Se connecter / S'enregistrer
Votre question

pub intempsetives

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Avril 2008 14:05:21

Bonjour à tous!

Je suis nouveau sur le forum mais j'ai un soucis je vous demande de bien vouloir m'aider.

Depuis plusieurs jours j'ai des pub intempestives qui s'affichent des que je me connecte a internet, et peuvent appraitre toutes les minutes

j'ai deja lu d'autre demande de ce genre et je vous met mon rapport hijackthis

merci d'avance

Logfile of HijackThis v1.99.1
Scan saved at 13:56:37, on 07/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\JavaCore\JavaCore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MapEDC\MapEDC.exe
C:\Program Files\NoDNS\NoDNS.exe
C:\Program Files\nvcoi\nvcoi.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Documents and Settings\HP\Bureau\test.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\HP\LOCALS~1\Temp\winlogon.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Streams Drivers] C:\DOCUME~1\HP\LOCALS~1\Temp\winlogon.exe
O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [JavaCore] C:\Program Files\JavaCore\JavaCore.exe
O4 - HKCU\..\Run: [MapEDC] C:\Program Files\MapEDC\MapEDC.exe
O4 - HKCU\..\Run: [NoDNS] C:\Program Files\\NoDNS\\NoDNS.exe
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Autres pages sur : pub intempsetives

a b 8 Sécurité
7 Avril 2008 14:10:23

Bonjour,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    7 Avril 2008 16:04:25

    merci angeldark
    mais desactiver mon antivirus n'est-il pas dangereux? dois je le reactiver?
    voila le rapport combofix

    ComboFix 08-04-06.1 - HP 2008-04-07 15:50:50.1 - NTFSx86
    Endroit: C:\Documents and Settings\HP\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\HP\Application Data\WinTouch
    C:\Documents and Settings\HP\Application Data\WinTouch\wintouch.cfg
    C:\Program Files\JavaCore
    C:\Program Files\JavaCore\JavaCore.exe
    C:\Program Files\JavaCore\UnInstall.exe
    C:\Program Files\MapEDC
    C:\Program Files\MapEDC\IDE.stt
    C:\Program Files\MapEDC\MapEDC.exe
    C:\Program Files\NoDNS
    C:\Program Files\NoDNS\NoDNS.exe
    C:\Program Files\NoDNS\UnInstall.exe
    C:\Program Files\Temporary
    C:\WINDOWS\mrofinu1423.MSNFix

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-07 to 2008-04-07 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-07 13:57 . 2008-04-07 13:57 <REP> d-------- C:\Program Files\Navilog1
    2008-04-01 21:37 . 2008-04-01 21:37 <REP> d-------- C:\Program Files\NounLinkMove
    2008-04-01 21:37 . 2008-04-01 21:38 <REP> d-------- C:\Documents and Settings\HP\Application Data\NounLinkMove
    2008-04-01 21:37 . 2008-04-01 21:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Win knob owns four
    2008-04-01 21:36 . 2008-04-01 21:36 <REP> d-------- C:\Program Files\Circle Developement
    2008-03-14 10:26 . 2008-03-14 10:26 <REP> d-------- C:\Program Files\Lavasoft
    2008-03-13 20:19 . 2008-04-07 15:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-03-11 14:35 . 2008-03-12 20:40 <REP> d-------- C:\Program Files\nvcoi

