DouDou5

merci bien pour l'info

trop tu m'a aider stoneangel..............;$ enfin bref..en fait c bitcomet qui fait saturer le modem aller bye et encore merci et longue vie au forum

c cool merci a tous bon pendant que j'y suis la j'ai un probleme de deconnexion en fait c bizzare tous ce passe bien meme avec la mule ...... mais des que j'ouvre un client bittorrent ...au bout de 30s-2min mon modem sagem fast 800 se deconnecte et obliger de rebooter sur le port usb (debrancher et rebrancher le port) je vois quand meme temps mon svchost ouvre le port 123 udp (ntp)??????????????? et ce n'est pas une saturation de BP je fixe a 40ko/s sur 60ko/s donc si vous avez un avis

bon ca y'est le menage est fait je vous post les log Logfile of HijackThis v1.99.1 Scan saved at 12:17:11, on 06/05/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\PFShared\UmxCfg.exe C:\Program Files\Tiny Firewall Pro\UmxFwHlp.exe C:\Program Files\Fichiers communs\PFShared\UmxPol.exe C:\Program Files\Tiny Firewall Pro\UmxAgent.exe C:\Program Files\Tiny Firewall Pro\UmxTray.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\PFShared\umxlu.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Desktop Sidebar\dsidebar.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Slim 3000\ICON.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe K:\programmes\eChanblard\emule.exe C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe C:\WINDOWS\explorer.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Tiny Firewall Pro\amon.exe C:\WINDOWS\system32\notepad.exe K:\applz\m@lw@rez\hijackthis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://by102fd.bay102.hotmail.msn.com/cgi-...38633c465ed2490 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.cegetel.net/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [AMonitor] C:\Program Files\Tiny Firewall Pro\amon.exe O4 - HKCU\..\Run: [sIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe" O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Slim 3000 Monitor.lnk = ? O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1115228650459 O17 - HKLM\System\CCS\Services\Tcpip\..\{DB03850E-9FEF-4892-A8B8-535F8252E4EE}: NameServer = 217.19.192.132 217.19.192.131 O20 - AppInit_DLLs: UmxSbxExw.dll,wbsys.dll O20 - Winlogon Notify: PFW - C:\WINDOWS\SYSTEM32\UmxWnp.Dll O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe O23 - Service: FW Event Manager (UmxAgent) - Tiny Software, Inc. - C:\Program Files\Tiny Firewall Pro\UmxAgent.exe O23 - Service: FW Configuration Interpreter (UmxCfg) - Tiny Software, Inc. - C:\Program Files\Fichiers communs\PFShared\UmxCfg.exe O23 - Service: FW User-Mode Helper (UmxFwHlp) - Tiny Software, Inc. - C:\Program Files\Tiny Firewall Pro\UmxFwHlp.exe O23 - Service: FW Live Update (UmxLU) - Tiny Software, Inc. - C:\Program Files\Fichiers communs\PFShared\umxlu.exe O23 - Service: FW Policy Manager (UmxPol) - Tiny Software Inc. - C:\Program Files\Fichiers communs\PFShared\UmxPol.exe ------------------------------------- --------------------------------------------------------- ewido security suite - Rapport de connection --------------------------------------------------------- + Créé le: 14:13:15, 06/05/2005 + Somme de contrôle: 570D37D0 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING TCP 0.0.0.0:1110 0.0.0.0:0 LISTENING TCP 0.0.0.0:1125 0.0.0.0:0 LISTENING TCP 0.0.0.0:3700 0.0.0.0:0 LISTENING TCP 0.0.0.0:4841 0.0.0.0:0 LISTENING TCP 127.0.0.1:4664 0.0.0.0:0 LISTENING TCP 127.0.0.1:4840 0.0.0.0:0 LISTENING TCP 127.0.0.1:4840 127.0.0.1:4841 ESTABLISHED TCP 127.0.0.1:4841 127.0.0.1:4840 ESTABLISHED UDP 0.0.0.0:445 UDP 0.0.0.0:500 UDP 0.0.0.0:1038 UDP 0.0.0.0:1039 UDP 0.0.0.0:1247 UDP 0.0.0.0:2476 UDP 80.125.239.63:123 UDP 127.0.0.1:123 --------------------------- j'ai aussi c sortie suspecte ds mon log de firewall je pense pas que ce soit trop grave puisque c le proto ICMP mais bon votre avis serait le bienvenue Count:1 Module:Firewall Action:Prevented Application:System Access:Outbound ICMP access Object:Ping Request ( -> 200.232.143.79 Interface:[8] USB ADSL WAN Adapter Time:06/05/2005 12:14:27 ------------------------------- Count:1 Module:Firewall Action:Prevented Application:System Access:Outbound ICMP access Object:Ping Request ( -> 84.5.61.250 (84-5-61-250.dti.cegetel.net) Interface:[8] USB ADSL WAN Adapter Time:06/05/2005 12:20:51 ---------------------------------- voila bye et merci

bon ok je vais fair ca ouai j'ai une pocket (daub!) slim 3000 lol

je crois que ca a changer depuis tt a l'heure j'ai mon firewall qui part en c*****e des le demarrage je doit avoir un vers qui me fout en l'air mes programme ds mon log j'ai le process KAV qui ecrit des fichier ainsi que tiny qui cree des xml svchost mes cree des cle lol la c trop voila mon log hijak Logfile of HijackThis v1.99.1 Scan saved at 21:25:34, on 03/05/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe C:\Program Files\D-Tools\daemon.exe C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe C:\Program Files\Desktop Sidebar\dsidebar.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Slim 3000\ICON.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\5yN\Bureau\hijackthis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetel.net/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\RunOnce: [WinSideBySideSetupCleanup 779149] rundll32 sxs.dll,SxspRunDllDeleteDirectory C:\WINDOWS\WinSxS\InstallTemp\779149 O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [sIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe" O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [AMonitor] C:\Program Files\Tiny Firewall Pro\amon.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Tiny Firewall Pro\Quarantine\LDMConf.exe O4 - Global Startup: Slim 3000 Monitor.lnk = ? O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {42E1F024-ECC3-456F-B98A-4CE5ACDBF25C} (ActiveFormX Contrôle) - https://ssl-tb.sitadelle.com/selfcare.ceget...FAutoConfig.ocx O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1114816602312 O17 - HKLM\System\CCS\Services\Tcpip\..\{FCDEF5BF-CEBA-4FD6-B537-C88A34A51578}: NameServer = 217.19.192.132 217.19.192.131 O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe

salut a vous tous voila je commence a me mettre un peu a la secu sur pc (vu les attaque qu'il y a maintenant) et j'aimerais a voir vos avis d'expert sur mon log hijak! merci et super forum!!