tuile Msn

Bonjour,

Tu as un os pirate ?

Télécharge combofix.exe (par sUBs) sur ton Bureau.

Double clique combofix.exe.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

non j'ai un win XP pro Volume liscence (MSDN fourni par mon lycée (BTS INFO)
je poste le rapport des que il m'a fait le scan
merci

il y a combien d'étapes ? j'en suis a la 36eme

Voila le rapport :

ComboFix 07-11-08.1 - Mckilleron 2007-11-15 19:00:12.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.447 [GMT 1:00]
Running from: C:\Downloads\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\newdotnet
C:\Program Files\newdotnet\newdotnet7_48.dll_tobedeleted_old
C:\WINDOWS\system32\Cache

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_NNSERV
-------\NNServ
-------\ntldr.sys


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-15 to 2007-11-15 ))))))))))))))))))))))))))))))))))))
.

2007-11-15 18:57 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-15 18:00 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-15 17:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-15 00:01 <REP> d-------- C:\Program Files\MultiProxy
2007-11-14 09:43 49,536 --a------ C:\WINDOWS\system32\drivers\a07l15w8.sys
2007-11-11 18:19 <REP> d-------- C:\Documents and Settings\Mckilleron\.thinupload
2007-11-11 11:43 49,536 --a------ C:\WINDOWS\system32\drivers\at7ph1ja.sys
2007-11-10 19:26 <REP> d-------- C:\temp
2007-11-10 19:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Media Center Programs
2007-11-10 18:52 <REP> d-------- C:\Documents and Settings\Mckilleron\Application Data\InstallShield
2007-11-10 18:40 <REP> d-------- C:\WINDOWS\1F8FB0FA6FF24B2FBE2F7266AFB0895D.TMP
2007-11-10 15:08 <REP> d--h----- C:\Documents and Settings\MAC4602\ASPNET\Voisinage r‚seau
2007-11-10 15:08 <REP> d--h----- C:\Documents and Settings\MAC4602\ASPNET\Voisinage d'impression
2007-11-10 15:08 <REP> d--h----- C:\Documents and Settings\MAC4602\ASPNET\ModŠles
2007-11-10 15:08 <REP> d-------- C:\Documents and Settings\MAC4602\ASPNET\Mes documents
2007-11-10 15:08 <REP> dr------- C:\Documents and Settings\MAC4602\ASPNET\Menu D‚marrer
2007-11-10 15:08 <REP> d-------- C:\Documents and Settings\MAC4602\ASPNET\Favoris
2007-11-10 15:08 <REP> d-------- C:\Documents and Settings\MAC4602\ASPNET\Bureau
2007-11-10 15:08 <REP> d-------- C:\Documents and Settings\MAC4602\ASPNET
2007-11-09 17:03 <REP> d-------- C:\ElectronicArts
2007-11-09 17:03 283,648 --a------ C:\WINDOWS\unin040c.exe
2007-11-09 17:03 132,096 --a------ C:\WINDOWS\system32\RashIcon.dll
2007-11-09 17:03 41,472 --a------ C:\WINDOWS\system32\RashProp.dll
2007-11-09 17:03 28,672 --a------ C:\WINDOWS\system32\AWEMan32.dll
2007-11-07 17:16 <REP> d-------- C:\Master 2mi
2007-11-07 13:23 <REP> d-------- C:\Documents and Settings\Mckilleron\VSWebCache
2007-11-07 10:43 <REP> d-------- C:\Program Files\MSDN
2007-11-07 10:10 <REP> d-------- C:\Program Files\HTML Help Workshop
2007-11-07 10:10 <REP> d-------- C:\Program Files\Fichiers communs\Merge Modules
2007-11-07 10:10 <REP> d-------- C:\Program Files\Fichiers communs\Crystal Decisions
2007-11-07 10:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-11-07 10:08 <REP> d-------- C:\Program Files\Microsoft Visual Studio .NET 2003
2007-11-07 09:49 127,488 --a--c--- C:\WINDOWS\system32\dllcache\ftpsv251.dll
2007-11-07 09:49 6,144 --a--c--- C:\WINDOWS\system32\dllcache\ftpmib.dll
2007-11-06 15:17 4,096 --a------ C:\WINDOWS\d3dx.dat
2007-11-06 15:11 <REP> d-------- C:\severance
2007-11-05 21:31 <REP> d-------- C:\Program Files\Fichiers communs\L&H
2007-11-05 21:30 <REP> d-------- C:\Program Files\Microsoft Reader
2007-11-05 21:30 57,436 --a------ C:\WINDOWS\DASShp.dll
2007-11-05 15:38 <REP> d-------- C:\Program Files\Cookie Viewer
2007-11-03 11:49 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2007-11-03 11:22 <REP> d-------- C:\Program Files\IE7Pro
2007-11-03 11:22 <REP> d-------- C:\Documents and Settings\Mckilleron\Application Data\IE7Pro
2007-11-01 23:09 <REP> d-------- C:\Program Files\vso
2007-11-01 23:09 <REP> d-------- C:\Documents and Settings\Mckilleron\Application Data\Vso
2007-11-01 23:09 81,920 --a------ C:\Documents and Settings\Mckilleron\Application Data\ezpinst.exe
2007-11-01 23:09 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2007-11-01 23:09 47,360 --a------ C:\Documents and Settings\Mckilleron\Application Data\pcouffin.sys
2007-11-01 20:55 <REP> d-------- C:\Program Files\Fake Webcam
2007-10-31 20:17 <REP> d-------- C:\BMW M3 Challenge
2007-10-24 08:12 <REP> d-------- C:\UT2004
2007-10-23 21:26 <REP> d-------- C:\WINDOWS\system32\Futuremark
2007-10-20 11:24 <REP> d-------- C:\Program Files\FlashGet
2007-10-18 16:16 <REP> d-------- C:\Program Files\JoWooD Productions
2007-10-18 11:31 51,224 --a------ C:\WINDOWS\system32\sirenacm.dll
2007-10-17 15:14 <REP> d-------- C:\Program Files\YesMessenger
2007-10-16 14:15 49,536 --a------ C:\WINDOWS\system32\drivers\athtsi8j.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-15 18:16 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-15 18:15 --------- d-----w C:\Documents and Settings\LocalService\Application Data\VMware
2007-11-15 18:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\VMware
2007-11-15 17:00 --------- d-----w C:\Program Files\Windows Live
2007-11-15 16:57 --------- d-----w C:\Program Files\MSN Messenger
2007-11-15 09:55 --------- d-----w C:\Documents and Settings\Mckilleron\Application Data\AVG7
2007-11-11 22:40 --------- d-----w C:\Program Files\Ground Control II
2007-11-10 17:57 --------- d-----w C:\Program Files\THQ
2007-11-10 17:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-10 17:48 --------- d-----w C:\Program Files\GOA
2007-11-10 17:43 --------- d-----w C:\Program Files\Electronic Arts
2007-11-08 21:57 --------- d-----w C:\Program Files\JetAudio
2007-11-08 21:42 --------- d-----w C:\Program Files\Fichiers communs\COWON
2007-11-05 14:38 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2007-11-05 14:38 249,856 ------w C:\WINDOWS\Setup1.exe
2007-11-04 13:52 --------- d-----w C:\Program Files\Starcraft
2007-11-02 19:59 --------- d-----w C:\Program Files\Mu~Intensity
2007-10-31 12:42 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2007-10-23 10:55 --------- d-----w C:\Program Files\BitComet
2007-10-19 20:01 --------- d-----w C:\Program Files\easyrencontre
2007-10-19 15:16 --------- d-----w C:\Program Files\PSPad editor
2007-10-19 13:45 --------- d-----w C:\Program Files\EasyFlirt Messenger
2007-10-14 09:15 --------- d-----w C:\Documents and Settings\Mckilleron\Application Data\Screenshot Sender
2007-10-13 10:21 --------- d-----w C:\Program Files\Playlogic
2007-10-12 15:23 --------- d-----w C:\Program Files\Strategy First
2007-10-10 18:08 --------- d-----w C:\Documents and Settings\Mckilleron\Application Data\ma-config.com
2007-10-10 17:57 --------- d-----w C:\Program Files\ma-config.com
2007-10-08 16:23 --------- d-----w C:\Program Files\SLD Codec Pack
2007-10-07 07:44 --------- d-----w C:\Program Files\TomTom HOME
2007-10-06 22:07 --------- d-----w C:\Program Files\NCH Swift Sound
2007-10-06 20:27 --------- d-----w C:\Program Files\Cyanide
2007-10-05 17:03 --------- d-----w C:\Program Files\Gamenext
2007-10-05 16:52 --------- d-----w C:\Program Files\DOSBox-0.70
2007-10-05 16:01 --------- d-----w C:\Program Files\SpeedFan
2007-10-05 16:00 --------- d-----w C:\Program Files\Warcraft III
2007-10-02 21:15 --------- d-----w C:\Program Files\Buka
2007-10-02 21:14 --------- d-----w C:\Program Files\Black Isle
2007-10-01 20:16 --------- d-----w C:\Program Files\Trend Micro
2007-09-26 19:48 --------- d-----w C:\Program Files\EasyPHP1-8
2007-09-22 08:48 --------- d-----w C:\Program Files\Atari
2007-09-21 15:50 --------- d-----w C:\Documents and Settings\Mckilleron\Application Data\VMware
2007-09-21 14:30 --------- d-----w C:\Program Files\Doom 3
2007-09-20 14:44 --------- d-----w C:\Program Files\Duke Nukem - Manhattan Project
2007-05-09 16:50 6,775 ----a-w C:\Program Files\UnInstall_jetAudio.txt
2007-04-22 12:04 135,360 ----a-w C:\Program Files\Hamasaki.Ayumi.-.rainy.day.avi
2006-02-24 10:11 11,304 ------w C:\Program Files\French.lng
2006-02-24 09:07 77,824 ------w C:\Program Files\JetTrim.FRC
2006-02-24 09:07 577,536 ------w C:\Program Files\JetAudio.FRC
2006-02-24 09:07 49,152 ------w C:\Program Files\JXCddb.FRC
2006-02-24 09:07 462,848 ------w C:\Program Files\JetCast.FRC
2006-02-24 09:07 45,056 ------w C:\Program Files\JXLeoLDB.FRC
2006-02-24 09:07 45,056 ------w C:\Program Files\JetLyric.FRC
2006-02-24 09:07 40,960 ------w C:\Program Files\JFWMARd.FRC
2006-02-24 09:07 36,864 ------w C:\Program Files\JetFlExt.FRC
2006-02-24 09:07 36,864 ------w C:\Program Files\JetCrash.FRC
2006-02-24 09:07 32,768 ------w C:\Program Files\JXVisual.FRC
2006-02-24 09:07 32,768 ------w C:\Program Files\JXTag.FRC
2006-02-24 09:07 32,768 ------w C:\Program Files\JXCDMan.FRC
2006-02-24 09:07 32,768 ------w C:\Program Files\JSWMAWt.FRC
2006-02-24 09:07 32,768 ------w C:\Program Files\JFWMAWt7.FRC
2006-02-24 09:07 32,768 ------w C:\Program Files\JFWMAWt.FRC
2006-02-24 09:07 32,768 ------w C:\Program Files\JFWavWt.FRC
2006-02-24 09:07 32,768 ------w C:\Program Files\JFWavRd.FRC
2006-02-24 09:07 32,768 ------w C:\Program Files\JFWavOut.FRC
2006-02-24 09:07 151,552 ------w C:\Program Files\JetChat.FRC
2006-02-24 09:07 131,072 ------w C:\Program Files\JXVidCnv.FRC
2006-02-24 09:07 106,496 ------w C:\Program Files\JetRecorder.FRC
2006-02-24 09:06 81,920 ------w C:\Program Files\JFRMPl.FRC
2006-02-24 09:06 57,344 ------w C:\Program Files\JFDSPl.FRC
2006-02-24 09:06 53,248 ------w C:\Program Files\JFDVDPl.FRC
2006-02-24 09:06 40,960 ------w C:\Program Files\JFACDWt.FRC
2006-02-24 09:06 36,864 ------w C:\Program Files\JFVCDPl.FRC
2006-02-24 09:06 36,864 ------w C:\Program Files\JFSpeexWt.FRC
2006-02-24 09:06 36,864 ------w C:\Program Files\JFNetworkWt.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFWMANetWt9.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFWMANetWt.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFSpeexRd.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFRMWt.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFQTPl.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFOGGWt.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFOGGRd.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFOGGEnc.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFNetFP.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFMPCWt.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFMPCRd.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFMP3Wt.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFMP3Rd.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFMP3ProWt.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFMP3ProEnc.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFMP3Enc.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFMP3Dec.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFMODRd.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFMIDRd.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFIMSRd.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFFLACWt.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFFLACRd.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFCDPl.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFAPEWt.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFAPERd.FRC
2006-02-24 09:06 32,768 ------w C:\Program Files\JFAMP3En.FRC
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 09:43]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 00:00]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 21:09]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-10-30 20:38]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [2007-04-13 00:51]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-09 17:53]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-31 13:54]
"nwiz"="nwiz.exe" [2006-03-31 13:54 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-03-31 13:54]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-07-05 22:22]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2006-07-07 17:45]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 00:04]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 12:49]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide de Microsoft Office OneNote 2003.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide de Microsoft Office OneNote 2003.lnk
backup=C:\WINDOWS\pss\Lancement rapide de Microsoft Office OneNote 2003.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mckilleron^Menu Démarrer^Programmes^Démarrage^BoontyBox 01net.lnk]
path=C:\Documents and Settings\Mckilleron\Menu Démarrer\Programmes\Démarrage\BoontyBox 01net.lnk
backup=C:\WINDOWS\pss\BoontyBox 01net.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mckilleron^Menu Démarrer^Programmes^Démarrage^Dial-Messenger.lnk]
path=C:\Documents and Settings\Mckilleron\Menu Démarrer\Programmes\Démarrage\Dial-Messenger.lnk
backup=C:\WINDOWS\pss\Dial-Messenger.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mckilleron^Menu Démarrer^Programmes^Démarrage^easyrencontre.lnk]
path=C:\Documents and Settings\Mckilleron\Menu Démarrer\Programmes\Démarrage\easyrencontre.lnk
backup=C:\WINDOWS\pss\easyrencontre.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mckilleron^Menu Démarrer^Programmes^Démarrage^Stardock ObjectDock.lnk]
path=C:\Documents and Settings\Mckilleron\Menu Démarrer\Programmes\Démarrage\Stardock ObjectDock.lnk
backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\Program Files\AIM95\aim.exe -cnetwait.odl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BroadWaveRun]
"C:\Program Files\NCH Swift Sound\BroadWave\broadwave.exe" -logon

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedOptimizer]
C:\PROGRA~1\SPEEDO~1\SPO.EXE -s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Watch]
C:\PROGRA~1\minitel\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe

R2 ithsgt;ithsgt;C:\WINDOWS\system32\DRIVERS\ithsgt.sys
R2 lilsgt;lilsgt;C:\WINDOWS\system32\DRIVERS\lilsgt.sys
R2 sbbotdi;sbbotdi;\??\C:\PROGRA~1\SPEEDB~1\sbbotdi.sys
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 CCCP106;CIF USB Camera (2110A);C:\WINDOWS\system32\DRIVERS\cccp106.sys
R3 P17;SB Live! 24-bit;C:\WINDOWS\system32\drivers\P17.sys
R3 Tetris;Tetris driver;C:\WINDOWS\system32\Drivers\Tetris.sys
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys
S3 pohci13F;pohci13F;\??\C:\DOCUME~1\MCKILL~1\LOCALS~1\Temp\pohci13F.sys

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b156739-735d-11dc-ac89-0014858055e6}]
\Shell\AutoRun\command - K:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74f2cc10-032f-11dc-b720-005056c00008}]
\Shell\AutoRun\command - K:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fbfc28d2-e6fe-11db-8820-806d6172696f}]
\Shell\AutoRun\command - F:\autorun.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-09 16:15:54 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2007-11-10 19:23:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-15 19:15:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.

relancement d'msn ==> Problème persistant

Test avec A msn ==> meme souci

Reposte un rapport Hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:03:03, on 15/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\SPEEDB~1\VideoAccelerator.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\EasyFlirt Messenger\EasyFlirt Messenger.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.4.29.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: EasyFlirt Messenger.lnk = ?
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall....
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by139fd.bay139.hotmail.msn.com/resources/MsnPUpl...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.yougamers.com/systeminfo/MSC3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{468F0530-330A-4428-BDB8-0BCBC8CB233F}: NameServer = 84.103.237.140
O17 - HKLM\System\CS1\Services\Tcpip\..\{468F0530-330A-4428-BDB8-0BCBC8CB233F}: NameServer = 84.103.237.140
O17 - HKLM\System\CS2\Services\Tcpip\..\{468F0530-330A-4428-BDB8-0BCBC8CB233F}: NameServer = 84.103.237.140
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

--
End of file - 12581 bytes

On va faire une vérif.

Télécharge MSNFix.zip ([#ff0000]!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).

Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.

[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]

Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log

MSNFix 1.579

C:\Downloads\MSNFix\MSNFix
Fix exécuté le 15/11/2007 - 19:49:36,29 By Mckilleron
mode normal

************************ Recherche les fichiers présents

Aucun Fichier trouvé

************************ Recherche les dossiers présents

... C:\Temp\




************************ Suppression des fichiers



************************ Suppression des dossiers

.. OK ... C:\Temp\


************************ Nettoyage du registre



************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\PROGRA~1\UnInstall_jetAudio.exe] 98604F0CE0593304E331B3FF0995BE88

==> SVP merci d'envoyer le fichier C:\DOCUME~1\MCKILL~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr



Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 15112007_19505978.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

jet audio c'est mon lecteur mp3 jamais eu de souci

toujours le meme problème persistant

Pas une infection MSN.

Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.

voila

15/11/2007 a 20:28:40,96

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
"C:\Documents and Settings\Mckilleron\Application Data\ezpinst.exe" FOUND

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !

j'ai supprimé le fichier ezpinst.exe
aucun chagement

je sais plus quoi faire la...

Reposte un rapport Hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:00:10, on 15/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SPEEDB~1\VideoAccelerator.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\EasyFlirt Messenger\EasyFlirt Messenger.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.4.29.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: EasyFlirt Messenger.lnk = ?
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall....
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by139fd.bay139.hotmail.msn.com/resources/MsnPUpl...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.yougamers.com/systeminfo/MSC3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{468F0530-330A-4428-BDB8-0BCBC8CB233F}: NameServer = 84.103.237.140
O17 - HKLM\System\CS1\Services\Tcpip\..\{468F0530-330A-4428-BDB8-0BCBC8CB233F}: NameServer = 84.103.237.140
O17 - HKLM\System\CS2\Services\Tcpip\..\{468F0530-330A-4428-BDB8-0BCBC8CB233F}: NameServer = 84.103.237.140
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: VideoAcceleratorEngine - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

--
End of file - 12502 bytes


Mon temps de réaction est rapide

j'arrive pas a trouver la tuile

j'ai analysé tous les processus de mon pc en cours, rien d'anormal

qqun peut m'aider ?

snif je suis en galère la

bon bah ca sent le format

Peut etre es tu allé trop voir les sites X   hein monsieur romain...

Tu peux pas patienter là ?
Désinstalle AskPBar.