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-07 08:28 --------- d-----w C:\Program Files\Personal Media Manager
    2008-04-02 20:24 --------- d-----w C:\Program Files\Lx_cats
    2008-04-01 19:36 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-03-29 20:55 --------- d-----w C:\Program Files\eMule
    2008-03-14 21:56 --------- d-----w C:\Documents and Settings\HP\Application Data\U3
    2008-02-26 22:28 --------- d-----w C:\Program Files\MSXML 4.0
    2008-02-26 21:54 --------- d-----w C:\Program Files\BitComet
    2008-02-26 19:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2008-02-26 17:35 --------- d-----w C:\Program Files\Windows Live
    2008-02-26 17:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-02-25 21:53 9,296 ----a-w C:\WINDOWS\system32\wmbjxu.exe
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RecordNow!"="" []
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-30 18:30 68856]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [ ]
    "nvcoi"="C:\Program Files\nvcoi\nvcoi.exe" [2008-03-11 14:35 57344]
    "Bird online"="C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe" [2008-04-01 21:37 467456]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 14:00 208952]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
    "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2003-07-15 21:09 110592]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2003-07-15 21:08 618496]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-03-12 23:57 3067904]
    "nwiz"="nwiz.exe" [2004-03-12 23:57 753664 C:\WINDOWS\system32\nwiz.exe]
    "Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-03-18 09:18 204862]
    "eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2003-11-18 08:31 241664]
    "UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03 75128]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 07:24 286720]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 15:42 267064]
    "LXCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 15:44 73728]
    "lxccmon.exe"="C:\Program Files\Lexmark 3300 Series\lxccmon.exe" [2005-07-21 02:16 192512]
    "FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 11:36 299008]
    "Owns Four Jugs Htm"="C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe" [2008-04-07 15:48 2093568]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\BitComet\\BitComet.exe"=
    "C:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
    "C:\\Program Files\\Personal Media Manager\\PMMedia.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\DivX\\VeohClient.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "27350:TCP"= 27350:TCP:BitComet 27350 TCP
    "27350:UDP"= 27350:UDP:BitComet 27350 UDP

    R3 EMCR;EMCR;C:\WINDOWS\system32\DRIVERS\EMCR7SK.sys [2003-08-15 17:10]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1493d3e6-818e-11dc-ac82-00904b922625}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ee4d8ee-e480-11dc-acf0-00c09f479d79}]
    \Shell\AutoRun\command - E:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33632c5a-dc64-11dc-acec-00c09f479d79}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-04-07 13:00:03 C:\WINDOWS\Tasks\AA98862F91D7024B.job"
    - c:\docume~1\hp\applic~1\nounli~1\Title drive anti.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-07 15:54:04
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????3?8?8?-??????? ?|?B???????????????B? ??????
    LXCCCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-07 15:55:39
    ComboFix-quarantined-files.txt 2008-04-07 13:55:30
    Pre-Run: 39,931,736,064 octets libres
    Post-Run: 39,925,121,024 octets libres
    .
    2008-03-19 22:34:50 --- E O F ---
    Contenus similaires
    a b 8 Sécurité
    7 Avril 2008 17:55:26

    Re,

    Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    7 Avril 2008 19:00:25


    -----------------------[ Lop S&D 4.1.0-8 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : HP ] [ "C:\Lop SD" ]
    [ 07/04/2008 | 18:58:26,92 ] [ PC : HP-066A0A8D1E56 ]
    [ MAJ : 06-04-2008 | 11:07 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [28/08/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [03/10/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [29/10/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [29/10/2007|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [20/08/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [08/11/2007|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
    [27/08/2007|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [07/04/2008|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [26/02/2008|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [09/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [04/10/2007|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win knob owns four
    [04/10/2007|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [26/02/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [27/02/2008|00:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\.
    [07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\..
    [28/08/2007|20:42] C:\DOCUME~1\HP\APPLIC~1\Adobe
    [03/10/2007|19:32] C:\DOCUME~1\HP\APPLIC~1\Ahead
    [03/11/2007|19:27] C:\DOCUME~1\HP\APPLIC~1\Apple Computer
    [18/09/2007|22:29] C:\DOCUME~1\HP\APPLIC~1\BSplayer
    [18/09/2007|22:24] C:\DOCUME~1\HP\APPLIC~1\BSplayer Pro
    [20/08/2007|10:47] C:\DOCUME~1\HP\APPLIC~1\desktop.ini
    [09/11/2007|06:26] C:\DOCUME~1\HP\APPLIC~1\FaxCtr
    [27/08/2007|09:45] C:\DOCUME~1\HP\APPLIC~1\Google
    [20/08/2007|08:07] C:\DOCUME~1\HP\APPLIC~1\Identities
    [25/08/2007|18:10] C:\DOCUME~1\HP\APPLIC~1\Macromedia
    [27/02/2008|00:29] C:\DOCUME~1\HP\APPLIC~1\Microsoft
    [04/10/2007|10:01] C:\DOCUME~1\HP\APPLIC~1\Nero
    [01/04/2008|21:38] C:\DOCUME~1\HP\APPLIC~1\NounLinkMove
    [20/08/2007|08:30] C:\DOCUME~1\HP\APPLIC~1\Sonic
    [14/03/2008|23:56] C:\DOCUME~1\HP\APPLIC~1\U3
    [30/08/2007|08:54] C:\DOCUME~1\HP\APPLIC~1\vlc
    [18/09/2007|22:21] C:\DOCUME~1\HP\APPLIC~1\WinRAR

