Merci, Evil.

Suis la procédure indiqué par GenProc a la lettre.

Evilouuuuuuu

EvilElf, occupe-toi de mon PC aussi stp.

Je suis en pleine partie de secret of mana là les gars

voila evil , j´ai fais le rapport mode sans echec de sdfix......... qu´es que tu peux m´en dire stp?

SDFix: Version 1.99

Run by HP_Administrateur on 22/08/2007 at 11:34

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\HP_ADM~1\Bureau\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

Trojan Files Found:

C:\Documents and Settings\HP_Administrateur\new.txt - Deleted

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servi
ces\sharedaccess\parameters\firewallpolicy\standar
dprofile\authorizedapplications\list]
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe:*:Disabled:AC3 audio (ac3)"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Disabled:AOL France"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Disabled:Ares"

"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\
\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-2
2019"
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network
Diagnostic\\xpnetdiag.exe:*:Disabled:@xpsp3res.dll
,-20000"
"C:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"="C:\\Program
Files\\Codemasters\\DiRT\\DiRT.exe:*:Disabled:DiRT
Executable"
"C:\\Program
Files\\Cyanide\\GameCenter\\GameCenter.exe"="C:\\P
rogram
Files\\Cyanide\\GameCenter\\GameCenter.exe:*:Disab
led:GameCenter"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program
Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"

"C:\\Program Files\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"="C:\\Program Files\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe:*:Disabled:NFSC"
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe:*:Disabled:pes6.exe"
"C:\\Program Files\\PPStream\\PPStream.exe"="C:\\Program
Files\\PPStream\\PPStream.exe:*:Disabled:PPStream"

"C:\\Documents and Settings\\HP_Administrateur\\Application Data\\SopCast\\adv\\SopAdver.exe"="C:\\Documents and Settings\\HP_Administrateur\\Application
Data\\SopCast\\adv\\SopAdver.exe:*:Disabled:SopCas
t Adver"
"C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Disabled:SopCast Main Application"
"C:\\Program Files\\TVAnts\\Tvants.exe"="C:\\Program Files\\TVAnts\\Tvants.exe:*:Disabled:TVAnts"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Disabled:VLC media player"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Disabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Disabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\\Program Files\\aMSN\\bin\\wish.exe"="C:\\Program Files\\aMSN\\bin\\wish.exe:*:Disabled:Wish Application"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program
Files\\uTorrent\\utorrent.exe:*:Enabled:æTorrent"

"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program
Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"

"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr
.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\h
elpctr.exe:*:Enabled:Assistance … distance - Windows Messenger et voix"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program
Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avgine
t.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program
Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgam
svr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program
Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.ex
e"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program
Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.
exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servi
ces\sharedaccess\parameters\firewallpolicy\domainp
rofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\syste
m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network
Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,
-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files:
---------------

File Backups: -
C:\DOCUME~1\HP_ADM~1\Bureau\SDFix\backups\backups.
zip
Registry Backups: -
C:\DOCUME~1\HP_ADM~1\Bureau\SDFix\backups\backupre
g.zip
Full Registry Backup: - C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE

Files with Hidden Attributes:

C:\Documents and Settings\HP_Administrateur\Mes documents\Mes vid‚os\Daz Dillinger - Tha Dogg Pound Gangsta LP (2005) Rap - www.torrentazos.com By FEFE2003\Thumbs.db
C:\Documents and Settings\HP_Administrateur\Mes documents\Mes vid‚os\South Central Cartel - Westurrection (2005) - Rap - www.torrentazos.com By FEFE2003\South Central Cartel - Westurrection (2005) - Rap - www.torrentazos.com By FEFE2003\Thumbs.db
C:\Documents and Settings\HP_Administrateur\Mes documents\Mes
vid‚os\wc_-_the_shadiest_one_-_1998_by_fotolog.com
-nozo_files\WC - The Shadiest One - 1998 (BY fotolog.com-nozo_files)\Thumbs.db
C:\WINDOWS\SMINST\HPCD.sys
C:\Documents and Settings\All Users\Documents\TV enregistr‚e\TempRec\TempSBE\SBE1.tmp
C:\Documents and Settings\All Users\Documents\TV enregistr‚e\TempRec\TempSBE\SBE2.tmp
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp

Finished

Bonjour !

Poste un nouveau log Hijackthis s´il te plait.

voila

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:02:47, on 22/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNo
tifier.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Nero\Nero 7\Nero PhotoSnap\PhotoSnapViewer.exe
C:\HiJackThis\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=64&bd=PAVILION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d´Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\2.1.615.5858\sw
g.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNo
tifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ´SERVICE LOCAL´)
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ´SERVICE LOCAL´)
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ´SERVICE RÉSEAU´)
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ´SYSTEM´)
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ´Default user´)
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User ´Default user´)
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User ´Default user´)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra ´Tools´ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -
http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://webscanner.kaspersrsky.fr/kavwebscan_unicode.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://download.divx.com/m/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) -
http://charon777.free.fr/plugins/hardwaredetection_2_0_4_8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) -
http://www.neufsecurite.com/Ols/fscax.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
http://driveragent.com/files/driveragent.cab
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

--
End of file - 6871 bytes

Et bien, comment se porte ton PC ?

ca va il rame un peu moins mais le demarrage de AVG et AVG ANTI spyware est assez long mais bon c´est normal ! merci a toi .

sinon j´ai un probleme avec swg google toolbar notifier qui se lance a chaque demarrage de mon pc , j´ai beau le supprimer via msconfig mais il revient toujours ?!

Beh oui AVG c´est du lourd ... Je serai toi je le jetterai au profit d´Antivir.

Tu peux la désinstallé via Ajout/Suppression programme. Sinon fix cette ligne :
O4 - HKCU\..\Run: [swg] C:\Program

Files\Google\GoogleToolbarNotifier\GoogleToolbarNo

tifier.exe