/2006|19:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\Identities
    [03/06/2007|01:11] C:\DOCUME~1\THEKIN~1\APPLIC~1\LimeWire
    [21/12/2006|22:26] C:\DOCUME~1\THEKIN~1\APPLIC~1\Macromedia
    [03/05/2008|14:43] C:\DOCUME~1\THEKIN~1\APPLIC~1\Malwarebytes
    [21/05/2007|23:18] C:\DOCUME~1\THEKIN~1\APPLIC~1\Microsoft
    [09/12/2006|01:02] C:\DOCUME~1\THEKIN~1\APPLIC~1\Mozilla
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.cat
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.inf
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.log
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.sys
    [02/05/2008|11:59] C:\DOCUME~1\THEKIN~1\APPLIC~1\RagTime
    [30/12/2006|16:54] C:\DOCUME~1\THEKIN~1\APPLIC~1\Real
    [29/04/2007|18:55] C:\DOCUME~1\THEKIN~1\APPLIC~1\ScanSoft
    [18/03/2007|01:15] C:\DOCUME~1\THEKIN~1\APPLIC~1\Screenshot Sender
    [12/02/2008|15:18] C:\DOCUME~1\THEKIN~1\APPLIC~1\Shareaza
    [22/02/2008|17:45] C:\DOCUME~1\THEKIN~1\APPLIC~1\Skype
    [10/01/2007|13:32] C:\DOCUME~1\THEKIN~1\APPLIC~1\Sony
    [09/06/2007|11:42] C:\DOCUME~1\THEKIN~1\APPLIC~1\Sun
    [09/12/2006|01:03] C:\DOCUME~1\THEKIN~1\APPLIC~1\Talkback
    [08/03/2008|14:16] C:\DOCUME~1\THEKIN~1\APPLIC~1\teamspeak2
    [21/05/2007|23:46] C:\DOCUME~1\THEKIN~1\APPLIC~1\utorrent
    [20/02/2008|00:28] C:\DOCUME~1\THEKIN~1\APPLIC~1\Ventrilo
    [01/04/2007|13:16] C:\DOCUME~1\THEKIN~1\APPLIC~1\Vso
    [11/01/2008|16:26] C:\DOCUME~1\THEKIN~1\APPLIC~1\Zango

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [03/05/2008 16:47][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [01/12/2006|19:10] C:\Program Files\ABBYY
    [18/03/2007|01:15] C:\Program Files\AboutTrust
    [01/12/2006|19:28] C:\Program Files\Adobe
    [02/05/2008|11:49] C:\Program Files\Adverts
    [06/12/2006|22:48] C:\Program Files\Alwil Software
    [01/12/2006|19:17] C:\Program Files\ArcSoft
    [17/12/2006|13:07] C:\Program Files\Astonsoft
    [10/12/2006|23:35] C:\Program Files\BitZipper
    [15/04/2007|12:02] C:\Program Files\Brother
    [26/04/2008|03:35] C:\Program Files\Burn4Free
    [27/12/2007|12:59] C:\Program Files\Common Files
    [01/12/2006|18:38] C:\Program Files\ComPlus Applications
    [11/01/2008|09:51] C:\Program Files\DivX
    [02/05/2008|03:42] C:\Program Files\eMule
    [13/04/2007|19:48] C:\Program Files\EPSON
    [04/03/2008|21:26] C:\Program Files\Fichiers communs
    [26/11/2007|20:55] C:\Program Files\Game Cam Lite v1.4
    [10/01/2007|18:52] C:\Program Files\Google
    [02/05/2008|11:50] C:\Program Files\Grisoft
    [28/01/2007|11:50] C:\Program Files\Guitar Pro 5
    [01/02/2008|00:33] C:\Program Files\HHD Software
    [13/04/2007|13:01] C:\Program Files\InfraRecorder
    [30/12/2007|17:39] C:\Program Files\InstallShield Installation Information
    [10/04/2008|00:15] C:\Program Files\Internet Explorer
    [03/06/2007|01:00] C:\Program Files\Java
    [01/12/2006|19:29] C:\Program Files\Java Web Start
    [21/08/2007|18:09] C:\Program Files\Jeux de cartes
    [02/05/2008|19:44] C:\Program Files\Lavasoft
    [03/05/2008|14:43] C:\Program Files\Malwarebytes' Anti-Malware
    [06/12/2006|12:20] C:\Program Files\Messenger
    [06/04/2008|11:53] C:\Program Files\Messenger Plus! Live
    [01/12/2006|18:40] C:\Program Files\microsoft frontpage
    [13/12/2006|13:19] C:\Program Files\Microsoft Games
    [01/12/2006|18:38] C:\Program Files\Movie Maker
    [03/05/2008|18:15] C:\Program Files\Mozilla Firefox
    [11/12/2006|18:54] C:\Program Files\MSN
    [01/12/2006|18:37] C:\Program Files\MSN Gaming Zone
    [06/04/2008|11:53] C:\Program Files\MSN Messenger
    [02/05/2008|11:47] C:\Program Files\NetMeeting
    [01/12/2006|18:37] C:\Program Files\Online Services
    [08/03/2008|22:43] C:\Program Files\OpenOffice.org1.1.2
    [12/10/2007|16:39] C:\Program Files\Outlook Express
    [01/01/2007|22:00] C:\Program Files\PhotoFiltre
    [10/01/2007|13:24] C:\Program Files\QuickTime
    [30/12/2007|17:39] C:\Program Files\SAGEM
    [06/12/2006|21:18] C:\Program Files\SAGEM Wi-Fi USB 802.11g
    [15/04/2007|11:59] C:\Program Files\ScanSoft
    [16/06/2007|17:45] C:\Program Files\Securitoo
    [01/12/2006|18:39] C:\Program Files\Services en ligne
    [12/02/2008|15:18] C:\Program Files\Shareaza
    [14/02/2007|18:11] C:\Program Files\Skype
    [15/12/2006|17:44] C:\Program Files\SLD Codec Pack
    [27/12/2007|13:00] C:\Program Files\Sony
    [13/07/2007|11:45] C:\Program Files\Teamspeak2_RC2
    [03/05/2008|13:17] C:\Program Files\Trend Micro
    [01/12/2006|18:50] C:\Program Files\Uninstall Information
    [04/03/2008|21:26] C:\Program Files\Ventrilo
    [01/03/2007|20:25] C:\Program Files\VSO
    [03/05/2008|16:48] C:\Program Files\Wanadoo
    [22/04/2008|18:44] C:\Program Files\Warcraft III
    [02/07/2007|12:08] C:\Program Files\Windows Live
    [08/12/2006|00:25] C:\Program Files\Windows Media Connect 2
    [06/12/2007|17:00] C:\Program Files\Windows Media Player
    [01/12/2006|18:37] C:\Program Files\Windows NT
    [01/12/2006|18:39] C:\Program Files\WindowsUpdate
    [11/12/2006|15:24] C:\Program Files\WinRAR
    [19/04/2008|19:23] C:\Program Files\World of Warcraft
    [01/12/2006|18:40] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [01/12/2006|19:29] C:\Program Files\Fichiers communs\Adobe
    [16/01/2007|19:12] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [15/04/2007|12:01] C:\Program Files\Fichiers communs\InstallShield
    [03/06/2007|00:59] C:\Program Files\Fichiers communs\Java
    [01/12/2006|18:50] C:\Program Files\Fichiers communs\Microsoft Shared
    [01/12/2006|18:38] C:\Program Files\Fichiers communs\MSSoap
    [01/12/2006|19:31] C:\Program Files\Fichiers communs\ODBC
    [30/12/2006|16:54] C:\Program Files\Fichiers communs\Real
    [15/04/2007|11:59] C:\Program Files\Fichiers communs\ScanSoft Shared
    [01/12/2006|18:38] C:\Program Files\Fichiers communs\Services
    [14/02/2007|18:11] C:\Program Files\Fichiers communs\Skype
    [27/12/2007|13:00] C:\Program Files\Fichiers communs\Sony Shared
    [01/12/2006|19:31] C:\Program Files\Fichiers communs\SpeechEngines
    [13/06/2007|13:07] C:\Program Files\Fichiers communs\System
    [02/05/2008|19:43] C:\Program Files\Fichiers communs\Wise Installation Wizard