    [20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [04/10/2007|22:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [20/03/2008|00:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [07/04/2008 18:00][--ah-----] C:\WINDOWS\tasks\AA98862F91D7024B.job
    [07/04/2008 15:59][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [07/04/2008|15:51] C:\Program Files\.
    [07/04/2008|15:51] C:\Program Files\..
    [21/01/2008|21:39] C:\Program Files\Abbyy FineReader 6.0 Sprint
    [28/08/2007|20:15] C:\Program Files\Adobe
    [01/09/2007|13:19] C:\Program Files\Alwil Software
    [29/10/2007|22:24] C:\Program Files\Apple Software Update
    [26/02/2008|23:54] C:\Program Files\BitComet
    [01/04/2008|21:36] C:\Program Files\Circle Developement
    [20/08/2007|07:59] C:\Program Files\ComPlus Applications
    [20/08/2007|08:15] C:\Program Files\CONEXANT
    [20/01/2008|15:42] C:\Program Files\DivX
    [29/03/2008|22:55] C:\Program Files\eMule
    [07/04/2008|15:45] C:\Program Files\Fichiers communs
    [27/08/2007|09:44] C:\Program Files\Google
    [20/08/2007|08:29] C:\Program Files\HPQ
    [17/11/2007|10:54] C:\Program Files\InstallShield Installation Information
    [20/08/2007|08:11] C:\Program Files\Intel
    [27/02/2008|00:32] C:\Program Files\Internet Explorer
    [29/10/2007|22:26] C:\Program Files\iPod
    [29/10/2007|22:26] C:\Program Files\iTunes
    [19/01/2008|20:37] C:\Program Files\iVideoMAX
    [14/03/2008|10:26] C:\Program Files\Lavasoft
    [09/11/2007|06:25] C:\Program Files\Lexmark 3300 Series
    [08/11/2007|20:03] C:\Program Files\Lexmark Fax Solutions
    [02/04/2008|22:24] C:\Program Files\Lx_cats
    [26/08/2007|10:50] C:\Program Files\Messenger
    [01/04/2008|21:36] C:\Program Files\Messenger Plus! Live
    [20/08/2007|08:02] C:\Program Files\microsoft frontpage
    [28/08/2007|21:02] C:\Program Files\Microsoft Office
    [28/08/2007|21:00] C:\Program Files\Microsoft.NET
    [20/08/2007|08:00] C:\Program Files\Movie Maker
    [20/08/2007|07:57] C:\Program Files\MSN
    [20/08/2007|07:58] C:\Program Files\MSN Gaming Zone
    [27/02/2008|00:28] C:\Program Files\MSXML 4.0
    [07/04/2008|13:57] C:\Program Files\Navilog1
    [04/10/2007|09:57] C:\Program Files\nero
    [20/08/2007|08:00] C:\Program Files\NetMeeting
    [01/04/2008|21:37] C:\Program Files\NounLinkMove
    [12/03/2008|20:40] C:\Program Files\nvcoi
    [20/08/2007|07:58] C:\Program Files\Online Services
    [26/08/2007|10:49] C:\Program Files\Outlook Express
    [07/04/2008|10:28] C:\Program Files\Personal Media Manager
    [29/10/2007|22:26] C:\Program Files\QuickTime
    [20/08/2007|08:30] C:\Program Files\RecordNow!
    [20/08/2007|08:01] C:\Program Files\Services en ligne
    [20/08/2007|08:30] C:\Program Files\Sonic
    [20/08/2007|08:16] C:\Program Files\Synaptics
    [20/08/2007|08:07] C:\Program Files\Uninstall Information
    [28/08/2007|20:46] C:\Program Files\VideoLAN
    [18/09/2007|22:29] C:\Program Files\Webteh
    [26/02/2008|19:35] C:\Program Files\Windows Live
    [04/10/2007|12:10] C:\Program Files\Windows Media Connect 2
    [04/10/2007|12:10] C:\Program Files\Windows Media Player
    [20/08/2007|07:58] C:\Program Files\Windows NT
    [20/08/2007|08:01] C:\Program Files\WindowsUpdate
    [28/08/2007|20:46] C:\Program Files\WinRAR
    [20/08/2007|08:02] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [07/04/2008|15:45] C:\Program Files\Fichiers communs\.
    [07/04/2008|15:45] C:\Program Files\Fichiers communs\..
    [28/08/2007|20:15] C:\Program Files\Fichiers communs\Adobe
    [29/10/2007|22:24] C:\Program Files\Fichiers communs\Apple
    [28/08/2007|21:02] C:\Program Files\Fichiers communs\DESIGNER
    [20/08/2007|08:18] C:\Program Files\Fichiers communs\InstallShield
    [09/12/2007|11:46] C:\Program Files\Fichiers communs\Microsoft Shared
    [20/08/2007|08:00] C:\Program Files\Fichiers communs\MSSoap
    [04/10/2007|09:59] C:\Program Files\Fichiers communs\Nero
    [20/08/2007|10:49] C:\Program Files\Fichiers communs\ODBC
    [20/08/2007|08:00] C:\Program Files\Fichiers communs\Services
    [20/08/2007|08:30] C:\Program Files\Fichiers communs\Sonic
    [20/08/2007|10:49] C:\Program Files\Fichiers communs\SpeechEngines
    [20/08/2007|08:30] C:\Program Files\Fichiers communs\SureThing Shared
    [28/08/2007|21:02] C:\Program Files\Fichiers communs\System
    [09/12/2007|11:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\WINDOWS\Tasks\AA98862F91D7024B.job

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-07 18:59:02
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:11][Doss:6] C:\DOCUME~1\HP\LOCALS~1\Temp
    /!\ [Fich:253][Doss:0] C:\DOCUME~1\HP\Cookies
    /!\ [Fich:1192][Doss:20] C:\DOCUME~1\HP\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:00:07,64 ]----------------------
    a b 8 Sécurité
    7 Avril 2008 19:07:16

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    7 Avril 2008 19:39:16


    -----------------------[ Lop S&D 4.1.0-8 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : HP ] [ "C:\Lop SD" ]
    [ 07/04/2008 | 19:38:00,60 ] [ PC : HP-066A0A8D1E56 ]
    [ MAJ : 06-04-2008 | 11:07 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprimé! - C:\WINDOWS\Tasks\AA98862F91D7024B.job
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [28/08/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [03/10/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [29/10/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [29/10/2007|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [20/08/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [08/11/2007|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
    [27/08/2007|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [07/04/2008|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [26/02/2008|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [09/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [04/10/2007|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win knob owns four
    [04/10/2007|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [26/02/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [27/02/2008|00:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\.
    [07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\..
    [28/08/2007|20:42] C:\DOCUME~1\HP\APPLIC~1\Adobe
    [03/10/2007|19:32] C:\DOCUME~1\HP\APPLIC~1\Ahead
    [03/11/2007|19:27] C:\DOCUME~1\HP\APPLIC~1\Apple Computer
    [18/09/2007|22:29] C:\DOCUME~1\HP\APPLIC~1\BSplayer
    [18/09/2007|22:24] C:\DOCUME~1\HP\APPLIC~1\BSplayer Pro
    [20/08/2007|10:47] C:\DOCUME~1\HP\APPLIC~1\desktop.ini
    [09/11/2007|06:26] C:\DOCUME~1\HP\APPLIC~1\FaxCtr
    [27/08/2007|09:45] C:\DOCUME~1\HP\APPLIC~1\Google
    [20/08/2007|08:07] C:\DOCUME~1\HP\APPLIC~1\Identities
    [25/08/2007|18:10] C:\DOCUME~1\HP\APPLIC~1\Macromedia
    [27/02/2008|00:29] C:\DOCUME~1\HP\APPLIC~1\Microsoft
    [04/10/2007|10:01] C:\DOCUME~1\HP\APPLIC~1\Nero
    [01/04/2008|21:38] C:\DOCUME~1\HP\APPLIC~1\NounLinkMove
    [20/08/2007|08:30] C:\DOCUME~1\HP\APPLIC~1\Sonic
    [14/03/2008|23:56] C:\DOCUME~1\HP\APPLIC~1\U3
    [30/08/2007|08:54] C:\DOCUME~1\HP\APPLIC~1\vlc
    [18/09/2007|22:21] C:\DOCUME~1\HP\APPLIC~1\WinRAR

    [20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [04/10/2007|22:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [20/03/2008|00:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [07/04/2008 15:59][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [07/04/2008|19:38] C:\Program Files\.
    [07/04/2008|19:38] C:\Program Files\..
    [21/01/2008|21:39] C:\Program Files\Abbyy FineReader 6.0 Sprint
    [28/08/2007|20:15] C:\Program Files\Adobe
    [01/09/2007|13:19] C:\Program Files\Alwil Software
    [29/10/2007|22:24] C:\Program Files\Apple Software Update
    [26/02/2008|23:54] C:\Program Files\BitComet
    [20/08/2007|07:59] C:\Program Files\ComPlus Applications
    [20/08/2007|08:15] C:\Program Files\CONEXANT
    [20/01/2008|15:42] C:\Program Files\DivX
    [29/03/2008|22:55] C:\Program Files\eMule
    [07/04/2008|15:45] C:\Program Files\Fichiers communs
    [27/08/2007|09:44] C:\Program Files\Google
    [20/08/2007|08:29] C:\Program Files\HPQ
    [17/11/2007|10:54] C:\Program Files\InstallShield Installation Information
    [20/08/2007|08:11] C:\Program Files\Intel
    [27/02/2008|00:32] C:\Program Files\Internet Explorer
    [29/10/2007|22:26] C:\Program Files\iPod
    [29/10/2007|22:26] C:\Program Files\iTunes
    [19/01/2008|20:37] C:\Program Files\iVideoMAX
    [14/03/2008|10:26] C:\Program Files\Lavasoft
    [09/11/2007|06:25] C:\Program Files\Lexmark 3300 Series
    [08/11/2007|20:03] C:\Program Files\Lexmark Fax Solutions
    [07/04/2008|19:36] C:\Program Files\Lx_cats
    [26/08/2007|10:50] C:\Program Files\Messenger
    [01/04/2008|21:36] C:\Program Files\Messenger Plus! Live
    [20/08/2007|08:02] C:\Program Files\microsoft frontpage
    [28/08/2007|21:02] C:\Program Files\Microsoft Office
    [28/08/2007|21:00] C:\Program Files\Microsoft.NET
    [20/08/2007|08:00] C:\Program Files\Movie Maker
    [20/08/2007|07:57] C:\Program Files\MSN
    [20/08/2007|07:58] C:\Program Files\MSN Gaming Zone
    [27/02/2008|00:28] C:\Program Files\MSXML 4.0
    [07/04/2008|13:57] C:\Program Files\Navilog1
    [04/10/2007|09:57] C:\Program Files\nero
    [20/08/2007|08:00] C:\Program Files\NetMeeting
    [01/04/2008|21:37] C:\Program Files\NounLinkMove
    [12/03/2008|20:40] C:\Program Files\nvcoi
    [20/08/2007|07:58] C:\Program Files\Online Services
    [26/08/2007|10:49] C:\Program Files\Outlook Express
    [07/04/2008|10:28] C:\Program Files\Personal Media Manager
    [29/10/2007|22:26] C:\Program Files\QuickTime
    [20/08/2007|08:30] C:\Program Files\RecordNow!
    [20/08/2007|08:01] C:\Program Files\Services en ligne
    [20/08/2007|08:30] C:\Program Files\Sonic
    [20/08/2007|08:16] C:\Program Files\Synaptics
    [20/08/2007|08:07] C:\Program Files\Uninstall Information
    [28/08/2007|20:46] C:\Program Files\VideoLAN
    [18/09/2007|22:29] C:\Program Files\Webteh
    [26/02/2008|19:35] C:\Program Files\Windows Live
    [04/10/2007|12:10] C:\Program Files\Windows Media Connect 2
    [04/10/2007|12:10] C:\Program Files\Windows Media Player
    [20/08/2007|07:58] C:\Program Files\Windows NT
    [20/08/2007|08:01] C:\Program Files\WindowsUpdate
    [28/08/2007|20:46] C:\Program Files\WinRAR
    [20/08/2007|08:02] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [07/04/2008|15:45] C:\Program Files\Fichiers communs\.
    [07/04/2008|15:45] C:\Program Files\Fichiers communs\..
    [28/08/2007|20:15] C:\Program Files\Fichiers communs\Adobe
    [29/10/2007|22:24] C:\Program Files\Fichiers communs\Apple
    [28/08/2007|21:02] C:\Program Files\Fichiers communs\DESIGNER
    [20/08/2007|08:18] C:\Program Files\Fichiers communs\InstallShield
    [09/12/2007|11:46] C:\Program Files\Fichiers communs\Microsoft Shared
    [20/08/2007|08:00] C:\Program Files\Fichiers communs\MSSoap
    [04/10/2007|09:59] C:\Program Files\Fichiers communs\Nero
    [20/08/2007|10:49] C:\Program Files\Fichiers communs\ODBC
    [20/08/2007|08:00] C:\Program Files\Fichiers communs\Services
    [20/08/2007|08:30] C:\Program Files\Fichiers communs\Sonic
    [20/08/2007|10:49] C:\Program Files\Fichiers communs\SpeechEngines
    [20/08/2007|08:30] C:\Program Files\Fichiers communs\SureThing Shared
    [28/08/2007|21:02] C:\Program Files\Fichiers communs\System
    [09/12/2007|11:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-07 19:38:43
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:19][Doss:6] C:\DOCUME~1\HP\LOCALS~1\Temp
    /!\ [Fich:113][Doss:0] C:\DOCUME~1\HP\Cookies
    /!\ [Fich:552][Doss:20] C:\DOCUME~1\HP\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:39:41,98 ]----------------------
    a b 8 Sécurité
    7 Avril 2008 21:41:35

    Reposte un rapport Hijackthis.
    7 Avril 2008 21:47:52

    a priori les fenetres intempestives ne son plus la a part une, juste apres le precedent rapport, merci pour tout ce que tu as fait en esperant que ce dernier rapport soit bon





    -----------------------[ Lop S&D 4.1.0-8 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : HP ] [ "C:\Lop SD" ]
    [ 07/04/2008 | 19:38:00,60 ] [ PC : HP-066A0A8D1E56 ]
    [ MAJ : 06-04-2008 | 11:07 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprimé! - C:\WINDOWS\Tasks\AA98862F91D7024B.job
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [28/08/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [03/10/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [29/10/2007|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [29/10/2007|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [20/08/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [08/11/2007|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
    [27/08/2007|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [07/04/2008|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [26/02/2008|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [09/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [04/10/2007|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [01/04/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win knob owns four
    [04/10/2007|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [26/02/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [20/08/2007|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [27/02/2008|00:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\.
    [07/04/2008|15:53] C:\DOCUME~1\HP\APPLIC~1\..
    [28/08/2007|20:42] C:\DOCUME~1\HP\APPLIC~1\Adobe
    [03/10/2007|19:32] C:\DOCUME~1\HP\APPLIC~1\Ahead
    [03/11/2007|19:27] C:\DOCUME~1\HP\APPLIC~1\Apple Computer
    [18/09/2007|22:29] C:\DOCUME~1\HP\APPLIC~1\BSplayer
    [18/09/2007|22:24] C:\DOCUME~1\HP\APPLIC~1\BSplayer Pro
    [20/08/2007|10:47] C:\DOCUME~1\HP\APPLIC~1\desktop.ini
    [09/11/2007|06:26] C:\DOCUME~1\HP\APPLIC~1\FaxCtr
    [27/08/2007|09:45] C:\DOCUME~1\HP\APPLIC~1\Google
    [20/08/2007|08:07] C:\DOCUME~1\HP\APPLIC~1\Identities
    [25/08/2007|18:10] C:\DOCUME~1\HP\APPLIC~1\Macromedia
    [27/02/2008|00:29] C:\DOCUME~1\HP\APPLIC~1\Microsoft
    [04/10/2007|10:01] C:\DOCUME~1\HP\APPLIC~1\Nero
    [01/04/2008|21:38] C:\DOCUME~1\HP\APPLIC~1\NounLinkMove
    [20/08/2007|08:30] C:\DOCUME~1\HP\APPLIC~1\Sonic
    [14/03/2008|23:56] C:\DOCUME~1\HP\APPLIC~1\U3
    [30/08/2007|08:54] C:\DOCUME~1\HP\APPLIC~1\vlc
    [18/09/2007|22:21] C:\DOCUME~1\HP\APPLIC~1\WinRAR

    [20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [20/08/2007|08:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [04/10/2007|22:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [20/08/2007|08:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [20/03/2008|00:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [07/04/2008 15:59][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [07/04/2008|19:38] C:\Program Files\.
    [07/04/2008|19:38] C:\Program Files\..
    [21/01/2008|21:39] C:\Program Files\Abbyy FineReader 6.0 Sprint
    [28/08/2007|20:15] C:\Program Files\Adobe
    [01/09/2007|13:19] C:\Program Files\Alwil Software
    [29/10/2007|22:24] C:\Program Files\Apple Software Update
    [26/02/2008|23:54] C:\Program Files\BitComet
    [20/08/2007|07:59] C:\Program Files\ComPlus Applications
    [20/08/2007|08:15] C:\Program Files\CONEXANT
    [20/01/2008|15:42] C:\Program Files\DivX
    [29/03/2008|22:55] C:\Program Files\eMule
    [07/04/2008|15:45] C:\Program Files\Fichiers communs
    [27/08/2007|09:44] C:\Program Files\Google
    [20/08/2007|08:29] C:\Program Files\HPQ
    [17/11/2007|10:54] C:\Program Files\InstallShield Installation Information
    [20/08/2007|08:11] C:\Program Files\Intel
    [27/02/2008|00:32] C:\Program Files\Internet Explorer
    [29/10/2007|22:26] C:\Program Files\iPod
    [29/10/2007|22:26] C:\Program Files\iTunes
    [19/01/2008|20:37] C:\Program Files\iVideoMAX
    [14/03/2008|10:26] C:\Program Files\Lavasoft
    [09/11/2007|06:25] C:\Program Files\Lexmark 3300 Series
    [08/11/2007|20:03] C:\Program Files\Lexmark Fax Solutions
    [07/04/2008|19:36] C:\Program Files\Lx_cats
    [26/08/2007|10:50] C:\Program Files\Messenger
    [01/04/2008|21:36] C:\Program Files\Messenger Plus! Live
    [20/08/2007|08:02] C:\Program Files\microsoft frontpage
    [28/08/2007|21:02] C:\Program Files\Microsoft Office
    [28/08/2007|21:00] C:\Program Files\Microsoft.NET
    [20/08/2007|08:00] C:\Program Files\Movie Maker
    [20/08/2007|07:57] C:\Program Files\MSN
    [20/08/2007|07:58] C:\Program Files\MSN Gaming Zone
    [27/02/2008|00:28] C:\Program Files\MSXML 4.0
    [07/04/2008|13:57] C:\Program Files\Navilog1
    [04/10/2007|09:57] C:\Program Files\nero
    [20/08/2007|08:00] C:\Program Files\NetMeeting
    [01/04/2008|21:37] C:\Program Files\NounLinkMove
    [12/03/2008|20:40] C:\Program Files\nvcoi
    [20/08/2007|07:58] C:\Program Files\Online Services
    [26/08/2007|10:49] C:\Program Files\Outlook Express
    [07/04/2008|10:28] C:\Program Files\Personal Media Manager
    [29/10/2007|22:26] C:\Program Files\QuickTime
    [20/08/2007|08:30] C:\Program Files\RecordNow!
    [20/08/2007|08:01] C:\Program Files\Services en ligne
    [20/08/2007|08:30] C:\Program Files\Sonic
    [20/08/2007|08:16] C:\Program Files\Synaptics
    [20/08/2007|08:07] C:\Program Files\Uninstall Information
    [28/08/2007|20:46] C:\Program Files\VideoLAN
    [18/09/2007|22:29] C:\Program Files\Webteh
    [26/02/2008|19:35] C:\Program Files\Windows Live
    [04/10/2007|12:10] C:\Program Files\Windows Media Connect 2
    [04/10/2007|12:10] C:\Program Files\Windows Media Player
    [20/08/2007|07:58] C:\Program Files\Windows NT
    [20/08/2007|08:01] C:\Program Files\WindowsUpdate
    [28/08/2007|20:46] C:\Program Files\WinRAR
    [20/08/2007|08:02] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [07/04/2008|15:45] C:\Program Files\Fichiers communs\.
    [07/04/2008|15:45] C:\Program Files\Fichiers communs\..
    [28/08/2007|20:15] C:\Program Files\Fichiers communs\Adobe
    [29/10/2007|22:24] C:\Program Files\Fichiers communs\Apple
    [28/08/2007|21:02] C:\Program Files\Fichiers communs\DESIGNER
    [20/08/2007|08:18] C:\Program Files\Fichiers communs\InstallShield
    [09/12/2007|11:46] C:\Program Files\Fichiers communs\Microsoft Shared
    [20/08/2007|08:00] C:\Program Files\Fichiers communs\MSSoap
    [04/10/2007|09:59] C:\Program Files\Fichiers communs\Nero
    [20/08/2007|10:49] C:\Program Files\Fichiers communs\ODBC
    [20/08/2007|08:00] C:\Program Files\Fichiers communs\Services
    [20/08/2007|08:30] C:\Program Files\Fichiers communs\Sonic
    [20/08/2007|10:49] C:\Program Files\Fichiers communs\SpeechEngines
    [20/08/2007|08:30] C:\Program Files\Fichiers communs\SureThing Shared
    [28/08/2007|21:02] C:\Program Files\Fichiers communs\System
    [09/12/2007|11:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-07 19:38:43
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:19][Doss:6] C:\DOCUME~1\HP\LOCALS~1\Temp
    /!\ [Fich:113][Doss:0] C:\DOCUME~1\HP\Cookies
    /!\ [Fich:552][Doss:20] C:\DOCUME~1\HP\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:39:41,98 ]----------------------
    a b 8 Sécurité
    8 Avril 2008 12:17:41

    J'ai dit Hijackthis :) 
    8 Avril 2008 17:37:32

    ya encore qque pub qui arrivent mais bcp moins deja

    voila la bon rapport

    Logfile of HijackThis v1.99.1
    Scan saved at 17:36, on 08/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Lexmark 3300 Series\lxccmon.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\nvcoi\nvcoi.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\lxcccoms.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\hijackthis\test.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
    O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    a b 8 Sécurité
    8 Avril 2008 18:31:20

    Re,

    Fix la ligne dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe


    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne l'emplacement dans le cadre ci-dessous :

    C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    8 Avril 2008 18:45:04

    rapport move it

    OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 04082008_184408
    8 Avril 2008 20:48:29

    jen avais fait 2

    C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1 moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 04082008_184349
    a b 8 Sécurité
    8 Avril 2008 21:09:01

    Reposte un rapport Hijackthis.
    8 Avril 2008 21:39:06

    Logfile of HijackThis v1.99.1
    Scan saved at 21:38, on 08/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Lexmark 3300 Series\lxccmon.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\nvcoi\nvcoi.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\lxcccoms.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\hijackthis\test.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
    O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    a b 8 Sécurité
    9 Avril 2008 12:58:37

    Re,

    On recommence.

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O4 - HKLM\..\Run: [Owns Four Jugs Htm] C:\Documents and Settings\All Users\Application Data\Win knob owns four\Blah Intra.exe
    O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
    O4 - HKCU\..\Run: [Bird online] C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1\Mix deaf.exe


    Sélectionne tous les emplacements dans le cadre ci-dessous :

    C:\Documents and Settings\All Users\Application Data\Win knob owns four
    C:\Program Files\nvcoi
    C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    9 Avril 2008 20:51:57

    C:\Documents and Settings\All Users\Application Data\Win knob owns four moved successfully.
    C:\Program Files\nvcoi moved successfully.
    C:\DOCUME~1\HP\APPLIC~1\NOUNLI~1 moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 04092008_205021
    a b 8 Sécurité
    10 Avril 2008 18:06:30

    Reposte un rapport Hijackthis.
    10 Avril 2008 21:33:23

    Logfile of HijackThis v1.99.1
    Scan saved at 21:33, on 10/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Lexmark 3300 Series\lxccmon.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\lxcccoms.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\hijackthis\test.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    11 Avril 2008 11:12:00

    j'ai installer votre antivirus que vous conseillé : antivir et depuis les pubs de reapparaissant plus, j'espere que cela va durer.
    est _il bien pour lordi d'avoir 2 antivirus : avast et antivir?
    antivir est bien gratuit, et dure til pour tjrs?
    a b 8 Sécurité
    11 Avril 2008 12:46:43

    Il ne faut qu'un antivirus.
    13 Avril 2008 18:01:43

    merci bcp pour tt angeldark
    depuis 3 jours j'ai rien eu et je pense que c depuis que j'ai installe antivir
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS