darkytchy

a euh oui ba voila : SDFix: Version 1.220 Run by Flo on 02/09/2008 at 15:47 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Restoring Default Desktop Wallpaper Restoring Default ScreenSaver value Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\system32\lphc99kj0ev45.exe - Deleted C:\WINDOWS\system32\phc99kj0ev45.bmp - Deleted C:\WINDOWS\system32\blphc99kj0ev45.scr - Deleted C:\Documents and Settings\Flo\Local Settings\Temp\.tt6.tmp.exe - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt1.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt11.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt12.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt19.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt1F.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt2.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt20.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt22.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt2A.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt2B.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt2C.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt2D.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt2F.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt3.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt31.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt33.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt35.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt37.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt38.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt39.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt3A.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt3B.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt3D.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt3F.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt4.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt41.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt42.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt43.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt46.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt49.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt4B.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt4D.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt4E.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt4F.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt5.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt51.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt53.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt55.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt57.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt58.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt59.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt5B.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt5D.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt5F.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt6.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt61.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt63.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt64.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt66.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt68.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt6A.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt6C.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt6E.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt70.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt72.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt73.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt75.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt77.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt79.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt7B.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt7D.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt7F.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt8.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt82.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt83.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt84.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt88.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt8A.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt8E.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt90.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt95.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt97.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt99.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt9E.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttA0.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttA5.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttA7.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttAC.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttB.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttB2.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttC4.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttCD.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttD.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttDF.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttEE.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.ttF.tmp - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt6.tmp.exe - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt2.tmp.vbs - Deleted C:\DOCUME~1\Flo\LOCALS~1\Temp\.tt5.tmp.vbs - Deleted C:\WINDOWS\system32\drivers\svchost.exe - Deleted C:\WINDOWS\system32\drivers\tdssserv.sys - Deleted C:\WINDOWS\system32\tdssadw.dll - Deleted C:\WINDOWS\system32\tdssinit.dll - Deleted C:\WINDOWS\system32\tdssl.dll - Deleted C:\WINDOWS\system32\tdsslog.dll - Deleted C:\WINDOWS\system32\tdssmain.dll - Deleted C:\WINDOWS\system32\tdssservers.dat - Deleted Folder C:\Documents and Settings\Flo\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#w*w.redtube.com - Removed Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-02 15:57:18 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys" scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" "C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe"="C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe:LocalSubNet:Enabled:eConsole" "C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" "C:\\Program Files\\Acer TV-FM\\PowerCinema.exe"="C:\\Program Files\\Acer TV-FM\\PowerCinema.exe:*:Enabled:CyberLink PowerCinema" "C:\\Program Files\\Acer TV-FM\\PCMService.exe"="C:\\Program Files\\Acer TV-FM\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader" "C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe:*:Enabled:Blizzard Downloader" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent" "C:\\WINDOWS\\system32\\drivers\\svchost.exe"="C:\\WINDOWS\\system32\\drivers\\svchost.exe:*:Disabled:svchost" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Wed 6 Aug 2003 24,576 A..H. --- "C:\WINDOWS\system32\KCMDNIns.exe" Mon 15 May 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.dll" Mon 15 May 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.dll" Mon 15 May 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.dll" Mon 15 May 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dll" Mon 15 May 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.dll" Thu 7 Aug 2003 24,576 A..H. --- "C:\WINDOWS\system32\reboot.exe" Mon 30 Aug 2004 44,032 A..H. --- "C:\WINDOWS\system32\rescan.exe" Mon 1 Sep 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Finished!

Yahoo, merci apres mon second redémarage tout est redevenu normal merci bcp tes une as ! si tu etais devant moi jte ferais un gros poutou merci encore .

Bonjour a tous suite a la demande d'Angelique je crée un nouveau post Voila j'ai moi aussi etait infecter par ce malware j'ai suivi les conseils et donc voila je vous soumets mon rapport, merci de m'aider car je commence vraiment a desespéré : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:38:35, on 02/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Windows Live\Contrôle parental\fssui.exe C:\WINDOWS\system32\lphc99kj0ev45.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\drivers\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\HJT\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [imageItEncrypt] C:\WINDOWS\system32\ImageItEncrypt.exe O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun O4 - HKLM\..\Run: [lphc99kj0ev45] C:\WINDOWS\system32\lphc99kj0ev45.exe O4 - HKLM\..\Run: [sMrhcc9kj0ev45] C:\Program Files\rhcc9kj0ev45\rhcc9kj0ev45.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1220053438609 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6444 bytes Merci d'avance de votre aide

Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Windows Live\Contrôle parental\fssui.exe C:\WINDOWS\system32\lphc99kj0ev45.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\drivers\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\Flo\Local Settings\Temporary Internet Files\Content.IE5\M1I5SB1R\HiJackThis[1].exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [imageItEncrypt] C:\WINDOWS\system32\ImageItEncrypt.exe O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun O4 - HKLM\..\Run: [lphc99kj0ev45] C:\WINDOWS\system32\lphc99kj0ev45.exe O4 - HKLM\..\Run: [sMrhcc9kj0ev45] C:\Program Files\rhcc9kj0ev45\rhcc9kj0ev45.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1220053438609 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe voila mon rapport j'ai besoin d'aide vraiment svp merci d'avance.