    ---------------------------[ Process ]--------------------------

    ... 51

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\Program Files\Adverts

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-03 19:23:52
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\C\Crackers, The
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\C\Crackers, The\Crackers, The - He Gone.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\F\Faith No More\Faith No More - Crack Hitler.gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\L\Limp Bizkit\Limp Bizkit - Crack Addict.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\N\Nada Surf\Nada Surf - Firecracker.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\P\Pixies\Pixies - Crackity Jones.gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\S\Stone Temple Pilots\Stone Temple Pilots - Crackerman (2).gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\S\Stone Temple Pilots\Stone Temple Pilots - Crackerman.gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\T\Tchaikovsky, Pioter Ilych\Tchaikovsky, Pioter Ilych - Nutcracker Suite_ Miniature Overture.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\T\Tchaikovsky, Pioter Ilych\Tchaikovsky, Pioter Ilych - Waltz Of The Flowers From The Nutcracker Ballet, Op. 71.gp3


    /!\ [Fich:1567][Doss:70] C:\DOCUME~1\THEKIN~1\LOCALS~1\Temp
    /!\ [Fich:317][Doss:0] C:\DOCUME~1\THEKIN~1\Cookies
    /!\ [Fich:1451][Doss:5] C:\DOCUME~1\THEKIN~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:25:30,34 ]----------------------
    Anonyme
    3 Mai 2008 23:20:58

    Angeldark si tu passe part la dit moi se que je dois faire a présent.
    Merci
    a b 8 Sécurité
    4 Mai 2008 21:47:48

    Supprime tous tes cracks.

  • Relance Lop S&D.
  • Choisis cette fois- ci l'option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt*).

    (Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    * le nom de la partition peut changer
    Anonyme
    5 Mai 2008 00:26:33

    Bonsoir,
    "Supprime tous tes cracks." Il me faut faire quoi ?

    J'ai donc relancer Lop S&D en exécutant en option 2.
    Voilà le rapport:

    -----------------------[ Lop S&D 4.2.0-4 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : The King ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 05/05/2008 | 0:10:50,23 ] [ PC : LAURAS-52F82F23 ]
    [ MAJ : 03-05-2008 | 11:15 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\Program Files\Adverts
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [01/12/2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [10/01/2007|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [15/04/2007|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
    [01/12/2006|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [13/07/2007|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [26/07/2007|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grim setup tool bolt
    [02/05/2008|11:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [15/04/2007|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [02/05/2008|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [03/05/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [11/01/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [08/06/2007|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [18/02/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [08/03/2007|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [15/04/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    [14/02/2007|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [10/01/2007|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
    [11/01/2007|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [06/12/2006|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

    [01/12/2006|19:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [01/12/2006|18:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft


    [01/12/2006|19:10] C:\DOCUME~1\Lauras\APPLIC~1\ABBYY
    [02/05/2008|21:21] C:\DOCUME~1\Lauras\APPLIC~1\Adobe
    [01/12/2006|19:30] C:\DOCUME~1\Lauras\APPLIC~1\desktop.ini
    [02/05/2008|21:17] C:\DOCUME~1\Lauras\APPLIC~1\Grisoft
    [18/07/2007|21:31] C:\DOCUME~1\Lauras\APPLIC~1\Help
    [01/12/2006|18:50] C:\DOCUME~1\Lauras\APPLIC~1\Identities
    [07/12/2006|22:50] C:\DOCUME~1\Lauras\APPLIC~1\Macromedia
    [01/01/2007|02:29] C:\DOCUME~1\Lauras\APPLIC~1\Microsoft
    [17/12/2006|22:42] C:\DOCUME~1\Lauras\APPLIC~1\Mozilla
    [22/05/2007|09:47] C:\DOCUME~1\Lauras\APPLIC~1\ScanSoft
    [01/12/2006|19:32] C:\DOCUME~1\Lauras\APPLIC~1\sversion.ini
    [17/12/2006|22:42] C:\DOCUME~1\Lauras\APPLIC~1\Talkback

    [08/12/2006|00:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft


    [01/12/2006|18:40] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [08/03/2007|19:27] C:\DOCUME~1\THEKIN~1\APPLIC~1\ABBYY
    [13/04/2008|14:43] C:\DOCUME~1\THEKIN~1\APPLIC~1\AboutTrust
    [29/04/2008|00:52] C:\DOCUME~1\THEKIN~1\APPLIC~1\Adobe
    [18/03/2007|12:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\AdobeUM
    [10/01/2007|16:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\Apple Computer
    [09/02/2007|00:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\ArcSoft
    [15/04/2007|12:11] C:\DOCUME~1\THEKIN~1\APPLIC~1\Brother
    [07/03/2007|22:18] C:\DOCUME~1\THEKIN~1\APPLIC~1\CopyToDvd
    [16/12/2006|21:19] C:\DOCUME~1\THEKIN~1\APPLIC~1\DeepBurner
    [01/12/2006|19:30] C:\DOCUME~1\THEKIN~1\APPLIC~1\desktop.ini
    [04/01/2007|00:50] C:\DOCUME~1\THEKIN~1\APPLIC~1\DivX
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\ezpinst.exe
    [11/12/2006|15:24] C:\DOCUME~1\THEKIN~1\APPLIC~1\Help
    [01/12/2006|19:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\Identities
    [03/06/2007|01:11] C:\DOCUME~1\THEKIN~1\APPLIC~1\LimeWire
    [21/12/2006|22:26] C:\DOCUME~1\THEKIN~1\APPLIC~1\Macromedia
    [03/05/2008|14:43] C:\DOCUME~1\THEKIN~1\APPLIC~1\Malwarebytes
    [21/05/2007|23:18] C:\DOCUME~1\THEKIN~1\APPLIC~1\Microsoft
    [09/12/2006|01:02] C:\DOCUME~1\THEKIN~1\APPLIC~1\Mozilla
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.cat
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.inf
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.log
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.sys
    [02/05/2008|11:59] C:\DOCUME~1\THEKIN~1\APPLIC~1\RagTime
    [30/12/2006|16:54] C:\DOCUME~1\THEKIN~1\APPLIC~1\Real
    [29/04/2007|18:55] C:\DOCUME~1\THEKIN~1\APPLIC~1\ScanSoft
    [18/03/2007|01:15] C:\DOCUME~1\THEKIN~1\APPLIC~1\Screenshot Sender
    [12/02/2008|15:18] C:\DOCUME~1\THEKIN~1\APPLIC~1\Shareaza
    [22/02/2008|17:45] C:\DOCUME~1\THEKIN~1\APPLIC~1\Skype
    [10/01/2007|13:32] C:\DOCUME~1\THEKIN~1\APPLIC~1\Sony
    [09/06/2007|11:42] C:\DOCUME~1\THEKIN~1\APPLIC~1\Sun
    [09/12/2006|01:03] C:\DOCUME~1\THEKIN~1\APPLIC~1\Talkback
    [08/03/2008|14:16] C:\DOCUME~1\THEKIN~1\APPLIC~1\teamspeak2
    [21/05/2007|23:46] C:\DOCUME~1\THEKIN~1\APPLIC~1\utorrent
    [20/02/2008|00:28] C:\DOCUME~1\THEKIN~1\APPLIC~1\Ventrilo
    [01/04/2007|13:16] C:\DOCUME~1\THEKIN~1\APPLIC~1\Vso
    [11/01/2008|16:26] C:\DOCUME~1\THEKIN~1\APPLIC~1\Zango

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [04/05/2008 22:17][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [01/12/2006|19:10] C:\Program Files\ABBYY
    [18/03/2007|01:15] C:\Program Files\AboutTrust
    [01/12/2006|19:28] C:\Program Files\Adobe
    [06/12/2006|22:48] C:\Program Files\Alwil Software
    [01/12/2006|19:17] C:\Program Files\ArcSoft
    [17/12/2006|13:07] C:\Program Files\Astonsoft
    [10/12/2006|23:35] C:\Program Files\BitZipper
    [15/04/2007|12:02] C:\Program Files\Brother
    [26/04/2008|03:35] C:\Program Files\Burn4Free
    [27/12/2007|12:59] C:\Program Files\Common Files
    [01/12/2006|18:38] C:\Program Files\ComPlus Applications
    [11/01/2008|09:51] C:\Program Files\DivX
    [02/05/2008|03:42] C:\Program Files\eMule
    [13/04/2007|19:48] C:\Program Files\EPSON
    [04/03/2008|21:26] C:\Program Files\Fichiers communs
    [26/11/2007|20:55] C:\Program Files\Game Cam Lite v1.4
    [10/01/2007|18:52] C:\Program Files\Google
    [02/05/2008|11:50] C:\Program Files\Grisoft
    [28/01/2007|11:50] C:\Program Files\Guitar Pro 5
    [01/02/2008|00:33] C:\Program Files\HHD Software
    [13/04/2007|13:01] C:\Program Files\InfraRecorder
    [30/12/2007|17:39] C:\Program Files\InstallShield Installation Information
    [10/04/2008|00:15] C:\Program Files\Internet Explorer
    [03/06/2007|01:00] C:\Program Files\Java
    [01/12/2006|19:29] C:\Program Files\Java Web Start
    [21/08/2007|18:09] C:\Program Files\Jeux de cartes
    [02/05/2008|19:44] C:\Program Files\Lavasoft
    [03/05/2008|14:43] C:\Program Files\Malwarebytes' Anti-Malware
    [06/12/2006|12:20] C:\Program Files\Messenger
    [06/04/2008|11:53] C:\Program Files\Messenger Plus! Live
    [01/12/2006|18:40] C:\Program Files\microsoft frontpage
    [13/12/2006|13:19] C:\Program Files\Microsoft Games
    [01/12/2006|18:38] C:\Program Files\Movie Maker
    [05/05/2008|00:00] C:\Program Files\Mozilla Firefox
    [11/12/2006|18:54] C:\Program Files\MSN
    [01/12/2006|18:37] C:\Program Files\MSN Gaming Zone
    [06/04/2008|11:53] C:\Program Files\MSN Messenger
    [02/05/2008|11:47] C:\Program Files\NetMeeting
    [01/12/2006|18:37] C:\Program Files\Online Services
    [08/03/2008|22:43] C:\Program Files\OpenOffice.org1.1.2
    [12/10/2007|16:39] C:\Program Files\Outlook Express
    [01/01/2007|22:00] C:\Program Files\PhotoFiltre
    [10/01/2007|13:24] C:\Program Files\QuickTime
    [30/12/2007|17:39] C:\Program Files\SAGEM
    [06/12/2006|21:18] C:\Program Files\SAGEM Wi-Fi USB 802.11g
    [15/04/2007|11:59] C:\Program Files\ScanSoft
    [16/06/2007|17:45] C:\Program Files\Securitoo
    [01/12/2006|18:39] C:\Program Files\Services en ligne
    [12/02/2008|15:18] C:\Program Files\Shareaza
    [14/02/2007|18:11] C:\Program Files\Skype
    [15/12/2006|17:44] C:\Program Files\SLD Codec Pack
    [27/12/2007|13:00] C:\Program Files\Sony
    [13/07/2007|11:45] C:\Program Files\Teamspeak2_RC2
    [03/05/2008|13:17] C:\Program Files\Trend Micro
    [01/12/2006|18:50] C:\Program Files\Uninstall Information
    [04/03/2008|21:26] C:\Program Files\Ventrilo
    [01/03/2007|20:25] C:\Program Files\VSO
    [04/05/2008|22:18] C:\Program Files\Wanadoo
    [22/04/2008|18:44] C:\Program Files\Warcraft III
    [02/07/2007|12:08] C:\Program Files\Windows Live
    [08/12/2006|00:25] C:\Program Files\Windows Media Connect 2
    [06/12/2007|17:00] C:\Program Files\Windows Media Player
    [01/12/2006|18:37] C:\Program Files\Windows NT
    [01/12/2006|18:39] C:\Program Files\WindowsUpdate
    [11/12/2006|15:24] C:\Program Files\WinRAR
    [19/04/2008|19:23] C:\Program Files\World of Warcraft
    [01/12/2006|18:40] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [01/12/2006|19:29] C:\Program Files\Fichiers communs\Adobe
    [16/01/2007|19:12] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [15/04/2007|12:01] C:\Program Files\Fichiers communs\InstallShield
    [03/06/2007|00:59] C:\Program Files\Fichiers communs\Java
    [01/12/2006|18:50] C:\Program Files\Fichiers communs\Microsoft Shared
    [01/12/2006|18:38] C:\Program Files\Fichiers communs\MSSoap
    [01/12/2006|19:31] C:\Program Files\Fichiers communs\ODBC
    [30/12/2006|16:54] C:\Program Files\Fichiers communs\Real
    [15/04/2007|11:59] C:\Program Files\Fichiers communs\ScanSoft Shared
    [01/12/2006|18:38] C:\Program Files\Fichiers communs\Services
    [14/02/2007|18:11] C:\Program Files\Fichiers communs\Skype
    [27/12/2007|13:00] C:\Program Files\Fichiers communs\Sony Shared
    [01/12/2006|19:31] C:\Program Files\Fichiers communs\SpeechEngines
    [13/06/2007|13:07] C:\Program Files\Fichiers communs\System
    [02/05/2008|19:43] C:\Program Files\Fichiers communs\Wise Installation Wizard

    ---------------------------[ Process ]--------------------------

    ... 50

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-05 00:11:48
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\C\Crackers, The
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\C\Crackers, The\Crackers, The - He Gone.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\F\Faith No More\Faith No More - Crack Hitler.gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\L\Limp Bizkit\Limp Bizkit - Crack Addict.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\N\Nada Surf\Nada Surf - Firecracker.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\P\Pixies\Pixies - Crackity Jones.gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\S\Stone Temple Pilots\Stone Temple Pilots - Crackerman (2).gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\S\Stone Temple Pilots\Stone Temple Pilots - Crackerman.gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\T\Tchaikovsky, Pioter Ilych\Tchaikovsky, Pioter Ilych - Nutcracker Suite_ Miniature Overture.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\T\Tchaikovsky, Pioter Ilych\Tchaikovsky, Pioter Ilych - Waltz Of The Flowers From The Nutcracker Ballet, Op. 71.gp3


    /!\ [Fich:1578][Doss:71] C:\DOCUME~1\THEKIN~1\LOCALS~1\Temp
    /!\ [Fich:319][Doss:0] C:\DOCUME~1\THEKIN~1\Cookies
    /!\ [Fich:1648][Doss:5] C:\DOCUME~1\THEKIN~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 0:13:21,59 ]----------------------
    a b 8 Sécurité
    5 Mai 2008 17:44:41

    Citation :
    "Supprime tous tes cracks." Il me faut faire quoi ?

    Après relecture je me suis trompé.

    Supprime le dossier suivant :
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grim setup tool bolt
    Anonyme
    5 Mai 2008 20:15:17

    Salut,
    Je viens de supprimer le dossier, que dois je faire maintenant ?
    a b 8 Sécurité
    5 Mai 2008 20:17:47

    Refais un scan LopSD option 1 :) 
    Anonyme
    5 Mai 2008 22:01:24

    Scan LopSD avec option 1


    -----------------------[ Lop S&D 4.2.0-4 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : The King ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 05/05/2008 | 21:56:10,71 ] [ PC : LAURAS-52F82F23 ]
    [ MAJ : 03-05-2008 | 11:15 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [01/12/2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [10/01/2007|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [15/04/2007|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
    [01/12/2006|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [13/07/2007|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [02/05/2008|11:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [15/04/2007|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [02/05/2008|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [03/05/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [11/01/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [08/06/2007|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [18/02/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [08/03/2007|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [15/04/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    [14/02/2007|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [10/01/2007|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
    [11/01/2007|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [06/12/2006|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

    [01/12/2006|19:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [01/12/2006|18:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft


    [01/12/2006|19:10] C:\DOCUME~1\Lauras\APPLIC~1\ABBYY
    [02/05/2008|21:21] C:\DOCUME~1\Lauras\APPLIC~1\Adobe
    [01/12/2006|19:30] C:\DOCUME~1\Lauras\APPLIC~1\desktop.ini
    [02/05/2008|21:17] C:\DOCUME~1\Lauras\APPLIC~1\Grisoft
    [18/07/2007|21:31] C:\DOCUME~1\Lauras\APPLIC~1\Help
    [01/12/2006|18:50] C:\DOCUME~1\Lauras\APPLIC~1\Identities
    [07/12/2006|22:50] C:\DOCUME~1\Lauras\APPLIC~1\Macromedia
    [01/01/2007|02:29] C:\DOCUME~1\Lauras\APPLIC~1\Microsoft
    [17/12/2006|22:42] C:\DOCUME~1\Lauras\APPLIC~1\Mozilla
    [22/05/2007|09:47] C:\DOCUME~1\Lauras\APPLIC~1\ScanSoft
    [01/12/2006|19:32] C:\DOCUME~1\Lauras\APPLIC~1\sversion.ini
    [17/12/2006|22:42] C:\DOCUME~1\Lauras\APPLIC~1\Talkback

    [08/12/2006|00:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft


    [01/12/2006|18:40] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [08/03/2007|19:27] C:\DOCUME~1\THEKIN~1\APPLIC~1\ABBYY
    [13/04/2008|14:43] C:\DOCUME~1\THEKIN~1\APPLIC~1\AboutTrust
    [29/04/2008|00:52] C:\DOCUME~1\THEKIN~1\APPLIC~1\Adobe
    [18/03/2007|12:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\AdobeUM
    [10/01/2007|16:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\Apple Computer
    [09/02/2007|00:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\ArcSoft
    [15/04/2007|12:11] C:\DOCUME~1\THEKIN~1\APPLIC~1\Brother
    [07/03/2007|22:18] C:\DOCUME~1\THEKIN~1\APPLIC~1\CopyToDvd
    [16/12/2006|21:19] C:\DOCUME~1\THEKIN~1\APPLIC~1\DeepBurner
    [01/12/2006|19:30] C:\DOCUME~1\THEKIN~1\APPLIC~1\desktop.ini
    [04/01/2007|00:50] C:\DOCUME~1\THEKIN~1\APPLIC~1\DivX
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\ezpinst.exe
    [11/12/2006|15:24] C:\DOCUME~1\THEKIN~1\APPLIC~1\Help
    [01/12/2006|19:05] C:\DOCUME~1\THEKIN~1\APPLIC~1\Identities
    [03/06/2007|01:11] C:\DOCUME~1\THEKIN~1\APPLIC~1\LimeWire
    [21/12/2006|22:26] C:\DOCUME~1\THEKIN~1\APPLIC~1\Macromedia
    [03/05/2008|14:43] C:\DOCUME~1\THEKIN~1\APPLIC~1\Malwarebytes
    [21/05/2007|23:18] C:\DOCUME~1\THEKIN~1\APPLIC~1\Microsoft
    [09/12/2006|01:02] C:\DOCUME~1\THEKIN~1\APPLIC~1\Mozilla
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.cat
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.inf
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.log
    [01/03/2007|20:25] C:\DOCUME~1\THEKIN~1\APPLIC~1\pcouffin.sys
    [02/05/2008|11:59] C:\DOCUME~1\THEKIN~1\APPLIC~1\RagTime
    [30/12/2006|16:54] C:\DOCUME~1\THEKIN~1\APPLIC~1\Real
    [29/04/2007|18:55] C:\DOCUME~1\THEKIN~1\APPLIC~1\ScanSoft
    [18/03/2007|01:15] C:\DOCUME~1\THEKIN~1\APPLIC~1\Screenshot Sender
    [12/02/2008|15:18] C:\DOCUME~1\THEKIN~1\APPLIC~1\Shareaza
    [22/02/2008|17:45] C:\DOCUME~1\THEKIN~1\APPLIC~1\Skype
    [10/01/2007|13:32] C:\DOCUME~1\THEKIN~1\APPLIC~1\Sony
    [09/06/2007|11:42] C:\DOCUME~1\THEKIN~1\APPLIC~1\Sun
    [09/12/2006|01:03] C:\DOCUME~1\THEKIN~1\APPLIC~1\Talkback
    [08/03/2008|14:16] C:\DOCUME~1\THEKIN~1\APPLIC~1\teamspeak2
    [21/05/2007|23:46] C:\DOCUME~1\THEKIN~1\APPLIC~1\utorrent
    [20/02/2008|00:28] C:\DOCUME~1\THEKIN~1\APPLIC~1\Ventrilo
    [01/04/2007|13:16] C:\DOCUME~1\THEKIN~1\APPLIC~1\Vso
    [11/01/2008|16:26] C:\DOCUME~1\THEKIN~1\APPLIC~1\Zango

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [05/05/2008 21:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [01/12/2006|19:10] C:\Program Files\ABBYY
    [18/03/2007|01:15] C:\Program Files\AboutTrust
    [01/12/2006|19:28] C:\Program Files\Adobe
    [06/12/2006|22:48] C:\Program Files\Alwil Software
    [01/12/2006|19:17] C:\Program Files\ArcSoft
    [17/12/2006|13:07] C:\Program Files\Astonsoft
    [10/12/2006|23:35] C:\Program Files\BitZipper
    [15/04/2007|12:02] C:\Program Files\Brother
    [26/04/2008|03:35] C:\Program Files\Burn4Free
    [27/12/2007|12:59] C:\Program Files\Common Files
    [01/12/2006|18:38] C:\Program Files\ComPlus Applications
    [11/01/2008|09:51] C:\Program Files\DivX
    [02/05/2008|03:42] C:\Program Files\eMule
    [13/04/2007|19:48] C:\Program Files\EPSON
    [04/03/2008|21:26] C:\Program Files\Fichiers communs
    [26/11/2007|20:55] C:\Program Files\Game Cam Lite v1.4
    [10/01/2007|18:52] C:\Program Files\Google
    [02/05/2008|11:50] C:\Program Files\Grisoft
    [28/01/2007|11:50] C:\Program Files\Guitar Pro 5
    [01/02/2008|00:33] C:\Program Files\HHD Software
    [13/04/2007|13:01] C:\Program Files\InfraRecorder
    [30/12/2007|17:39] C:\Program Files\InstallShield Installation Information
    [10/04/2008|00:15] C:\Program Files\Internet Explorer
    [03/06/2007|01:00] C:\Program Files\Java
    [01/12/2006|19:29] C:\Program Files\Java Web Start
    [21/08/2007|18:09] C:\Program Files\Jeux de cartes
    [02/05/2008|19:44] C:\Program Files\Lavasoft
    [03/05/2008|14:43] C:\Program Files\Malwarebytes' Anti-Malware
    [06/12/2006|12:20] C:\Program Files\Messenger
    [06/04/2008|11:53] C:\Program Files\Messenger Plus! Live
    [01/12/2006|18:40] C:\Program Files\microsoft frontpage
    [13/12/2006|13:19] C:\Program Files\Microsoft Games
    [01/12/2006|18:38] C:\Program Files\Movie Maker
    [05/05/2008|21:54] C:\Program Files\Mozilla Firefox
    [11/12/2006|18:54] C:\Program Files\MSN
    [01/12/2006|18:37] C:\Program Files\MSN Gaming Zone
    [06/04/2008|11:53] C:\Program Files\MSN Messenger
    [02/05/2008|11:47] C:\Program Files\NetMeeting
    [01/12/2006|18:37] C:\Program Files\Online Services
    [08/03/2008|22:43] C:\Program Files\OpenOffice.org1.1.2
    [12/10/2007|16:39] C:\Program Files\Outlook Express
    [01/01/2007|22:00] C:\Program Files\PhotoFiltre
    [10/01/2007|13:24] C:\Program Files\QuickTime
    [30/12/2007|17:39] C:\Program Files\SAGEM
    [06/12/2006|21:18] C:\Program Files\SAGEM Wi-Fi USB 802.11g
    [15/04/2007|11:59] C:\Program Files\ScanSoft
    [16/06/2007|17:45] C:\Program Files\Securitoo
    [01/12/2006|18:39] C:\Program Files\Services en ligne
    [12/02/2008|15:18] C:\Program Files\Shareaza
    [14/02/2007|18:11] C:\Program Files\Skype
    [15/12/2006|17:44] C:\Program Files\SLD Codec Pack
    [27/12/2007|13:00] C:\Program Files\Sony
    [13/07/2007|11:45] C:\Program Files\Teamspeak2_RC2
    [03/05/2008|13:17] C:\Program Files\Trend Micro
    [01/12/2006|18:50] C:\Program Files\Uninstall Information
    [04/03/2008|21:26] C:\Program Files\Ventrilo
    [01/03/2007|20:25] C:\Program Files\VSO
    [05/05/2008|21:54] C:\Program Files\Wanadoo
    [22/04/2008|18:44] C:\Program Files\Warcraft III
    [02/07/2007|12:08] C:\Program Files\Windows Live
    [08/12/2006|00:25] C:\Program Files\Windows Media Connect 2
    [06/12/2007|17:00] C:\Program Files\Windows Media Player
    [01/12/2006|18:37] C:\Program Files\Windows NT
    [01/12/2006|18:39] C:\Program Files\WindowsUpdate
    [11/12/2006|15:24] C:\Program Files\WinRAR
    [19/04/2008|19:23] C:\Program Files\World of Warcraft
    [01/12/2006|18:40] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [01/12/2006|19:29] C:\Program Files\Fichiers communs\Adobe
    [16/01/2007|19:12] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [15/04/2007|12:01] C:\Program Files\Fichiers communs\InstallShield
    [03/06/2007|00:59] C:\Program Files\Fichiers communs\Java
    [01/12/2006|18:50] C:\Program Files\Fichiers communs\Microsoft Shared
    [01/12/2006|18:38] C:\Program Files\Fichiers communs\MSSoap
    [01/12/2006|19:31] C:\Program Files\Fichiers communs\ODBC
    [30/12/2006|16:54] C:\Program Files\Fichiers communs\Real
    [15/04/2007|11:59] C:\Program Files\Fichiers communs\ScanSoft Shared
    [01/12/2006|18:38] C:\Program Files\Fichiers communs\Services
    [14/02/2007|18:11] C:\Program Files\Fichiers communs\Skype
    [27/12/2007|13:00] C:\Program Files\Fichiers communs\Sony Shared
    [01/12/2006|19:31] C:\Program Files\Fichiers communs\SpeechEngines
    [13/06/2007|13:07] C:\Program Files\Fichiers communs\System
    [02/05/2008|19:43] C:\Program Files\Fichiers communs\Wise Installation Wizard

    ---------------------------[ Process ]--------------------------

    ... 52

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-05 21:57:09
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\C\Crackers, The
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\C\Crackers, The\Crackers, The - He Gone.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\F\Faith No More\Faith No More - Crack Hitler.gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\L\Limp Bizkit\Limp Bizkit - Crack Addict.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\N\Nada Surf\Nada Surf - Firecracker.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\P\Pixies\Pixies - Crackity Jones.gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\S\Stone Temple Pilots\Stone Temple Pilots - Crackerman (2).gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\S\Stone Temple Pilots\Stone Temple Pilots - Crackerman.gp3
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\T\Tchaikovsky, Pioter Ilych\Tchaikovsky, Pioter Ilych - Nutcracker Suite_ Miniature Overture.gp4
    => C:\Documents and Settings\The King\Mes documents\Guitar Pro Tabs\T\Tchaikovsky, Pioter Ilych\Tchaikovsky, Pioter Ilych - Waltz Of The Flowers From The Nutcracker Ballet, Op. 71.gp3


    /!\ [Fich:1578][Doss:71] C:\DOCUME~1\THEKIN~1\LOCALS~1\Temp
    /!\ [Fich:319][Doss:0] C:\DOCUME~1\THEKIN~1\Cookies
    /!\ [Fich:1818][Doss:5] C:\DOCUME~1\THEKIN~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 21:58:42,71 ]----------------------
    a b 8 Sécurité
    6 Mai 2008 18:29:56

    Reposte un rapport Hijackthis :) 
    Anonyme
    6 Mai 2008 20:33:05

    Salut,
    Voila le rapport Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:40:37, on 06/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
    C:\WINDOWS\sxpjbwvahn.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\WINDOWS\sxnwhbvrzc.exe
    C:\WINDOWS\sxgnsvuxct.exe
    C:\WINDOWS\sxjecknqhu.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talti.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Zango /fleok=1D8A83A5C5E610799FAC602A1FBB39BFE4976E26CAEDA120180A196D6093 - {E1BACF55-35E1-4E47-9247-2D48660E5545} - C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll (file missing)
    O3 - Toolbar: Zango - {E1BACF55-35E1-4E47-9247-2D48660E5545} - C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.1.181.0\ZangoSA.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [{F758F78B-0885-490e-AA3C-4A38D28B0240}] "C:\WINDOWS\sxpjbwvahn.exe"
    O4 - HKLM\..\Run: [{A4C928E8-0ABA-4fd3-83DF-23BE54ADF9A4}] "C:\WINDOWS\sxnwhbvrzc.exe"
    O4 - HKLM\..\Run: [1234klsjdc uiar924c af] "C:\WINDOWS\sxgnsvuxct.exe"
    O4 - HKLM\..\Run: [{78B578D7-BCE1-4d83-9CD4-195BC34D8CB3}] "C:\WINDOWS\sxjecknqhu.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [coal ping] C:\DOCUME~1\THEKIN~1\APPLIC~1\ABOUTT~1\manager mpeg eq.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [antispy] C:\Program Files\IEAntiVirus\ANTIVIRUS.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    a b 8 Sécurité
    7 Mai 2008 18:12:19

    Re,

  • [#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    Anonyme
    7 Mai 2008 22:57:37

    Salut Angeldark,
    Voila le rapport ComboFix :

    ComboFix 08-05-01.3 - The King 2008-05-07 22:42:17.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.341 [GMT 2:00]
    Endroit: C:\Documents and Settings\The King\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\The King\Application Data\Zango
    C:\WINDOWS\config.ini
    C:\WINDOWS\mywallpaper.bmp
    C:\WINDOWS\sxgnsvuxct.exe
    C:\WINDOWS\sxjecknqhu.exe
    C:\WINDOWS\sxnwhbvrzc.exe
    C:\WINDOWS\sxpgknrwva.exe
    C:\WINDOWS\sxpjbwvahn.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-04-07 to 2008-05-07 ))))))))))))))))))))))))))))))))))))
    .

    2008-05-03 19:22 . 2008-05-05 21:58 <REP> d-------- C:\Lop SD
    2008-05-03 15:24 . 2008-05-03 15:24 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
    2008-05-03 14:43 . 2008-05-03 14:43 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-05-03 14:43 . 2008-05-03 14:43 <REP> d-------- C:\Documents and Settings\The King\Application Data\Malwarebytes
    2008-05-03 14:43 . 2008-05-03 14:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-05-03 13:17 . 2008-05-03 13:17 <REP> d-------- C:\Program Files\Trend Micro
    2008-05-02 21:17 . 2008-05-02 21:17 <REP> d-------- C:\Documents and Settings\Lauras\Application Data\Grisoft
    2008-05-02 19:44 . 2008-05-02 19:44 <REP> d-------- C:\Program Files\Lavasoft
    2008-05-02 19:44 . 2008-05-02 19:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-05-02 11:50 . 2008-05-02 11:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-07 20:41 --------- d-----w C:\Program Files\Wanadoo
    2008-05-06 13:30 --------- d-----w C:\Program Files\eMule
    2008-05-02 17:43 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-05-02 09:59 --------- d-----w C:\Documents and Settings\The King\Application Data\RagTime
    2008-04-26 01:35 --------- d-----w C:\Program Files\Burn4Free
    2008-04-22 16:44 --------- d-----w C:\Program Files\Warcraft III
    2008-04-19 17:23 --------- d-----w C:\Program Files\World of Warcraft
    2008-04-13 12:43 --------- d-----w C:\Documents and Settings\The King\Application Data\AboutTrust
    2008-04-06 09:53 --------- d-----w C:\Program Files\MSN Messenger
    2008-04-06 09:53 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-03-08 20:43 --------- d-----w C:\Program Files\OpenOffice.org1.1.2
    2008-03-08 12:16 --------- d-----w C:\Documents and Settings\The King\Application Data\teamspeak2
    2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
    2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
    2007-03-01 18:25 87,608 ----a-w C:\Documents and Settings\The King\Application Data\ezpinst.exe
    2007-03-01 18:25 47,360 ----a-w C:\Documents and Settings\The King\Application Data\pcouffin.sys
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E1BACF55-35E1-4E47-9247-2D48660E5545}]
    C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{E1BACF55-35E1-4E47-9247-2D48660E5545}"= "C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll" [ ]

    [HKEY_CLASSES_ROOT\clsid\{e1bacf55-35e1-4e47-9247-2d48660e5545}]
    [HKEY_CLASSES_ROOT\HostIE.Bho.1]
    [HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}]
    [HKEY_CLASSES_ROOT\HostIE.Bho]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{E1BACF55-35E1-4E47-9247-2D48660E5545}"= C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll [ ]

    [HKEY_CLASSES_ROOT\clsid\{e1bacf55-35e1-4e47-9247-2d48660e5545}]
    [HKEY_CLASSES_ROOT\HostIE.Bho.1]
    [HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}]
    [HKEY_CLASSES_ROOT\HostIE.Bho]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
    "coal ping"="C:\DOCUME~1\THEKIN~1\APPLIC~1\ABOUTT~1\manager mpeg eq.exe" [ ]
    "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
    "antispy"="C:\Program Files\IEAntiVirus\ANTIVIRUS.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-09 16:29 7561216]
    "nwiz"="nwiz.exe" [2006-03-09 16:29 1519616 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-03-09 16:29 86016]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-01-10 13:23 282624]
    "SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
    "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
    "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
    "SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
    "ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [2005-04-13 03:48 36975]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
    "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Contr“leur d'‚tat.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-04-15 12:02:23 802816]
    Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06 29696]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3acm"= l3codecp.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    --a------ 2007-01-19 13:55 5674352 C:\Program Files\MSN Messenger\MsnMsgr.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3724:TCP"= 3724:TCP:Blizzard Downloader
    "6112:TCP"= 6112:TCP:Blizzard Downloader
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
    S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-04-07 20:17]
    S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2005-06-17 11:27]

    *Newly Created Service* - CATCHME
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-07 22:46:21
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...


    folder error: C:\WINDOWS\Downloaded Program Files\

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-05-07 22:50:11
    ComboFix-quarantined-files.txt 2008-05-07 20:50:09

    Pre-Run: 20,943,998,976 octets libres
    Post-Run: 21,968,961,536 octets libres

    136 --- E O F --- 2008-04-09 22:15:49
    a b 8 Sécurité
    9 Mai 2008 13:03:47

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    Folder::
    C:\DOCUME~1\THEKIN~1\APPLIC~1\ABOUTT~1\manager mpeg eq.exe
    C:\Program Files\IEAntiVirus

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E1BACF55-35E1-4E47-9247-2D48660E5545}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{E1BACF55-35E1-4E47-9247-2D48660E5545}"=-
    [-HKEY_CLASSES_ROOT\clsid\{e1bacf55-35e1-4e47-9247-2d48660e5545}]
    [-HKEY_CLASSES_ROOT\HostIE.Bho.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}]
    [-HKEY_CLASSES_ROOT\HostIE.Bho]
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{E1BACF55-35E1-4E47-9247-2D48660E5545}"=-
    [-HKEY_CLASSES_ROOT\clsid\{e1bacf55-35e1-4e47-9247-2d48660e5545}]
    [-HKEY_CLASSES_ROOT\HostIE.Bho.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}]
    [-HKEY_CLASSES_ROOT\HostIE.Bho]
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "coal ping"=-
    "antispy"=-


    Ouvre le Bloc-notes (Démarrer>Exécuter...>notepad) puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :


    Cela va relancer ComboFix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport HijackThis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS