compte à rebours

Bonjour,

Avast!, ça pu

Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.

Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.

IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.

Lorsque le scan est terminé, clique sur Copy.

Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.

Il redémarre en mode sans échec ?

Oui mais est-ce qu'il a le même problème ?

Je pense plus à un problème Hardware.

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Re,

Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.

Re,

Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "S" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.

Reposte un rapport Hijackthis.

Désactive le TeaTimer puis refais un scan Lop S&D option 1.

-------------------------------[ Lop S&D ]------------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\Christel\Bureau\Lop S&D"

Rapport crée : Le 02/10/2007 à 21:25:18,34 PC : KRYSTH-PWRXR

! Faire analyser le rapport par un Helper avant intervention !

---------------------[ Listing des Applications Data ]--------------------

C:\Documents and Settings\Administrateur\Application Data\Microsoft
C:\Documents and Settings\Administrateur\Application Data\desktop.ini

C:\Documents and Settings\All Users\Application Data\Lavasoft
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Application Data\Comodo
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Mozilla
C:\Documents and Settings\All Users\Application Data\hpzinstall.log
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Google
C:\Documents and Settings\All Users\Application Data\MotiveSysIDs
C:\Documents and Settings\All Users\Application Data\Motive
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\MSN6
C:\Documents and Settings\All Users\Application Data\desktop.ini

C:\Documents and Settings\Christel\Application Data\Comodo
C:\Documents and Settings\Christel\Application Data\gtk-2.0
C:\Documents and Settings\Christel\Application Data\StarOffice8
C:\Documents and Settings\Christel\Application Data\Google
C:\Documents and Settings\Christel\Application Data\DivX
C:\Documents and Settings\Christel\Application Data\dvdcss
C:\Documents and Settings\Christel\Application Data\Lavasoft
C:\Documents and Settings\Christel\Application Data\AdobeUM
C:\Documents and Settings\Christel\Application Data\Media Player Classic
C:\Documents and Settings\Christel\Application Data\Motive
C:\Documents and Settings\Christel\Application Data\Microsoft
C:\Documents and Settings\Christel\Application Data\Help
C:\Documents and Settings\Christel\Application Data\Creative
C:\Documents and Settings\Christel\Application Data\Opera
C:\Documents and Settings\Christel\Application Data\Adobe
C:\Documents and Settings\Christel\Application Data\Image Zone Express
C:\Documents and Settings\Christel\Application Data\Macromedia
C:\Documents and Settings\Christel\Application Data\Talkback
C:\Documents and Settings\Christel\Application Data\vlc
C:\Documents and Settings\Christel\Application Data\Ahead
C:\Documents and Settings\Christel\Application Data\Notepad++
C:\Documents and Settings\Christel\Application Data\Sun
C:\Documents and Settings\Christel\Application Data\Mozilla
C:\Documents and Settings\Christel\Application Data\Nvu
C:\Documents and Settings\Christel\Application Data\desktop.ini

C:\Documents and Settings\Default User\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\Microsoft

C:\Documents and Settings\LocalService\Application Data\Microsoft
C:\Documents and Settings\LocalService\Application Data\Adobe

C:\Documents and Settings\NetworkService\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

--------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\Alcohol Soft
C:\Program Files\Alwil Software
C:\Program Files\Andromede5
C:\Program Files\ATI Technologies
C:\Program Files\AvRack
C:\Program Files\BroadJump
C:\Program Files\CCleaner
C:\Program Files\Club-Internet
C:\Program Files\Combined Community Codec Pack
C:\Program Files\Common Files
C:\Program Files\Comodo
C:\Program Files\ComPlus Applications
C:\Program Files\Creative
C:\Program Files\Diablo II
C:\Program Files\directx
C:\Program Files\DivX
C:\Program Files\D-Tools
C:\Program Files\Enigma Software Productions
C:\Program Files\Fichiers communs
C:\Program Files\FileZilla
C:\Program Files\Furcadia
C:\Program Files\GameSpy Arcade
C:\Program Files\GIMP-2.0
C:\Program Files\Google
C:\Program Files\GUILD WARS
C:\Program Files\Guitar Pro 4
C:\Program Files\Haali
C:\Program Files\Illustrate
C:\Program Files\Intel
C:\Program Files\InterActual
C:\Program Files\Internet Explorer
C:\Program Files\Invisible Secrets 4
C:\Program Files\Java
C:\Program Files\Kerio
C:\Program Files\Last.fm Player
C:\Program Files\Lavasoft
C:\Program Files\Logitech
C:\Program Files\MAIET
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\MessengerPlus! 3
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft.NET
C:\Program Files\Motive
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\NetMeeting
C:\Program Files\NewName
C:\Program Files\Notepad++
C:\Program Files\Ontrack
C:\Program Files\Opera
C:\Program Files\Outlook Express
C:\Program Files\PowerPoint Viewer
C:\Program Files\Realtek Sound Manager
C:\Program Files\RegCleaner
C:\Program Files\SiSoftware
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Stardock
C:\Program Files\Sun
C:\Program Files\Trend Micro
C:\Program Files\Ubi Soft
C:\Program Files\VideoCAM Trek
C:\Program Files\VideoLAN
C:\Program Files\Virtools Web Player 2.5
C:\Program Files\Winamp
C:\Program Files\Windows Live
C:\Program Files\Windows Media Components
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\xerox
C:\Program Files\XviD

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]-----

C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\DBase_Ena
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\DirectX
C:\Program Files\Fichiers communs\GTK
C:\Program Files\Fichiers communs\Hewlett-Packard
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Logitech
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\Motive
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\NSV
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\PocketSoft
C:\Program Files\Fichiers communs\Real
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\System
C:\Program Files\Fichiers communs\Teleca Shared
C:\Program Files\Fichiers communs\VCAMTrek
C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"axisdumbsettingspeak"="C:\\Documents and Settings\\All Users\\Application Data\\Meta Multi Axis Dumb\\Site Blue.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"proc scr"="C:\\DOCUME~1\\Christel\\APPLIC~1\\EXITDV~1\\GlobalNoun.exe"

-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

Aucun dossier Lop trouvé !

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : Propre

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvé !

--------------------[ Fin du rapport à 21:25:27,18 ]----------------------

je ne l'ai pas vu dans le gestionnaire des taches donc je suppose que non

Là maintenant oui il a redemarré depuis hier mais pendant les différents posts je ne crois pas l'avoir redémarré...

Il me semble que Tea Timer n'est plus sur mon pc depuis que j'ai désinstallé le logiciel qui faisait qu'il etait là (spyboat si je me souviens bien) et ça remonte à quelques jours maintenant.

Ma version .... ?

Je suis un peu blonde de l'intérieur parfois ...
Une question me trotte dans la tête... A une époque j'avais chopé deux saloperies (GlobalNoun.exe et Site Blue.exe) que j'avais tant bien que mal réussi à virer, et je les vois dans le rapport dans "Recherche dans le Registre"... Ces deux trucs sont vraiment partis de mon pc ou alors ils sont encore quelquepart ?




-------------------------------[ Lop S&D 1.1 ]------------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\Christel\Bureau\Lop S&D"

Rapport crée : Le 04/10/2007 à 8:08:27,06 PC : KRYSTH-PWRXR

! Faire analyser le rapport par un Helper avant intervention !

---------------------[ Listing des dossiers dans Applications Data ]--------------------

C:\Documents and Settings\Administrateur\Application Data\Microsoft
C:\Documents and Settings\Administrateur\Application Data\desktop.ini

C:\Documents and Settings\All Users\Application Data\Lavasoft
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Application Data\Comodo
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Mozilla
C:\Documents and Settings\All Users\Application Data\hpzinstall.log
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Google
C:\Documents and Settings\All Users\Application Data\MotiveSysIDs
C:\Documents and Settings\All Users\Application Data\Motive
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\MSN6
C:\Documents and Settings\All Users\Application Data\desktop.ini

C:\Documents and Settings\Christel\Application Data\Comodo
C:\Documents and Settings\Christel\Application Data\gtk-2.0
C:\Documents and Settings\Christel\Application Data\StarOffice8
C:\Documents and Settings\Christel\Application Data\Google
C:\Documents and Settings\Christel\Application Data\DivX
C:\Documents and Settings\Christel\Application Data\dvdcss
C:\Documents and Settings\Christel\Application Data\Lavasoft
C:\Documents and Settings\Christel\Application Data\AdobeUM
C:\Documents and Settings\Christel\Application Data\Media Player Classic
C:\Documents and Settings\Christel\Application Data\Motive
C:\Documents and Settings\Christel\Application Data\Microsoft
C:\Documents and Settings\Christel\Application Data\Help
C:\Documents and Settings\Christel\Application Data\Creative
C:\Documents and Settings\Christel\Application Data\Opera
C:\Documents and Settings\Christel\Application Data\Adobe
C:\Documents and Settings\Christel\Application Data\Image Zone Express
C:\Documents and Settings\Christel\Application Data\Macromedia
C:\Documents and Settings\Christel\Application Data\Talkback
C:\Documents and Settings\Christel\Application Data\vlc
C:\Documents and Settings\Christel\Application Data\Ahead
C:\Documents and Settings\Christel\Application Data\Notepad++
C:\Documents and Settings\Christel\Application Data\Sun
C:\Documents and Settings\Christel\Application Data\Mozilla
C:\Documents and Settings\Christel\Application Data\Nvu
C:\Documents and Settings\Christel\Application Data\desktop.ini

C:\Documents and Settings\Default User\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\Microsoft

C:\Documents and Settings\LocalService\Application Data\Microsoft
C:\Documents and Settings\LocalService\Application Data\Adobe

C:\Documents and Settings\NetworkService\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

--------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\Alcohol Soft
C:\Program Files\Alwil Software
C:\Program Files\Andromede5
C:\Program Files\ATI Technologies
C:\Program Files\AvRack
C:\Program Files\BroadJump
C:\Program Files\CCleaner
C:\Program Files\Club-Internet
C:\Program Files\Combined Community Codec Pack
C:\Program Files\Common Files
C:\Program Files\Comodo
C:\Program Files\ComPlus Applications
C:\Program Files\Creative
C:\Program Files\Diablo II
C:\Program Files\directx
C:\Program Files\DivX
C:\Program Files\D-Tools
C:\Program Files\Enigma Software Productions
C:\Program Files\Fichiers communs
C:\Program Files\FileZilla
C:\Program Files\Furcadia
C:\Program Files\GameSpy Arcade
C:\Program Files\GIMP-2.0
C:\Program Files\Google
C:\Program Files\GUILD WARS
C:\Program Files\Guitar Pro 4
C:\Program Files\Haali
C:\Program Files\Illustrate
C:\Program Files\Intel
C:\Program Files\InterActual
C:\Program Files\Internet Explorer
C:\Program Files\Invisible Secrets 4
C:\Program Files\Java
C:\Program Files\Kerio
C:\Program Files\Last.fm Player
C:\Program Files\Lavasoft
C:\Program Files\Logitech
C:\Program Files\MAIET
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\MessengerPlus! 3
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft.NET
C:\Program Files\Motive
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\NetMeeting
C:\Program Files\NewName
C:\Program Files\Notepad++
C:\Program Files\Ontrack
C:\Program Files\Opera
C:\Program Files\Outlook Express
C:\Program Files\PowerPoint Viewer
C:\Program Files\Realtek Sound Manager
C:\Program Files\RegCleaner
C:\Program Files\SiSoftware
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Stardock
C:\Program Files\Sun
C:\Program Files\Trend Micro
C:\Program Files\Ubi Soft
C:\Program Files\VideoCAM Trek
C:\Program Files\VideoLAN
C:\Program Files\Virtools Web Player 2.5
C:\Program Files\Winamp
C:\Program Files\Windows Live
C:\Program Files\Windows Media Components
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\xerox
C:\Program Files\XviD

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]-----

C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\DBase_Ena
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\DirectX
C:\Program Files\Fichiers communs\GTK
C:\Program Files\Fichiers communs\Hewlett-Packard
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Logitech
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\Motive
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\NSV
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\PocketSoft
C:\Program Files\Fichiers communs\Real
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\System
C:\Program Files\Fichiers communs\Teleca Shared
C:\Program Files\Fichiers communs\VCAMTrek
C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"axisdumbsettingspeak"="C:\\Documents and Settings\\All Users\\Application Data\\Meta Multi Axis Dumb\\Site Blue.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"proc scr"="C:\\DOCUME~1\\Christel\\APPLIC~1\\EXITDV~1\\GlobalNoun.exe"

-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

Aucun dossier Lop trouvé !

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : Propre

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvé !

--------------------[ Fin du rapport à 8:08:32,87 ]----------------------

Ah je ne connaissais pas cette commande, je prends note ça peut toujours être utile

Voilà c'est fait "proc src" et "axis..." sont supprimés ^^

-------------------------------[ Lop S&D 1.1 ]------------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\Christel\Bureau\Lop S&D"

Rapport crée : Le 04/10/2007 à 20:27:19,15 PC : KRYSTH-PWRXR

! Faire analyser le rapport par un Helper avant intervention !

---------------------[ Listing des dossiers dans Applications Data ]--------------------

C:\Documents and Settings\Administrateur\Application Data\Microsoft
C:\Documents and Settings\Administrateur\Application Data\desktop.ini

C:\Documents and Settings\All Users\Application Data\Sony Corporation
C:\Documents and Settings\All Users\Application Data\Lavasoft
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Application Data\Comodo
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Mozilla
C:\Documents and Settings\All Users\Application Data\hpzinstall.log
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Google
C:\Documents and Settings\All Users\Application Data\MotiveSysIDs
C:\Documents and Settings\All Users\Application Data\Motive
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\MSN6
C:\Documents and Settings\All Users\Application Data\desktop.ini

C:\Documents and Settings\Christel\Application Data\Sony Corporation
C:\Documents and Settings\Christel\Application Data\Comodo
C:\Documents and Settings\Christel\Application Data\gtk-2.0
C:\Documents and Settings\Christel\Application Data\StarOffice8
C:\Documents and Settings\Christel\Application Data\Google
C:\Documents and Settings\Christel\Application Data\DivX
C:\Documents and Settings\Christel\Application Data\dvdcss
C:\Documents and Settings\Christel\Application Data\Lavasoft
C:\Documents and Settings\Christel\Application Data\AdobeUM
C:\Documents and Settings\Christel\Application Data\Media Player Classic
C:\Documents and Settings\Christel\Application Data\Motive
C:\Documents and Settings\Christel\Application Data\Microsoft
C:\Documents and Settings\Christel\Application Data\Help
C:\Documents and Settings\Christel\Application Data\Creative
C:\Documents and Settings\Christel\Application Data\Opera
C:\Documents and Settings\Christel\Application Data\Adobe
C:\Documents and Settings\Christel\Application Data\Image Zone Express
C:\Documents and Settings\Christel\Application Data\Macromedia
C:\Documents and Settings\Christel\Application Data\Talkback
C:\Documents and Settings\Christel\Application Data\vlc
C:\Documents and Settings\Christel\Application Data\Ahead
C:\Documents and Settings\Christel\Application Data\Notepad++
C:\Documents and Settings\Christel\Application Data\Sun
C:\Documents and Settings\Christel\Application Data\Mozilla
C:\Documents and Settings\Christel\Application Data\Nvu
C:\Documents and Settings\Christel\Application Data\desktop.ini

C:\Documents and Settings\Default User\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\Microsoft

C:\Documents and Settings\LocalService\Application Data\Microsoft
C:\Documents and Settings\LocalService\Application Data\Adobe

C:\Documents and Settings\NetworkService\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

--------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\Alcohol Soft
C:\Program Files\Alwil Software
C:\Program Files\Andromede5
C:\Program Files\ATI Technologies
C:\Program Files\AvRack
C:\Program Files\BroadJump
C:\Program Files\CCleaner
C:\Program Files\Club-Internet
C:\Program Files\Combined Community Codec Pack
C:\Program Files\Common Files
C:\Program Files\Comodo
C:\Program Files\ComPlus Applications
C:\Program Files\Creative
C:\Program Files\Diablo II
C:\Program Files\directx
C:\Program Files\DivX
C:\Program Files\D-Tools
C:\Program Files\Enigma Software Productions
C:\Program Files\Fichiers communs
C:\Program Files\FileZilla
C:\Program Files\Furcadia
C:\Program Files\GameSpy Arcade
C:\Program Files\GIMP-2.0
C:\Program Files\Google
C:\Program Files\GUILD WARS
C:\Program Files\Guitar Pro 4
C:\Program Files\Haali
C:\Program Files\Illustrate
C:\Program Files\Intel
C:\Program Files\InterActual
C:\Program Files\Internet Explorer
C:\Program Files\Invisible Secrets 4
C:\Program Files\Java
C:\Program Files\Kerio
C:\Program Files\Last.fm Player
C:\Program Files\Lavasoft
C:\Program Files\Logitech
C:\Program Files\MAIET
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\MessengerPlus! 3
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft.NET
C:\Program Files\Motive
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\NetMeeting
C:\Program Files\NewName
C:\Program Files\Notepad++
C:\Program Files\Ontrack
C:\Program Files\Opera
C:\Program Files\Outlook Express
C:\Program Files\PowerPoint Viewer
C:\Program Files\Realtek Sound Manager
C:\Program Files\RegCleaner
C:\Program Files\SiSoftware
C:\Program Files\Sony
C:\Program Files\Sony Corporation
C:\Program Files\Stardock
C:\Program Files\Sun
C:\Program Files\Trend Micro
C:\Program Files\Ubi Soft
C:\Program Files\VideoCAM Trek
C:\Program Files\VideoLAN
C:\Program Files\Virtools Web Player 2.5
C:\Program Files\Winamp
C:\Program Files\Windows Live
C:\Program Files\Windows Media Components
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\xerox
C:\Program Files\XviD

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]-----

C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\DBase_Ena
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\DirectX
C:\Program Files\Fichiers communs\GTK
C:\Program Files\Fichiers communs\Hewlett-Packard
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Logitech
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\Motive
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\NSV
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\PocketSoft
C:\Program Files\Fichiers communs\Real
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Sony Shared
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\System
C:\Program Files\Fichiers communs\Teleca Shared
C:\Program Files\Fichiers communs\VCAMTrek
C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]


-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

Aucun dossier Lop trouvé !

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : Propre

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvé !

--------------------[ Fin du rapport à 20:27:27,68 ]----------------------

Non ça me l'a refait juste après mon dernier post.
Mais ça arrive de moins en moins souvent.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:01:57, on 05/10/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\dispatcher.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
D:\CursorXP\CursorXP.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {B67F984F-4B79-9792-22D8-98CF4A35DEF3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Dispatcher] C:\WINDOWS\dispatcher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\DOCUME~1\Christel\Bureau\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [CursorXP] d:\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SkwatAutoconnect] D:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ [...] hcImpl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/18822e [...] 601_fr.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game11.zylomgames.com/activ [...] player.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/671 [...] taller.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7ED1F1B-C3DC-4BA6-B644-0B149B51C5A1}: NameServer = 194.117.200.10,194.117.200.15
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 8823 bytes

AntiVir PersonalEdition Classic
Report file date: samedi 6 octobre 2007 17:49

Scanning for 866705 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 1) [5.1.2600]
Username: Christel
Computer name: KRYSTH-PWRXR

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 13:26:55
ANTIVIR2.VDF : 7.0.0.32 315904 Bytes 28/09/2007 09:30:51
ANTIVIR3.VDF : 7.0.0.56 124416 Bytes 05/10/2007 09:30:51
AVEWIN32.DLL : 7.6.0.20 2753024 Bytes 06/10/2007 09:30:51
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 07:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: I:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: samedi 6 octobre 2007 17:49

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'cidaemon.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned
Scan process 'cisvc.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'mpbtn.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'CursorXP.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'AAWTray.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'Dispatcher.exe' - '1' Module(s) have been scanned
Scan process 'MotiveSB.exe' - '1' Module(s) have been scanned
Scan process 'vsnpstd.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
34 processes with 34 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '38' files ).


Starting the file scan:

Begin scan in 'C:\' <Systeme>
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Program Files>
Begin scan in 'E:\' <Media>
Begin scan in 'A:\'
Search path A:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'G:\'
Search path G:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'H:\'
Search path H:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'I:\'
Search path I:\ could not be opened!
Le périphérique n'est pas prêt.



End of the scan: samedi 6 octobre 2007 18:41
Used time: 52:00 min

The scan has been done completely.

5170 Scanning directories
352870 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
352870 Files not concerned
2999 Archives were scanned
1 Warnings
9 Notes

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:01:13, on 07/10/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\dispatcher.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\spoolsv.exe
D:\CursorXP\CursorXP.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {B67F984F-4B79-9792-22D8-98CF4A35DEF3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Dispatcher] C:\WINDOWS\dispatcher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\DOCUME~1\Christel\Bureau\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CursorXP] d:\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SkwatAutoconnect] D:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ [...] hcImpl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/18822e [...] 601_fr.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game11.zylomgames.com/activ [...] player.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/671 [...] taller.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7ED1F1B-C3DC-4BA6-B644-0B149B51C5A1}: NameServer = 194.117.200.10,194.117.200.15
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 8669 bytes

Voilà c'est fait.

"Wait and see" ^^

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:08:11, on 09/10/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\dispatcher.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\DOCUME~1\Christel\Bureau\SONICS~1\SsAAD.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\CursorXP\CursorXP.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\cidaemon.exe
D:\BitComet\BitComet.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Dispatcher] C:\WINDOWS\dispatcher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\DOCUME~1\Christel\Bureau\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CursorXP] d:\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SkwatAutoconnect] D:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ [...] hcImpl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/18822e [...] 601_fr.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game11.zylomgames.com/activ [...] player.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/671 [...] taller.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7ED1F1B-C3DC-4BA6-B644-0B149B51C5A1}: NameServer = 194.117.200.10,194.117.200.15
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 8671 bytes

Non, toujours pas. J'ai toujours ce fichu compte a rebour qui apparait un peu quand il veut. Je pensais m'en être débarassée vu que j'ai rien eu pendant deux jours mais ça me le refait encore ...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:03:06, on 13/10/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\dispatcher.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\DOCUME~1\Christel\Bureau\SONICS~1\SsAAD.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\CursorXP\CursorXP.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
D:\BitComet\BitComet.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Dispatcher] C:\WINDOWS\dispatcher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\DOCUME~1\Christel\Bureau\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CursorXP] d:\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SkwatAutoconnect] D:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O4 - HKCU\..\Run: [updateMgr] D:\Adobe\Adobe Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ [...] hcImpl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/18822e [...] 601_fr.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game11.zylomgames.com/activ [...] player.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/671 [...] taller.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7ED1F1B-C3DC-4BA6-B644-0B149B51C5A1}: NameServer = 194.117.200.10,194.117.200.15
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 8871 bytes

quel truc ? c'etait pas ça ?

Quand le compte a rebour se lance je ne peux pas faire de capture vu que je ne peux ouvrir aucune application (uniquement enregistrer mon boulot et fermer les applications avant que ça arrive à zéro) et vu que le pc redemarre par la suite je ne peux pas coller la capture une fois qu'il s'est relancé vu que la mémoire cache est remise à zéro... Et comme ça se lance n'importe quand je peux pas vraiment prévoir quand il va arriver... (et bosser sur le pc avec Photoshop continuellement ouvert ça ne me tente pas des masses vu qu'il prend une place monstrueuse, mais bon s'il n'y a que ça a faire...)