Se connecter / S'enregistrer
Votre question

probleme de page CID [Résolu]

Tags :
  • Windows genuine advantage
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Février 2008 15:17:21

Bonjour je n'arrive pas a m'en sortir j'ai des multitudes de pages qui s'ouvre avec des messages pour effectuer des scan et acheter en ligne le soit avec le titre CID:
Merci pour votre aide
Voici mon log HIJACKTHIS:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:06:48, on 10/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Antal boss\Bureau\HijackThis\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
O4 - HKLM\..\Run: [WinService32] C:\Program Files\System32\svchost.exe
O4 - HKLM\..\Run: [Video Driver] C:\Program Files\Fichiers communs\Microsoft Shared\DAO\ANTAL\svchost.exe
O4 - HKLM\..\Run: [pfp.exe] C:\Program Files\Protect Files Pro\pfp.exe /T
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Office SturtUp] osa9.exe
O4 - HKLM\..\Run: [gfxtray] rundll32 ctccw32.dll,findwnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Amok Eggs Four Web] C:\Documents and Settings\All Users\Application Data\part dead amok eggs\Body Dart.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [himem] "c:\windows\himem.exe" 3fff 8ffff
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [For sign] C:\DOCUME~1\ANTALB~1\APPLIC~1\PILETR~1\Byte bags.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sandralabor.spaces.live.com/PhotoUpload/MsnPUpld...
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 7051 bytes

Autres pages sur : probleme page cid resolu

a b 8 Sécurité
10 Février 2008 15:26:20

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    &

    Télécharge ewido anti-spyware micro scanner sur ton bureau.
  • Double-clique sur le fichier ewido_micro.exe pour l'exécuter.
  • Le programme va demander dès son lancement un accès internet pour se mettre à jour, accepte.
  • Puis, un nouvel écran apparaît, assure toi que toutes les cases soient cochées.
  • Clique sur Start Scan et laisse l'outil travailler.
  • Quand l'outil à fini, clique sur save report et sauvegarde le rapport sur ton bureau.
  • Poste le dans ta prochaine réponse.

    Nb : ne clique pas tout de suite sur Remove infections; nous devons nous assurer que toutes les détections soient infectieuses car certains utilitaires légitimes pourraient apparaître dans le rapport.
    10 Février 2008 15:38:23

    -----------------------------[ Lop S&D 2.3.1 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Antal boss ] [ "C:\Program Files\Lop SD" ]
    [ 10/02/2008 | 15:34:00,17 ] [ PC : ANTAL ]
    [ MAJ : 09-02-2008 | 14:21 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [22/05/2007|01:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
    [22/05/2007|01:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
    [22/05/2007|01:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [21/05/2007|23:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [09/02/2008|02:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [09/02/2008|02:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [03/02/2008|15:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
    [22/11/2007|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [05/06/2007|00:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/02/2008|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [22/05/2007|01:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [21/01/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
    [16/01/2008|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [25/11/2007|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [30/01/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [03/02/2008|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [01/12/2007|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [27/11/2007|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [03/02/2008|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
    [28/01/2008|22:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [23/10/2007|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [23/01/2008|03:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
    [10/02/2008|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ssdata
    [09/02/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [22/05/2007|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [20/12/2007|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [25/11/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [03/02/2008|17:39] C:\DOCUME~1\ANTALB~1\APPLIC~1\.
    [03/02/2008|17:39] C:\DOCUME~1\ANTALB~1\APPLIC~1\..
    [14/11/2007|22:53] C:\DOCUME~1\ANTALB~1\APPLIC~1\Adobe
    [27/11/2007|22:12] C:\DOCUME~1\ANTALB~1\APPLIC~1\Ahead
    [11/07/2007|12:48] C:\DOCUME~1\ANTALB~1\APPLIC~1\Ambient Design
    [05/06/2007|00:09] C:\DOCUME~1\ANTALB~1\APPLIC~1\Apple Computer
    [21/05/2007|23:54] C:\DOCUME~1\ANTALB~1\APPLIC~1\ATI
    [22/05/2007|01:12] C:\DOCUME~1\ANTALB~1\APPLIC~1\desktop.ini
    [05/07/2007|12:15] C:\DOCUME~1\ANTALB~1\APPLIC~1\DivX
    [08/02/2008|21:50] C:\DOCUME~1\ANTALB~1\APPLIC~1\Identities
    [14/11/2007|22:53] C:\DOCUME~1\ANTALB~1\APPLIC~1\InterTrust
    [31/01/2008|23:07] C:\DOCUME~1\ANTALB~1\APPLIC~1\iWin
    [21/05/2007|23:59] C:\DOCUME~1\ANTALB~1\APPLIC~1\Macromedia
    [24/09/2007|19:54] C:\DOCUME~1\ANTALB~1\APPLIC~1\Media Player Classic
    [18/01/2008|13:35] C:\DOCUME~1\ANTALB~1\APPLIC~1\Microsoft
    [03/02/2008|15:51] C:\DOCUME~1\ANTALB~1\APPLIC~1\Pile Trans Wipe
    [28/01/2008|22:18] C:\DOCUME~1\ANTALB~1\APPLIC~1\PlayFirst
    [08/11/2007|00:32] C:\DOCUME~1\ANTALB~1\APPLIC~1\Real
    [30/01/2008|20:54] C:\DOCUME~1\ANTALB~1\APPLIC~1\Samsung
    [05/12/2007|17:05] C:\DOCUME~1\ANTALB~1\APPLIC~1\Sun
    [28/10/2007|19:08] C:\DOCUME~1\ANTALB~1\APPLIC~1\vlc
    [20/12/2007|21:37] C:\DOCUME~1\ANTALB~1\APPLIC~1\WinRAR
    [08/02/2008|21:50] C:\DOCUME~1\ANTALB~1\APPLIC~1\Zylom

    [22/05/2007|01:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [22/05/2007|01:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [22/05/2007|01:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [21/05/2007|23:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [21/05/2007|23:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [21/05/2007|23:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [21/05/2007|23:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [21/05/2007|23:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [21/05/2007|23:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [21/05/2007|23:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [10/02/2008 15:00][--ah-----] C:\WINDOWS\tasks\AB86FD7B918572AF.job [--278--]
    [10/02/2008 14:55][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [10/02/2008|15:33] C:\Program Files\.
    [10/02/2008|15:33] C:\Program Files\..
    [14/11/2007|22:53] C:\Program Files\Adobe
    [29/01/2008|21:28] C:\Program Files\Alcohol Soft
    [21/05/2007|23:38] C:\Program Files\AMD
    [21/05/2007|23:40] C:\Program Files\Analog Devices
    [21/05/2007|23:49] C:\Program Files\ATI Technologies
    [03/02/2008|15:46] C:\Program Files\Avira
    [29/01/2008|00:50] C:\Program Files\directx
    [10/02/2008|12:14] C:\Program Files\eMule
    [03/02/2008|15:58] C:\Program Files\Fichiers communs
    [30/01/2008|20:48] C:\Program Files\InstallShield Installation Information
    [16/01/2008|21:23] C:\Program Files\Internet Explorer
    [25/11/2007|16:19] C:\Program Files\Java
    [29/06/2007|13:44] C:\Program Files\K-Lite Codec Pack
    [03/02/2008|16:09] C:\Program Files\Lavasoft
    [29/12/2007|16:35] C:\Program Files\Logitech
    [10/02/2008|15:34] C:\Program Files\Lop SD
    [22/05/2007|00:10] C:\Program Files\Messenger
    [17/01/2008|14:29] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [21/05/2007|23:28] C:\Program Files\microsoft frontpage
    [13/06/2007|11:01] C:\Program Files\Microsoft Office
    [21/05/2007|23:24] C:\Program Files\Movie Maker
    [21/05/2007|23:21] C:\Program Files\MSN
    [21/05/2007|23:22] C:\Program Files\MSN Gaming Zone
    [22/05/2007|00:02] C:\Program Files\MSN Messenger
    [28/11/2007|23:13] C:\Program Files\MSXML 4.0
    [22/11/2007|23:29] C:\Program Files\Nero
    [21/05/2007|23:25] C:\Program Files\NetMeeting
    [09/02/2008|02:04] C:\Program Files\Oberon Media
    [21/05/2007|23:23] C:\Program Files\Online Services
    [13/06/2007|22:28] C:\Program Files\Outlook Express
    [11/07/2007|12:53] C:\Program Files\Paint.NET
    [29/06/2007|13:42] C:\Program Files\PDFCreator
    [18/01/2008|14:39] C:\Program Files\Protect Files Pro
    [26/10/2007|19:30] C:\Program Files\QuickTime
    [07/11/2007|23:48] C:\Program Files\Real
    [12/12/2007|11:20] C:\Program Files\Rico Software
    [30/01/2008|20:47] C:\Program Files\Samsung
    [21/05/2007|23:26] C:\Program Files\Services en ligne
    [21/05/2007|23:33] C:\Program Files\Uninstall Information
    [28/10/2007|19:07] C:\Program Files\VideoLAN
    [30/11/2007|22:20] C:\Program Files\Windows Media Player
    [21/05/2007|23:22] C:\Program Files\Windows NT
    [21/05/2007|23:26] C:\Program Files\WindowsUpdate
    [20/12/2007|23:02] C:\Program Files\WinRAR
    [21/05/2007|23:28] C:\Program Files\xerox
    [09/02/2008|02:00] C:\Program Files\Zylom Games

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [03/02/2008|15:58] C:\Program Files\Fichiers communs\.
    [03/02/2008|15:58] C:\Program Files\Fichiers communs\..
    [24/11/2007|02:10] C:\Program Files\Fichiers communs\Adobe
    [27/11/2007|14:22] C:\Program Files\Fichiers communs\Ahead
    [21/05/2007|23:50] C:\Program Files\Fichiers communs\ATI Technologies
    [21/05/2007|23:44] C:\Program Files\Fichiers communs\InstallShield
    [25/11/2007|16:17] C:\Program Files\Fichiers communs\Java
    [29/12/2007|16:35] C:\Program Files\Fichiers communs\Logitech
    [21/05/2007|23:33] C:\Program Files\Fichiers communs\Microsoft Shared
    [21/05/2007|23:25] C:\Program Files\Fichiers communs\MSSoap
    [01/02/2008|05:03] C:\Program Files\Fichiers communs\Oberon Media
    [22/05/2007|01:13] C:\Program Files\Fichiers communs\ODBC
    [07/11/2007|23:48] C:\Program Files\Fichiers communs\Real
    [21/05/2007|23:25] C:\Program Files\Fichiers communs\Services
    [22/05/2007|01:13] C:\Program Files\Fichiers communs\SpeechEngines
    [13/06/2007|22:28] C:\Program Files\Fichiers communs\System
    [03/02/2008|15:58] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [07/11/2007|23:48] C:\Program Files\Fichiers communs\xing shared

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\Body Dart.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst\weddingdash
    C:\DOCUME~1\ANTALB~1\APPLIC~1\PlayFirst
    C:\DOCUME~1\ANTALB~1\APPLIC~1\PlayFirst\trijinx
    C:\DOCUME~1\ANTALB~1\APPLIC~1\PlayFirst\weddingdash
    C:\DOCUME~1\ANTALB~1\Cookies\antal boss@netpumper[1].txt
    C:\WINDOWS\Tasks\AB86FD7B918572AF.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Amok Eggs Four Web"="C:\\Documents and Settings\\All Users\\Application Data\\part dead amok eggs\\Body Dart.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-10 15:35:03
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !
    Contenus similaires
    a b 8 Sécurité
    10 Février 2008 15:39:36

    N'oublie pas le scan ewido ;) 
    11 Février 2008 00:17:33

    ewido anti-spyware online scanner
    http://www.ewido.net
    __________________________________________________


    Name: TrackingCookie.247realmedia
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@247realmedia[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Adbrite
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@3.adbrite[2].txt
    Risk: Medium

    Name: TrackingCookie.Adbrite
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@4.adbrite[2].txt
    Risk: Medium

    Name: TrackingCookie.7search
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@7search[2].txt
    Risk: Medium

    Name: TrackingCookie.Yieldmanager
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ad.yieldmanager[2].txt
    Risk: Medium

    Name: TrackingCookie.Adbrite
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@adbrite[1].txt
    Risk: Medium

    Name: TrackingCookie.Euroclick
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@adopt.euroclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Adrevolver
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@adrevolver[2].txt
    Risk: Medium

    Name: TrackingCookie.Adbrite
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ads.adbrite[1].txt
    Risk: Medium

    Name: TrackingCookie.Addynamix
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ads.addynamix[1].txt
    Risk: Medium

    Name: TrackingCookie.Planetactive
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ads.planetactive[1].txt
    Risk: Medium

    Name: TrackingCookie.Pointroll
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ads.pointroll[1].txt
    Risk: Medium

    Name: TrackingCookie.Adtech
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@adtech[1].txt
    Risk: Medium

    Name: TrackingCookie.Advertising
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@advertising[1].txt
    Risk: Medium

    Name: TrackingCookie.Adviva
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@adviva[2].txt
    Risk: Medium

    Name: TrackingCookie.Falkag
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@as1.falkag[1].txt
    Risk: Medium

    Name: TrackingCookie.Atdmt
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@atdmt[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@autoscout24.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Bluestreak
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@bluestreak[2].txt
    Risk: Medium

    Name: TrackingCookie.Serving-sys
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@bs.serving-sys[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@canadiantourismcommission.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@care2.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Casalemedia
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@casalemedia[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@cmpmedica.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@damart.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Coremetrics
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@data.coremetrics[1].txt
    Risk: Medium

    Name: TrackingCookie.Dealtime
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@dealtime[1].txt
    Risk: Medium

    Name: TrackingCookie.Doubleclick
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@doubleclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Esomniture
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@e-2dj6wgkouldzgep.stats.esomniture[2].txt
    Risk: Medium

    Name: TrackingCookie.Esomniture
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@e-2dj6wjk4woajgao.stats.esomniture[2].txt
    Risk: Medium

    Name: TrackingCookie.Esomniture
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@e-2dj6wjkycgcjsap.stats.esomniture[2].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-bestwestern.hitbox[2].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-citenumerique.hitbox[2].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-cogemag.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-dig.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-mybc.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-nestlebebe.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-neuftelecom.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-telecomitalia.hitbox[2].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-veohnetworksinc.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-yvesrocher.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ehg-zoomerang.hitbox[2].txt
    Risk: Medium

    Name: TrackingCookie.Enhance
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@enhance[1].txt
    Risk: Medium

    Name: TrackingCookie.Estat
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@estat[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@excedence.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Fastclick
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@fastclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Comclick
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@fl01.ct2.comclick[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@fnac.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Real
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@fr.real[1].txt
    Risk: Medium

    Name: TrackingCookie.Real
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@france.real[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@hertz.122.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@himedia.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Gemius
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@hit.gemius[2].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Msn
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ie.search.msn[1].txt
    Risk: Medium

    Name: TrackingCookie.Bluestreak
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@iv2.bluestreak[1].txt
    Risk: Medium

    Name: TrackingCookie.Ivwbox
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ivwbox[2].txt
    Risk: Medium

    Name: TrackingCookie.Webtrends
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@m.webtrends[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@maisondevalerie.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Adrevolver
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@media.adrevolver[1].txt
    Risk: Medium

    Name: TrackingCookie.Mediaplex
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@mediaplex[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@metacafe.122.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@micromania.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@mistergooddeal.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@msnaccountservices.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@msnlivefavorites.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@msnportal.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@notrefamille.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@numericable.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Overture
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@overture[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@paypal.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@philips.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@privateoutlet.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Questionmarket
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@questionmarket[1].txt
    Risk: Medium

    Name: TrackingCookie.Real
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@real[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@redcats.122.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Revsci
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@revsci[2].txt
    Risk: Medium

    Name: TrackingCookie.Information
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@searchportal.information[1].txt
    Risk: Medium

    Name: TrackingCookie.Liveperson
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@server.iad.liveperson[1].txt
    Risk: Medium

    Name: TrackingCookie.Serving-sys
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@serving-sys[2].txt
    Risk: Medium

    Name: TrackingCookie.Smartadserver
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@smartadserver[2].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@sonyeurope.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Spylog
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@spylog[1].txt
    Risk: Medium

    Name: TrackingCookie.Netflame
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@ssl-hints.netflame[2].txt
    Risk: Medium

    Name: TrackingCookie.Dealtime
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@stat.dealtime[1].txt
    Risk: Medium

    Name: TrackingCookie.Statcounter
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@statcounter[1].txt
    Risk: Medium

    Name: TrackingCookie.Webtrendslive
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@statse.webtrendslive[2].txt
    Risk: Medium

    Name: TrackingCookie.Tacoda
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@tacoda[1].txt
    Risk: Medium

    Name: TrackingCookie.Tradedoubler
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@tradedoubler[1].txt
    Risk: Medium

    Name: TrackingCookie.Tribalfusion
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@tribalfusion[1].txt
    Risk: Medium

    Name: TrackingCookie.Vegasred
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@vegasred[1].txt
    Risk: Medium

    Name: TrackingCookie.Weborama
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@weborama[2].txt
    Risk: Medium

    Name: TrackingCookie.Vegasred
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@www.vegasred[1].txt
    Risk: Medium

    Name: TrackingCookie.Zedo
    Path: C:\Documents and Settings\Antal boss\Cookies\antal boss@zedo[1].txt
    Risk: Medium

    Name: Not-A-Virus.Monitor.Win32.007SpySoft.342
    Path: [2040] C:\Program Files\System32\svchost.exe
    Risk: Low

    Name: TrackingCookie.Yieldmanager
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@ad.yieldmanager[1].txt
    Risk: Medium

    Name: TrackingCookie.Adrevolver
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@adrevolver[1].txt
    Risk: Medium

    Name: TrackingCookie.Adtech
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@adtech[1].txt
    Risk: Medium

    Name: TrackingCookie.Advertising
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@advertising[1].txt
    Risk: Medium

    Name: TrackingCookie.Adviva
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@adviva[2].txt
    Risk: Medium

    Name: TrackingCookie.Atdmt
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@atdmt[2].txt
    Risk: Medium

    Name: TrackingCookie.Bluestreak
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@bluestreak[2].txt
    Risk: Medium

    Name: TrackingCookie.Serving-sys
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@bs.serving-sys[2].txt
    Risk: Medium

    Name: TrackingCookie.Doubleclick
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@doubleclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@ehg-telecomitalia.hitbox[1].txt
    Risk: Medium

    Name: TrackingCookie.Estat
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@estat[1].txt
    Risk: Medium

    Name: TrackingCookie.Fastclick
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@fastclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Comclick
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@fl01.ct2.comclick[1].txt
    Risk: Medium

    Name: TrackingCookie.Hitbox
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@hitbox[2].txt
    Risk: Medium

    Name: TrackingCookie.Adrevolver
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@media.adrevolver[2].txt
    Risk: Medium

    Name: TrackingCookie.Mediaplex
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@mediaplex[1].txt
    Risk: Medium

    Name: TrackingCookie.2o7
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@msnportal.112.2o7[1].txt
    Risk: Medium

    Name: TrackingCookie.Overture
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@overture[1].txt
    Risk: Medium

    Name: TrackingCookie.Serving-sys
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@serving-sys[2].txt
    Risk: Medium

    Name: TrackingCookie.Smartadserver
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@smartadserver[1].txt
    Risk: Medium

    Name: TrackingCookie.Statcounter
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@statcounter[2].txt
    Risk: Medium

    Name: TrackingCookie.Webtrendslive
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@statse.webtrendslive[2].txt
    Risk: Medium

    Name: TrackingCookie.Tradedoubler
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@tradedoubler[2].txt
    Risk: Medium

    Name: TrackingCookie.Weborama
    Path: C:\Documents and Settings\Antal boss\Local Settings\Temp\Cookies\antal boss@weborama[1].txt
    Risk: Medium

    Name: Adware.Casino
    Path: C:\System Volume Information\_restore{56C98189-F142-498E-AD5F-2EDD9C3B4852}\RP138\A0023998.exe
    Risk: Medium

    Name: Not-A-Virus.Monitor.Win32.Hooker.d
    Path: C:\WINDOWS\system32\keybhookpro.dll
    Risk: Low

    11 Février 2008 14:19:44

    bonjour,
    voila le scan exido, j'attend votre reponse quand vous avez le temp bien sur..., je n'ai pas fermé ewido
    a b 8 Sécurité
    11 Février 2008 18:23:05

    Re,

  • Clique sur Remove infections
  • Au message d'avertissement, clique sur Ok et laisse l'outil travailler.
  • Quand l'outil à fini, clique sur Save Report et sauvegarde le rapport sur ton bureau.
  • Poste le dans ta prochaine réponse.

    &

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    11 Février 2008 19:38:11

    slt,
    voila le rapport Lop S&D

    -----------------------------[ Lop S&D 2.3.1 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Antal boss ] [ "C:\Program Files\Lop SD" ]
    [ 11/02/2008 | 19:33:20,65 ] [ PC : ANTAL ]
    [ MAJ : 09-02-2008 | 14:21 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\Body Dart.exe
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst\weddingdash
    Supprimé! - C:\DOCUME~1\ANTALB~1\APPLIC~1\PlayFirst\trijinx
    Supprimé! - C:\DOCUME~1\ANTALB~1\APPLIC~1\PlayFirst\weddingdash
    Supprimé! - C:\DOCUME~1\ANTALB~1\Cookies\antal boss@netpumper[1].txt
    Supprimé! - C:\WINDOWS\Tasks\AB86FD7B918572AF.job
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    Supprimé! - C:\DOCUME~1\ANTALB~1\APPLIC~1\PlayFirst
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [22/05/2007|01:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
    [22/05/2007|01:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
    [22/05/2007|01:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [21/05/2007|23:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [11/02/2008|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [11/02/2008|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [03/02/2008|15:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
    [22/11/2007|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [05/06/2007|00:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/02/2008|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [22/05/2007|01:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [21/01/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
    [16/01/2008|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [25/11/2007|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [30/01/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [03/02/2008|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [01/12/2007|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [27/11/2007|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [23/10/2007|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [23/01/2008|03:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
    [11/02/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ssdata
    [09/02/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [22/05/2007|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [20/12/2007|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [25/11/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [11/02/2008|19:33] C:\DOCUME~1\ANTALB~1\APPLIC~1\.
    [11/02/2008|19:33] C:\DOCUME~1\ANTALB~1\APPLIC~1\..
    [14/11/2007|22:53] C:\DOCUME~1\ANTALB~1\APPLIC~1\Adobe
    [27/11/2007|22:12] C:\DOCUME~1\ANTALB~1\APPLIC~1\Ahead
    [11/07/2007|12:48] C:\DOCUME~1\ANTALB~1\APPLIC~1\Ambient Design
    [05/06/2007|00:09] C:\DOCUME~1\ANTALB~1\APPLIC~1\Apple Computer
    [21/05/2007|23:54] C:\DOCUME~1\ANTALB~1\APPLIC~1\ATI
    [22/05/2007|01:12] C:\DOCUME~1\ANTALB~1\APPLIC~1\desktop.ini
    [05/07/2007|12:15] C:\DOCUME~1\ANTALB~1\APPLIC~1\DivX
    [08/02/2008|21:50] C:\DOCUME~1\ANTALB~1\APPLIC~1\Identities
    [14/11/2007|22:53] C:\DOCUME~1\ANTALB~1\APPLIC~1\InterTrust
    [31/01/2008|23:07] C:\DOCUME~1\ANTALB~1\APPLIC~1\iWin
    [21/05/2007|23:59] C:\DOCUME~1\ANTALB~1\APPLIC~1\Macromedia
    [24/09/2007|19:54] C:\DOCUME~1\ANTALB~1\APPLIC~1\Media Player Classic
    [18/01/2008|13:35] C:\DOCUME~1\ANTALB~1\APPLIC~1\Microsoft
    [03/02/2008|15:51] C:\DOCUME~1\ANTALB~1\APPLIC~1\Pile Trans Wipe
    [08/11/2007|00:32] C:\DOCUME~1\ANTALB~1\APPLIC~1\Real
    [30/01/2008|20:54] C:\DOCUME~1\ANTALB~1\APPLIC~1\Samsung
    [05/12/2007|17:05] C:\DOCUME~1\ANTALB~1\APPLIC~1\Sun
    [28/10/2007|19:08] C:\DOCUME~1\ANTALB~1\APPLIC~1\vlc
    [20/12/2007|21:37] C:\DOCUME~1\ANTALB~1\APPLIC~1\WinRAR
    [08/02/2008|21:50] C:\DOCUME~1\ANTALB~1\APPLIC~1\Zylom

    [22/05/2007|01:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [22/05/2007|01:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [22/05/2007|01:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [21/05/2007|23:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [21/05/2007|23:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [21/05/2007|23:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [21/05/2007|23:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [21/05/2007|23:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [21/05/2007|23:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [21/05/2007|23:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [10/02/2008 14:55][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [10/02/2008|15:33] C:\Program Files\.
    [10/02/2008|15:33] C:\Program Files\..
    [14/11/2007|22:53] C:\Program Files\Adobe
    [29/01/2008|21:28] C:\Program Files\Alcohol Soft
    [21/05/2007|23:38] C:\Program Files\AMD
    [21/05/2007|23:40] C:\Program Files\Analog Devices
    [21/05/2007|23:49] C:\Program Files\ATI Technologies
    [03/02/2008|15:46] C:\Program Files\Avira
    [29/01/2008|00:50] C:\Program Files\directx
    [11/02/2008|14:49] C:\Program Files\eMule
    [03/02/2008|15:58] C:\Program Files\Fichiers communs
    [30/01/2008|20:48] C:\Program Files\InstallShield Installation Information
    [16/01/2008|21:23] C:\Program Files\Internet Explorer
    [25/11/2007|16:19] C:\Program Files\Java
    [29/06/2007|13:44] C:\Program Files\K-Lite Codec Pack
    [03/02/2008|16:09] C:\Program Files\Lavasoft
    [29/12/2007|16:35] C:\Program Files\Logitech
    [11/02/2008|19:33] C:\Program Files\Lop SD
    [22/05/2007|00:10] C:\Program Files\Messenger
    [17/01/2008|14:29] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [21/05/2007|23:28] C:\Program Files\microsoft frontpage
    [13/06/2007|11:01] C:\Program Files\Microsoft Office
    [21/05/2007|23:24] C:\Program Files\Movie Maker
    [21/05/2007|23:21] C:\Program Files\MSN
    [21/05/2007|23:22] C:\Program Files\MSN Gaming Zone
    [22/05/2007|00:02] C:\Program Files\MSN Messenger
    [28/11/2007|23:13] C:\Program Files\MSXML 4.0
    [22/11/2007|23:29] C:\Program Files\Nero
    [21/05/2007|23:25] C:\Program Files\NetMeeting
    [09/02/2008|02:04] C:\Program Files\Oberon Media
    [21/05/2007|23:23] C:\Program Files\Online Services
    [13/06/2007|22:28] C:\Program Files\Outlook Express
    [11/07/2007|12:53] C:\Program Files\Paint.NET
    [29/06/2007|13:42] C:\Program Files\PDFCreator
    [18/01/2008|14:39] C:\Program Files\Protect Files Pro
    [26/10/2007|19:30] C:\Program Files\QuickTime
    [07/11/2007|23:48] C:\Program Files\Real
    [12/12/2007|11:20] C:\Program Files\Rico Software
    [30/01/2008|20:47] C:\Program Files\Samsung
    [21/05/2007|23:26] C:\Program Files\Services en ligne
    [21/05/2007|23:33] C:\Program Files\Uninstall Information
    [28/10/2007|19:07] C:\Program Files\VideoLAN
    [30/11/2007|22:20] C:\Program Files\Windows Media Player
    [21/05/2007|23:22] C:\Program Files\Windows NT
    [21/05/2007|23:26] C:\Program Files\WindowsUpdate
    [20/12/2007|23:02] C:\Program Files\WinRAR
    [21/05/2007|23:28] C:\Program Files\xerox
    [09/02/2008|02:00] C:\Program Files\Zylom Games

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [03/02/2008|15:58] C:\Program Files\Fichiers communs\.
    [03/02/2008|15:58] C:\Program Files\Fichiers communs\..
    [24/11/2007|02:10] C:\Program Files\Fichiers communs\Adobe
    [27/11/2007|14:22] C:\Program Files\Fichiers communs\Ahead
    [21/05/2007|23:50] C:\Program Files\Fichiers communs\ATI Technologies
    [21/05/2007|23:44] C:\Program Files\Fichiers communs\InstallShield
    [25/11/2007|16:17] C:\Program Files\Fichiers communs\Java
    [29/12/2007|16:35] C:\Program Files\Fichiers communs\Logitech
    [21/05/2007|23:33] C:\Program Files\Fichiers communs\Microsoft Shared
    [21/05/2007|23:25] C:\Program Files\Fichiers communs\MSSoap
    [01/02/2008|05:03] C:\Program Files\Fichiers communs\Oberon Media
    [22/05/2007|01:13] C:\Program Files\Fichiers communs\ODBC
    [07/11/2007|23:48] C:\Program Files\Fichiers communs\Real
    [21/05/2007|23:25] C:\Program Files\Fichiers communs\Services
    [22/05/2007|01:13] C:\Program Files\Fichiers communs\SpeechEngines
    [13/06/2007|22:28] C:\Program Files\Fichiers communs\System
    [03/02/2008|15:58] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [07/11/2007|23:48] C:\Program Files\Fichiers communs\xing shared

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-11 19:34:18
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:7904][Doss:48] C:\DOCUME~1\ANTALB~1\LOCALS~1\Temp
    /!\ [Fich:1314][Doss:0] C:\DOCUME~1\ANTALB~1\Cookies
    /!\ [Fich:15403][Doss:23] C:\DOCUME~1\ANTALB~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:35:28,76 ]----------------------
    a b 8 Sécurité
    11 Février 2008 20:10:19

    Reposte un rapport Hijackthis.
    11 Février 2008 20:42:12

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:41:48, on 11/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\System32\svchost.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\eMule\emule.exe
    C:\WINDOWS\system32\drwtsn32.exe
    C:\WINDOWS\system32\drwtsn32.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Antal boss\Bureau\HijackThis\Scanner.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
    O4 - HKLM\..\Run: [WinService32] C:\Program Files\System32\svchost.exe
    O4 - HKLM\..\Run: [Video Driver] C:\Program Files\Fichiers communs\Microsoft Shared\DAO\ANTAL\svchost.exe
    O4 - HKLM\..\Run: [pfp.exe] C:\Program Files\Protect Files Pro\pfp.exe /T
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Office SturtUp] osa9.exe
    O4 - HKLM\..\Run: [gfxtray] rundll32 ctccw32.dll,findwnd
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [himem] "c:\windows\himem.exe" 3fff 8ffff
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [For sign] C:\DOCUME~1\ANTALB~1\APPLIC~1\PILETR~1\Byte bags.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sandralabor.spaces.live.com/PhotoUpload/MsnPUpld...
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

    --
    End of file - 6987 bytes
    a b 8 Sécurité
    11 Février 2008 20:56:20

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    11 Février 2008 23:04:12

    Re
    Voilà le rapport combofix


    ComboFix 08-02-12.1 - Antal boss 2008-02-11 22:58:51.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.994 [GMT 1:00]
    Endroit: C:\Documents and Settings\Antal boss\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-01-12 to 2008-02-12 ))))))))))))))))))))))))))))))))))))
    .

    2008-02-10 15:33 . 2008-02-11 19:35 <REP> d-------- C:\Program Files\Lop SD
    2008-02-10 14:50 . 2007-05-22 01:12 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
    2008-02-10 14:50 . 2007-05-22 01:12 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-02-10 14:50 . 2007-05-21 23:22 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
    2008-02-10 14:50 . 2007-05-22 01:12 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
    2008-02-10 14:50 . 2007-05-22 01:12 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
    2008-02-10 14:50 . 2008-02-10 14:51 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
    2008-02-10 14:50 . 2007-05-22 01:12 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-02-09 02:02 . 2008-02-09 14:19 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-02-09 02:01 . 2008-02-09 02:04 <REP> d-------- C:\Program Files\Oberon Media
    2008-02-04 12:39 . 2008-02-04 12:39 754 --a------ C:\WINDOWS\WORDPAD.INI
    2008-02-03 18:08 . 2008-02-03 18:08 <REP> d--hs---- C:\found.001
    2008-02-03 15:59 . 2008-02-03 16:09 <REP> d-------- C:\Program Files\Lavasoft
    2008-02-03 15:59 . 2008-02-03 15:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-02-03 15:58 . 2008-02-03 15:58 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-02-03 15:46 . 2008-02-03 15:46 <REP> d-------- C:\Program Files\Avira
    2008-02-03 15:46 . 2008-02-03 15:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-02-03 15:40 . 2008-02-03 15:41 <REP> d-------- C:\Downloads
    2008-02-03 15:40 . 2008-02-03 15:51 <REP> d-------- C:\Documents and Settings\Antal boss\Application Data\Pile Trans Wipe
    2008-02-01 05:03 . 2008-02-01 05:03 <REP> d-------- C:\Program Files\Fichiers communs\Oberon Media
    2008-01-31 23:07 . 2008-01-31 23:07 <REP> d-------- C:\Documents and Settings\Antal boss\Application Data\iWin
    2008-01-30 20:54 . 2008-01-30 20:54 <REP> d-------- C:\Documents and Settings\Antal boss\Application Data\Samsung
    2008-01-30 20:49 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
    2008-01-30 20:48 . 2008-01-30 20:48 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
    2008-01-30 20:48 . 2007-07-03 16:58 106,792 --a------ C:\WINDOWS\system32\drivers\sscdmdm.sys
    2008-01-30 20:48 . 2007-07-03 16:54 80,552 --a------ C:\WINDOWS\system32\drivers\sscdbus.sys
    2008-01-30 20:48 . 2007-07-03 16:57 11,944 --a------ C:\WINDOWS\system32\drivers\sscdmdfl.sys
    2008-01-30 20:48 . 2007-07-03 17:00 9,256 --a------ C:\WINDOWS\system32\drivers\sscdwhnt.sys
    2008-01-30 20:48 . 2007-07-03 17:00 9,256 --a------ C:\WINDOWS\system32\drivers\sscdwh.sys
    2008-01-30 20:48 . 2007-07-03 16:56 9,256 --a------ C:\WINDOWS\system32\drivers\sscdcmnt.sys
    2008-01-30 20:48 . 2007-07-03 16:56 9,256 --a------ C:\WINDOWS\system32\drivers\sscdcm.sys
    2008-01-30 20:48 . 2006-07-24 16:05 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
    2008-01-30 20:48 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
    2008-01-30 20:47 . 2008-01-30 20:47 <REP> d-------- C:\Program Files\Samsung
    2008-01-29 21:28 . 2008-01-29 21:28 <REP> d-------- C:\Program Files\Alcohol Soft
    2008-01-29 21:25 . 2008-01-29 21:25 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2008-01-29 00:50 . 2008-01-29 00:50 <REP> d-------- C:\Program Files\directx
    2008-01-28 18:56 . 2008-02-01 19:53 2,074 ---hs---- C:\himem.ram
    2008-01-28 18:43 . 2008-02-03 15:48 34 --a------ C:\WINDOWS\Ya.com
    2008-01-23 03:48 . 2008-01-23 03:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SpinTop Games
    2008-01-21 15:26 . 2008-02-03 15:36 283 --a------ C:\WINDOWS\comm.bin
    2008-01-21 15:23 . 2008-02-03 15:35 261 --a------ C:\WINDOWS\msdres.bin
    2008-01-21 12:23 . 2008-02-08 21:50 <REP> d-------- C:\Documents and Settings\Antal boss\Application Data\Zylom
    2008-01-21 12:23 . 2008-01-21 12:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HipSoft
    2008-01-18 14:39 . 2008-01-18 14:39 <REP> d-------- C:\Program Files\Protect Files Pro
    2008-01-18 14:39 . 2002-05-16 18:16 39,456 --a------ C:\WINDOWS\system32\drivers\AFPAnsi.sys
    2008-01-18 14:39 . 2002-05-16 18:17 21,411 --a------ C:\WINDOWS\system32\AFPAnsi.vxd
    2008-01-18 06:30 . 2008-01-18 06:30 441 --a------ C:\WINDOWS\system32\ssmon.lnk
    2008-01-18 06:30 . 2008-02-10 14:55 189 --a------ C:\WINDOWS\system32\Sysmnt.dat
    2008-01-17 09:09 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-01-17 09:09 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-01-16 21:23 . 2008-01-16 21:23 <REP> d--h----- C:\WINDOWS\PIF
    2008-01-16 18:07 . 2008-01-16 18:08 <REP> d-------- C:\WINDOWS\system32\fr-fr
    2008-01-16 18:07 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-01-16 18:07 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-01-16 17:58 . 2008-01-17 14:29 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-01-16 17:49 . 2008-01-17 14:25 18,558 --a------ C:\WINDOWS\Ascd_tmp.ini
    2008-01-14 19:32 . 2008-01-14 19:32 <REP> d--hs---- C:\found.000

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-02-12 22:01 53,248 ----a-w C:\WINDOWS\PSEXESVC.EXE
    2008-02-11 21:28 --------- d-----w C:\Program Files\eMule
    2008-02-11 18:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\ssdata
    2008-02-09 01:00 --------- d-----w C:\Program Files\Zylom Games
    2008-01-30 19:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-16 21:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2007-12-29 15:35 --------- d-----w C:\Program Files\Logitech
    2007-12-29 15:35 --------- d-----w C:\Program Files\Fichiers communs\Logitech
    2007-12-20 20:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
    2007-12-12 10:20 --------- d-----w C:\Program Files\Rico Software
    2007-11-14 21:56 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
    "himem"="c:\windows\himem.exe" [ ]
    "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-12-22 08:20 222080]
    "For sign"="C:\DOCUME~1\ANTALB~1\APPLIC~1\PILETR~1\Byte bags.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WinService32"="C:\Program Files\System32\svchost.exe" [ ]
    "Video Driver"="C:\Program Files\Fichiers communs\Microsoft Shared\DAO\ANTAL\svchost.exe" [ ]
    "pfp.exe"="C:\Program Files\Protect Files Pro\pfp.exe" [2007-10-11 12:29 1518080]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-11-07 23:48 185632]
    "Office SturtUp"="osa9.exe" []
    "gfxtray"="ctccw32.dll" []
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24 286720]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-03 15:48 249896]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
    --a------ 2006-01-02 17:41 45056 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    --a------ 2007-05-16 09:27 153136 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
    --------- 2004-10-27 14:21 61952 C:\WINDOWS\system32\HdAShCut.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
    --a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
    --a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
    --a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
    --a------ 2005-07-19 17:32 221184 C:\WINDOWS\system32\LVCOMSX.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2007-03-01 15:57 153136 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2007-06-29 05:24 286720 C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
    --a------ 2005-09-07 14:35 716800 C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
    -ra------ 2005-05-20 10:11 925696 C:\Program Files\Analog Devices\Core\smax4pnp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    C:\Program Files\Valve\Steam\Steam.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    --a------ 2007-11-07 23:48 185632 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

    R0 AFPAnsi;Alfa File Protector Ansi;C:\WINDOWS\system32\Drivers\AFPAnsi.sys [2002-05-16 18:16]

    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-12 23:01:20
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-02-12 23:02:58
    .
    2008-01-18 03:51:23 --- E O F ---
    a b 8 Sécurité
    12 Février 2008 12:37:07

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\himem.ram
    C:\WINDOWS\himem.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\DAO\ANTAL\svchost.exe

    Folder::
    C:\found.001
    C:\found.000
    C:\DOCUME~1\ANTALB~1\APPLIC~1\PILETR~1
    C:\Program Files\System32

    Registry::
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "himem"=-
    "For sign"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WinService32"=-
    "Video Driver"=-
    "Office SturtUp"=-
    "gfxtray"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    12 Février 2008 13:51:04

    re, voila le rapport combofix

    ComboFix 08-02-12.1 - Antal boss 2008-02-13 13:41:12.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1085 [GMT 1:00]
    Endroit: C:\Documents and Settings\Antal boss\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Antal boss\Bureau\CFScript.txt.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

    FILE
    C:\himem.ram
    C:\Program Files\Fichiers communs\Microsoft Shared\DAO\ANTAL\svchost.exe
    C:\WINDOWS\himem.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\DOCUME~1\ANTALB~1\APPLIC~1\PILETR~1
    C:\DOCUME~1\ANTALB~1\APPLIC~1\PILETR~1\0
    C:\DOCUME~1\ANTALB~1\APPLIC~1\PILETR~1\kgixwszo.exe
    C:\found.000
    C:\found.000\file0000.chk
    C:\found.001
    C:\found.001\dir0000.chk\144[1].jpg
    C:\found.001\dir0000.chk\282007190882[4].gif
    C:\found.001\dir0000.chk\65[1].jpg
    C:\found.001\dir0000.chk\content_bottom_right[1].gif
    C:\found.001\dir0000.chk\Dcoin[1].gif
    C:\found.001\dir0000.chk\diffusion[1].htm
    C:\found.001\dir0000.chk\dragon_perso_2_O[1].jpg
    C:\found.001\dir0000.chk\entete[1].jpg
    C:\found.001\dir0000.chk\get.bestcat[1].htm
    C:\found.001\dir0000.chk\navig[1].css
    C:\found.001\dir0000.chk\pas-trop-changee_index[1].htm
    C:\found.001\dir0000.chk\pwd0[1].jpg
    C:\found.001\dir0000.chk\styles[2].css
    C:\himem.ram

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-01-13 to 2008-02-13 ))))))))))))))))))))))))))))))))))))
    .

    2008-02-10 15:33 . 2008-02-11 19:35 <REP> d-------- C:\Program Files\Lop SD
    2008-02-10 14:50 . 2007-05-22 01:12 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
    2008-02-10 14:50 . 2007-05-22 01:12 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-02-10 14:50 . 2007-05-21 23:22 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
    2008-02-10 14:50 . 2007-05-22 01:12 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
    2008-02-10 14:50 . 2007-05-22 01:12 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
    2008-02-10 14:50 . 2008-02-10 14:51 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
    2008-02-10 14:50 . 2007-05-22 01:12 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-02-09 02:02 . 2008-02-09 14:19 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-02-09 02:01 . 2008-02-09 02:04 <REP> d-------- C:\Program Files\Oberon Media
    2008-02-04 12:39 . 2008-02-04 12:39 754 --a------ C:\WINDOWS\WORDPAD.INI
    2008-02-03 15:59 . 2008-02-03 16:09 <REP> d-------- C:\Program Files\Lavasoft
    2008-02-03 15:59 . 2008-02-03 15:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-02-03 15:58 . 2008-02-03 15:58 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-02-03 15:46 . 2008-02-03 15:46 <REP> d-------- C:\Program Files\Avira
    2008-02-03 15:46 . 2008-02-03 15:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-02-03 15:40 . 2008-02-03 15:41 <REP> d-------- C:\Downloads
    2008-02-01 05:03 . 2008-02-01 05:03 <REP> d-------- C:\Program Files\Fichiers communs\Oberon Media
    2008-01-31 23:07 . 2008-01-31 23:07 <REP> d-------- C:\Documents and Settings\Antal boss\Application Data\iWin
    2008-01-30 20:54 . 2008-01-30 20:54 <REP> d-------- C:\Documents and Settings\Antal boss\Application Data\Samsung
    2008-01-30 20:49 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
    2008-01-30 20:48 . 2008-01-30 20:48 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
    2008-01-30 20:48 . 2007-07-03 16:58 106,792 --a------ C:\WINDOWS\system32\drivers\sscdmdm.sys
    2008-01-30 20:48 . 2007-07-03 16:54 80,552 --a------ C:\WINDOWS\system32\drivers\sscdbus.sys
    2008-01-30 20:48 . 2007-07-03 16:57 11,944 --a------ C:\WINDOWS\system32\drivers\sscdmdfl.sys
    2008-01-30 20:48 . 2007-07-03 17:00 9,256 --a------ C:\WINDOWS\system32\drivers\sscdwhnt.sys
    2008-01-30 20:48 . 2007-07-03 17:00 9,256 --a------ C:\WINDOWS\system32\drivers\sscdwh.sys
    2008-01-30 20:48 . 2007-07-03 16:56 9,256 --a------ C:\WINDOWS\system32\drivers\sscdcmnt.sys
    2008-01-30 20:48 . 2007-07-03 16:56 9,256 --a------ C:\WINDOWS\system32\drivers\sscdcm.sys
    2008-01-30 20:48 . 2006-07-24 16:05 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
    2008-01-30 20:48 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
    2008-01-30 20:47 . 2008-01-30 20:47 <REP> d-------- C:\Program Files\Samsung
    2008-01-29 21:28 . 2008-01-29 21:28 <REP> d-------- C:\Program Files\Alcohol Soft
    2008-01-29 21:25 . 2008-01-29 21:25 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2008-01-29 00:50 . 2008-01-29 00:50 <REP> d-------- C:\Program Files\directx
    2008-01-28 18:43 . 2008-02-03 15:48 34 --a------ C:\WINDOWS\Ya.com
    2008-01-23 03:48 . 2008-01-23 03:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SpinTop Games
    2008-01-21 15:26 . 2008-02-03 15:36 283 --a------ C:\WINDOWS\comm.bin
    2008-01-21 15:23 . 2008-02-03 15:35 261 --a------ C:\WINDOWS\msdres.bin
    2008-01-21 12:23 . 2008-02-08 21:50 <REP> d-------- C:\Documents and Settings\Antal boss\Application Data\Zylom
    2008-01-21 12:23 . 2008-01-21 12:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HipSoft
    2008-01-18 14:39 . 2008-01-18 14:39 <REP> d-------- C:\Program Files\Protect Files Pro
    2008-01-18 14:39 . 2002-05-16 18:16 39,456 --a------ C:\WINDOWS\system32\drivers\AFPAnsi.sys
    2008-01-18 14:39 . 2002-05-16 18:17 21,411 --a------ C:\WINDOWS\system32\AFPAnsi.vxd
    2008-01-18 06:30 . 2008-01-18 06:30 441 --a------ C:\WINDOWS\system32\ssmon.lnk
    2008-01-18 06:30 . 2008-02-13 13:27 189 --a------ C:\WINDOWS\system32\Sysmnt.dat
    2008-01-17 09:09 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-01-17 09:09 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-01-16 21:23 . 2008-01-16 21:23 <REP> d--h----- C:\WINDOWS\PIF
    2008-01-16 18:07 . 2008-01-16 18:08 <REP> d-------- C:\WINDOWS\system32\fr-fr
    2008-01-16 18:07 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-01-16 18:07 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-01-16 17:58 . 2008-01-17 14:29 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-01-16 17:49 . 2008-01-17 14:25 18,558 --a------ C:\WINDOWS\Ascd_tmp.ini

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-02-13 12:34 --------- d-----w C:\Program Files\eMule
    2008-02-13 12:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\ssdata
    2008-02-09 01:00 --------- d-----w C:\Program Files\Zylom Games
    2008-01-30 19:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-16 21:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2007-12-29 15:35 --------- d-----w C:\Program Files\Logitech
    2007-12-29 15:35 --------- d-----w C:\Program Files\Fichiers communs\Logitech
    2007-12-20 20:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
    2007-11-14 21:56 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
    "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-12-22 08:20 222080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "pfp.exe"="C:\Program Files\Protect Files Pro\pfp.exe" [2007-10-11 12:29 1518080]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-11-07 23:48 185632]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24 286720]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-03 15:48 249896]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
    --a------ 2006-01-02 17:41 45056 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    --a------ 2007-05-16 09:27 153136 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
    --------- 2004-10-27 14:21 61952 C:\WINDOWS\system32\HdAShCut.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
    --a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
    --a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
    --a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
    --a------ 2005-07-19 17:32 221184 C:\WINDOWS\system32\LVCOMSX.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2007-03-01 15:57 153136 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2007-06-29 05:24 286720 C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
    --a------ 2005-09-07 14:35 716800 C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
    -ra------ 2005-05-20 10:11 925696 C:\Program Files\Analog Devices\Core\smax4pnp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    C:\Program Files\Valve\Steam\Steam.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    --a------ 2007-11-07 23:48 185632 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

    R0 AFPAnsi;Alfa File Protector Ansi;C:\WINDOWS\system32\Drivers\AFPAnsi.sys [2002-05-16 18:16]

    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-13 13:43:09
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-02-13 13:43:45
    ComboFix-quarantined-files.txt 2008-02-13 12:43:24
    ComboFix2.txt 2008-02-12 22:02:59
    .
    2008-01-18 03:51:23 --- E O F ---


    et voila le rapport hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:46:23, on 13/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\System32\svchost.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Antal boss\Bureau\HijackThis\Scanner.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
    O4 - HKLM\..\Run: [pfp.exe] C:\Program Files\Protect Files Pro\pfp.exe /T
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sandralabor.spaces.live.com/PhotoUpload/MsnPUpld...
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

    --
    End of file - 6493 bytes

    a b 8 Sécurité
    12 Février 2008 16:09:25

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
    12 Février 2008 17:49:20

    re,
    voila j'ai fixé le cadre ke tu m'as envoyé,
    le probleme et reglé??
    a b 8 Sécurité
    12 Février 2008 18:00:54

    Reposte un rapport Hijackthis.
    12 Février 2008 19:26:05

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:25:41, on 13/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\System32\svchost.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\eMule\emule.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\rsvp.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Antal boss\Bureau\HijackThis\Scanner.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O4 - HKLM\..\Run: [pfp.exe] C:\Program Files\Protect Files Pro\pfp.exe /T
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sandralabor.spaces.live.com/PhotoUpload/MsnPUpld...
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

    --
    End of file - 6126 bytes
    a b 8 Sécurité
    12 Février 2008 19:31:22

    Des soucis ?
    12 Février 2008 19:33:26

    nan nikel plus de pages CID
    12 Février 2008 19:33:50

    merci bcp bonne soirée
    a b 8 Sécurité
    12 Février 2008 19:58:35

    Bon surf :) 

  • Télécharge ToolsCleaner sur ton Bureau.
  • Clique sur Recherche et laisse le scan se terminer.
  • Clique sur Suppression pour finaliser.
  • Clique sur Quitter, pour que le rapport puisse se créer.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

    Désactive puis réactive la restauration du système : Voir aide

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :

    12 Février 2008 22:31:07

    -->- Recherche:

    C:\Qoobox: trouvé !
    C:\Documents and Settings\Antal boss\Bureau\Lop S&D.lnk: trouvé !
    C:\Documents and Settings\Antal boss\Bureau\ComboFix.exe: trouvé !
    C:\Documents and Settings\Antal boss\Bureau\HijackThis: trouvé !
    C:\Documents and Settings\Antal boss\Menu Démarrer\Programmes\Lop S&D: trouvé !
    C:\Documents and Settings\Antal boss\Recent\HijackThis.lnk: trouvé !
    C:\Program Files\Lop SD: trouvé !
    C:\Program Files\Lop SD\Lop S&D.lnk: trouvé !
    C:\QooBox\Quarantine\C\Combofix: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Documents and Settings\Antal boss\Bureau\Lop S&D.lnk: supprimé !
    C:\Documents and Settings\Antal boss\Bureau\ComboFix.exe: supprimé !
    C:\Documents and Settings\Antal boss\Recent\HijackThis.lnk: supprimé !
    C:\Program Files\Lop SD\Lop S&D.lnk: supprimé !
    C:\Qoobox: supprimé !
    C:\Documents and Settings\Antal boss\Bureau\HijackThis: supprimé !
    C:\Documents and Settings\Antal boss\Menu Démarrer\Programmes\Lop S&D: supprimé !
    C:\Program Files\Lop SD: supprimé !
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS