loubita

bonjour souto bootrec /fixmbr bootrec /fixboot Microsoft est que cette manipulation efface les donnés personnels? Vaio me propose d essayer de les recupere \'mais ce n est pas sur a 100%) puis je peut réinstaller vista , a votre avis je tente quoi en premier? bon j essaye bootrec une fois que je peut entrer dans l ordi je pourrai sauvegarder correctement et afin d etre sur tout reinstaller Super j ai fait fixmdr redemarer et ca a marché j ai pu enfin revoir mon bureau est ce qu il est répare ou je doit reinstaller pour être sur que tout fonctionne? Un grand merci a Ticlou et Souto Bonne journée et Bonnes Fetes

salut dans le boot je trouve pas le dvd quand au dvd il sont numéroter de 1 a 3 , faut il que je les essaye tous? boot external device boot: disabled network: disabled Boot priority select 1st Boot priority internal optical disk drive select 2nd Boot priority internal hard disk drive select 3rd Boot priority external device quand je selectionne 1st Boot priority je ne peut selectionner que internal optical disk drive, internal hard disk drive , external device ou network

bonjour Ticlou J ai 3 dvd que j ai du graver moi meme mais j ai l impression qu il ne les lit pas ,il y a une page bleu au demarage mais elle disparait en 1 sec meme pas le temp de lire la premiere lettre quand je fait restaurer le systeme il m affiche 3 disque le" c " systeme ce qui est normal,mais le" e" recovery et boot "x" que je connait pas

Bonjour Depuis hier impossible de démarrer mon pc portable il ouvre une page pour réparer le démarrage mais il trouve pas le problème ou pour restaurer (fait 2 fois sans succès) l invite de commande s ouvre avec administrateur: x:\windows\système 32 alors que ma partition a la lettre c mon pc portable est un sony vaio vgn ns31m je suis sous windows vista le demarage ne se fait pas non plus en mode sans echec si quelqun veut bien m aider merci

bonjour oui j ai verifie le gestionnaire de périphérique il était normal tous les périphérique fonctionne mais dans la longue liste de contrôleur usb je ne sait pas lesquels corresponde a ces deux port merci bonne journée

bonjour merci pour avoir répondu mon alim? secteur je crois c un pc de bureau pour moi le fait que la clé s allume prouvait que le port fonctionnai parce que sinon je la branche en façade c plus simple et ça marche ce qui me parait bizarre c qu ils sont tous sur la même ligne mais il n y a que les 2 premier qui reconnaisse le matériel que je branche(clé usb imprimante scanner), les 2 autre font le mort, sauf si c un problème matériel!!!! merci bonne journée

Personne ne veut répondre ??? Je me suis peut être tromper merci tout de même

bonjour j ai 6 port usb 4 a l arrière et 2 devant la tour sur les 4 de derrière 2 ne détecte aucun matériel et si je branche dessus ma clé USB elle ne s allume même pas y a t' il un moyen d y remédier Windows XP Professionnel (build 2600) Service Pack 3 Carte mère SMBios version 2.5 ALiveNF7G-HDready Bios: American Megatrends Inc. P1.20 06/20/2007 taille: 512Kb Chipset Northbridge: NVIDIA GeForce 7050 PV Southbridge: NVIDIA nForce 630a Processeur AMD Sempron LE-1100 Sparta Socket AM2 (940) (@65 nm) 1900 Mhz ( L1I: 64 Ko, L1D: 64 Ko, L2: 256 Ko ) Mémoire Mémoire physique totale: 1024 Mo DDR2 Dialog 512 Mo PC2-4300 (266 Mhz) (4.0-4-4-12) DDR2 Dialog 512 Mo PC2-4300 (266 Mhz) (4.0-4-4-12) Carte Graphique nVidia Corporation GeForce 7050 PV / nForce 630a (512 Mo) Péripheriques IDE Maxtor 6E020L0 NAR61590 (ATA, 19.42 Go, tampon: 2 Mo) ST340014AS 8.05 (SATA, 37.25 Go, tampon: 2 Mo)

merci Pear pour ton aide tes explication était tres clair et m'ont bien aider je te souhaite plein de bonheur je t envoi plein de bizzs

bonjour Pear [ Rapport ToolsCleaner version 2.2.3 (par A.Rothstein & dj QUIOU) ] -->- Recherche: C:\WINDOWS\Downloaded Program Files\*.msnfix: trouvé ! C:\WINDOWS\Tasks\*.msnfix: trouvé ! --------------------------------- -->- Suppression: C:\WINDOWS\Downloaded Program Files\*.msnfix: ERREUR DE SUPPRESSION !! C:\WINDOWS\Tasks\*.msnfix: ERREUR DE SUPPRESSION !! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:01:35, on 14/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\MICROS~3\wcescomm.exe D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\MICROS~3\rapimgr.exe D:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe" O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - http://h20264.www2.hp.com/ediags/dd/instal...nosticsxp2k.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...ion_3_0_3_1.cab O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 4262 bytes

nouveau rapport apres desinfection Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1263 Windows 5.1.2600 Service Pack 2 13/10/2008 16:21:35 mbam-log-2008-10-13 (16-21-35).txt Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 78055 Temps écoulé: 22 minute(s), 31 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\wscnntfyy.dat (Trojan.Agent) -> Quarantined and deleted successfully. bonne lecture et merci pour ton aide précieuse

Logfile of random's system information tool 1.04 (written by random/random) Run by CABRAL at 2008-10-13 16:18:45 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 287 MB (6%) free of 5 GB Total RAM: 895 MB (52% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:18:53, on 13/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE D:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MICROS~3\wcescomm.exe D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\MICROS~3\rapimgr.exe D:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\CABRAL\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\CABRAL.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe" O4 - Startup: IcoSauve.lnk = ? O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - http://h20264.www2.hp.com/ediags/dd/instal...nosticsxp2k.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...ion_3_0_3_1.cab O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 5402 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-07-14 2582136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-07-14 2582136] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-20 8429568] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-04-20 81920] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312] "SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "HP Software Update"=D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-03-13 68856] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "H/PC Connection Agent"=C:\PROGRA~1\MICROS~3\wcescomm.exe [2006-06-26 1211176] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Démarrage rapide de HP Photosmart Premier.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe HP Digital Imaging Monitor.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Documents and Settings\CABRAL\Menu Démarrer\Programmes\Démarrage IcoSauve.lnk - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=1 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoStrCmpLogical"=0 "LockTaskbar"=0 "NoResolveTrack"=0 "NoResolveSearch"=0 "NoSMMyPictures"=0 "NoStartMenuMFUprogramsList"=0 "NoUserNameInStartMenu"=0 "MaxRecentDocs"=15 "NoInstrumentation"=0 "MemCheckBoxInRunDlg"=1 "NoSMBalloonTip"=0 "DisallowCpl"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "ForceClassicControlPanel"= "NoSimpleStartMenu"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eff725c7-ef49-11dc-ae0c-00196633fd44}] shell\AutoRun\command - G:\setup.exe ======List of files/folders created in the last 1 months====== 2008-10-13 15:24:42 ----DC---- C:\Documents and Settings\CABRAL\Application Data\Malwarebytes 2008-10-13 15:24:39 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-10-13 15:21:22 ----AC---- C:\JavaRa2.txt 2008-10-13 12:58:58 ----AC---- C:\WINDOWS\system32\javaws.exe 2008-10-13 12:58:58 ----AC---- C:\WINDOWS\system32\javaw.exe 2008-10-13 12:58:58 ----AC---- C:\WINDOWS\system32\java.exe 2008-10-13 10:06:59 ----AC---- C:\cleannavi.txt 2008-10-13 09:51:36 ----AC---- C:\fixnavi.txt 2008-10-13 09:46:43 ----DC---- C:\Program Files\Navilog1 2008-10-13 09:23:42 ----AC---- C:\WINDOWS\SchedLgU.Txt 2008-10-13 09:20:12 ----AC---- C:\WINDOWS\ntbtlog.txt 2008-10-10 09:15:06 ----DC---- C:\WINDOWS\ERUNT 2008-10-10 09:10:14 ----DC---- C:\SDFix 2008-10-09 13:39:39 ----AC---- C:\WINDOWS\system32\muweb.dll 2008-10-09 13:39:39 ----AC---- C:\WINDOWS\system32\mucltui.dll.mui 2008-10-09 13:39:39 ----AC---- C:\WINDOWS\system32\mucltui.dll 2008-10-09 13:39:27 ----HDC---- C:\WINDOWS\$hf_mig$ 2008-10-09 13:37:26 ----DC---- C:\Program Files\msn gaming zone 2008-10-09 13:34:43 ----AC---- C:\WINDOWS\msnfix.txt 2008-10-09 09:08:04 ----DC---- C:\rsit 2008-10-01 14:47:06 ----AC---- C:\HpqDIA.txt 2008-09-24 16:21:31 ----DC---- C:\WINDOWS\system32\CatRoot_bak 2008-09-24 16:13:07 ----DC---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2008-09-22 14:17:49 ----DC---- C:\Documents and Settings\CABRAL\Application Data\vlc 2008-09-22 10:22:22 ----DC---- C:\Documents and Settings\All Users\Application Data\PlayFirst 2008-09-22 09:52:45 ----DC---- C:\Documents and Settings\CABRAL\Application Data\DivX 2008-09-19 14:01:54 ----DC---- C:\Program Files\Fichiers communs\Sandlot Shared ======List of files/folders modified in the last 1 months====== 2008-10-13 16:15:37 ----DC---- C:\WINDOWS\Prefetch 2008-10-13 15:24:40 ----DC---- C:\WINDOWS\system32\drivers 2008-10-13 15:20:52 ----DC---- C:\Program Files\Java 2008-10-13 13:06:37 ----SHDC---- C:\WINDOWS\Installer 2008-10-13 12:59:01 ----HDC---- C:\Config.Msi 2008-10-13 12:58:58 ----DC---- C:\WINDOWS\system32 2008-10-13 10:09:28 ----DC---- C:\WINDOWS 2008-10-13 09:46:43 ----RDC---- C:\Program Files 2008-10-13 09:37:36 ----DC---- C:\Documents and Settings 2008-10-13 09:25:54 ----DC---- C:\WINDOWS\Temp 2008-10-13 09:24:01 ----SHD---- C:\System Volume Information 2008-10-13 09:24:01 ----DC---- C:\WINDOWS\system32\Restore 2008-10-12 15:10:28 ----DC---- C:\WINDOWS\system32\CatRoot 2008-10-12 15:10:27 ----DC---- C:\WINDOWS\system32\CatRoot2 2008-10-12 15:10:15 ----DC---- C:\WINDOWS\inf 2008-10-12 14:57:05 ----DC---- C:\Documents and Settings\All Users\Application Data\Google Updater 2008-10-11 11:56:04 ----SDC---- C:\WINDOWS\Downloaded Program Files 2008-10-10 08:13:37 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-10-09 13:39:36 ----DC---- C:\WINDOWS\Help 2008-10-09 13:35:37 ----SDC---- C:\WINDOWS\Tasks 2008-10-06 11:32:51 ----DC---- C:\WINDOWS\BDOSCAN8 2008-10-02 10:17:00 ----SDC---- C:\Documents and Settings\CABRAL\Application Data\Microsoft 2008-10-01 09:36:14 ----DC---- C:\Documents and Settings\CABRAL\Application Data\Shareaza 2008-09-25 11:42:48 ----DC---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-09-24 16:21:31 ----DC---- C:\WINDOWS\Debug 2008-09-22 10:23:02 ----DC---- C:\Documents and Settings\CABRAL\Application Data\PlayFirst 2008-09-22 09:41:26 ----HDC---- C:\Program Files\InstallShield Installation Information 2008-09-19 14:01:54 ----DC---- C:\Program Files\Fichiers communs 2008-09-18 07:03:27 ----DC---- C:\Documents and Settings\CABRAL\Application Data\Zylom 2008-09-18 07:03:27 ----DC---- C:\Documents and Settings\CABRAL\Application Data\Identities 2008-09-16 14:13:09 ----DC---- C:\Documents and Settings\CABRAL\Application Data\GameHouse ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832] R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [1999-09-10 25244] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-12-13 60800] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-05-16 49664] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-05-16 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-05-16 21568] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-12-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-20 6728032] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-03-06 58752] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-03-06 19968] R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2007-02-16 12032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-04 48128] S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-04 38912] S3 catchme;catchme; \??\C:\DOCUME~1\CABRAL\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [] S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-04 51328] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880] S3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-14 137200] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-20 163908] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [] -----------------EOF-----------------

salut j ai mis a jour java et voici le rapport Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1263 Windows 5.1.2600 Service Pack 2 13/10/2008 16:08:31 mbam-log-2008-10-13 (16-08-20).txt Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 78055 Temps écoulé: 22 minute(s), 31 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\wscnntfyy.dat (Trojan.Agent) -> No action taken.

voici un rapport temp de msn fix [C:\WINDOWS\system32\WinAudit.exe] 216E25940155B1B2AFD8216544931501 [C:\WINDOWS\system32\winchat.exe] 2A99260794224489F29B628717B7947E [C:\WINDOWS\system32\winfxdocobj.exe] 660336AD0305C852122C5EEBBACE9BAF [C:\WINDOWS\system32\winhlp32.exe] 577624F19D0441C9111F2AF26C81E04D [C:\WINDOWS\system32\winlogon.exe] 123EEA158F74D0F67A51DCDF065D1091 [C:\WINDOWS\system32\winmine.exe] EA682C022F7204CC8E8C9EF5DCE29356 [C:\WINDOWS\system32\winmsd.exe] 7EBF8A4B608AFB79C67F4E4A9C5885BB [C:\WINDOWS\system32\winspool.exe] 0B4B94B78123E8035B84105BC024F9F8 [C:\WINDOWS\system32\winver.exe] 9CD9DB5CCEE972A162C31239F16E0925 [C:\WINDOWS\system32\WinAudit.exe] 216E25940155B1B2AFD8216544931501 [C:\WINDOWS\system32\winchat.exe] 2A99260794224489F29B628717B7947E [C:\WINDOWS\system32\winfxdocobj.exe] 660336AD0305C852122C5EEBBACE9BAF [C:\WINDOWS\system32\winhlp32.exe] 577624F19D0441C9111F2AF26C81E04D [C:\WINDOWS\system32\winlogon.exe] 123EEA158F74D0F67A51DCDF065D1091 [C:\WINDOWS\system32\winmine.exe] EA682C022F7204CC8E8C9EF5DCE29356 [C:\WINDOWS\system32\winmsd.exe] 7EBF8A4B608AFB79C67F4E4A9C5885BB [C:\WINDOWS\system32\winspool.exe] 0B4B94B78123E8035B84105BC024F9F8 [C:\WINDOWS\system32\winver.exe] 9CD9DB5CCEE972A162C31239F16E0925

désolée je sais pas ou est le rapport msnfix apres avoir fait navilog il n y a plus de fentre qui s est ouverte

salut voila le rapport 2 navilog Clean Navipromo version 3.6.6 commencé le 13/10/2008 à 10:06:59,40 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "CABRAL" Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** Creation backups fichiers trouvés par Catchme *** Copie vers "C:\Program Files\navilog1\Backupnavi" Copie C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso.dat réalisée avec succès ! Copie C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso.exe réalisée avec succès ! Copie C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso_nav.dat réalisée avec succès ! Copie C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso_navps.dat réalisée avec succès ! *** Suppression des fichiers trouvés avec Catchme *** C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso.dat supprimé ! C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso.exe supprimé ! C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso_nav.dat supprimé ! C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso_navps.dat supprimé ! ** 2ème passage avec résultats Catchme ** * Dans "C:\WINDOWS\system32" * C:\WINDOWS\prefetch\sgoaqso*.pf trouvé ! Copie C:\WINDOWS\prefetch\sgoaqso*.pf réalisée avec succès ! C:\WINDOWS\prefetch\sgoaqso*.pf supprimé ! * Dans "C:\Documents and Settings\CABRAL\locals~1\applic~1" * *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\CABRAL\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\CABRAL\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\CABRAL\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\CABRAL\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Suppression fichiers *** *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\CABRAL\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\CABRAL\locals~1\applic~1" * * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 13/10/2008 à 10:09:25,89 ***

bonjour pear exuse moi du retard mais mon pc ralentit un peu voici le rapport sdfix SDFix: Version 1.234 Run by CABRAL on 13/10/2008 at 09:20 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Restoring Missing Security Center Service Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-13 09:24:23 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program Files\\ma-config.com\\maconfservice.exe"="C:\\Program Files\\ma-config.com\\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" Remaining Files : Files with Hidden Attributes : Fri 11 Apr 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Fri 11 Apr 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Mon 23 Jun 2008 1,881 ...HR --- "C:\Documents and Settings\CABRAL\Application Data\SecuROM\UserData\securom_v7_01.bak" Finished! et le rapport navilog Search Navipromo version 3.6.6 commencé le 13/10/2008 à 9:51:36,26 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "CABRAL" Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\CABRAL\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\CABRAL\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\CABRAL\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Fichier(s) caché(s) : C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso.dat C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso.exe C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso_nav.dat C:\Documents and Settings\CABRAL\Local Settings\Application Data\sgoaqso_navps.dat *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\CABRAL\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\CABRAL\locals~1\applic~1" : * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 13/10/2008 à 9:53:37,12 ***

bonjour, merci de bien vouloir m aider voici en premier le log Logfile of random's system information tool 1.04 (written by random/random) Run by CABRAL at 2008-10-09 09:08:04 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 42 MB (1%) free of 5 GB Total RAM: 895 MB (52% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:08:13, on 09/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe D:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\PROGRA~1\MICROS~3\wcescomm.exe D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\MICROS~3\rapimgr.exe D:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe c:\program files\avira\antivir personaledition classic\avcenter.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\CABRAL\Local Settings\Temporary Internet Files\Content.IE5\O5J9NVKI\RSIT[1].exe C:\Program Files\Trend Micro\HijackThis\CABRAL.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe" O4 - HKCU\..\Run: [ggwkksy] "c:\documents and settings\cabral\local settings\application data\ggwkksy.exe" ggwkksy O4 - Startup: IcoSauve.lnk = ? O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - http://h20264.www2.hp.com/ediags/dd/instal...nosticsxp2k.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...ion_3_0_3_1.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6383 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\startt.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-07-14 2582136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-07-14 2582136] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-20 8429568] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-04-20 81920] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312] "SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784] "HP Software Update"=D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-03-13 68856] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "H/PC Connection Agent"=C:\PROGRA~1\MICROS~3\wcescomm.exe [2006-06-26 1211176] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Démarrage rapide de HP Photosmart Premier.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe HP Digital Imaging Monitor.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Documents and Settings\CABRAL\Menu Démarrer\Programmes\Démarrage IcoSauve.lnk - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=1 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoStrCmpLogical"=0 "LockTaskbar"=0 "NoResolveTrack"=0 "NoResolveSearch"=0 "NoRun"=0 "NoFind"=0 "NoSMMyPictures"=0 "NoStartMenuMFUprogramsList"=0 "NoUserNameInStartMenu"=0 "NoStartMenuMorePrograms"=0 "MaxRecentDocs"=15 "NoInstrumentation"=0 "MemCheckBoxInRunDlg"=1 "NoSMBalloonTip"=0 "DisallowCpl"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "ForceClassicControlPanel"= "NoSimpleStartMenu"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0bd2e90-f3fb-11dc-ae15-00196633fd44}] shell\AutoRun\command - I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe shell\open\command - I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eff725c7-ef49-11dc-ae0c-00196633fd44}] shell\AutoRun\command - G:\setup.exe ======List of files/folders created in the last 1 months====== 2008-10-09 09:08:04 ----DC---- C:\rsit 2008-10-09 09:04:18 ----AC---- C:\WINDOWS\ntbtlog.txt 2008-10-06 11:27:34 ----AC---- C:\WINDOWS\SchedLgU.Txt 2008-10-01 14:47:06 ----AC---- C:\HpqDIA.txt 2008-09-24 16:21:31 ----DC---- C:\WINDOWS\system32\CatRoot_bak 2008-09-24 16:13:07 ----DC---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2008-09-22 14:17:49 ----DC---- C:\Documents and Settings\CABRAL\Application Data\vlc 2008-09-22 10:22:22 ----DC---- C:\Documents and Settings\All Users\Application Data\PlayFirst 2008-09-22 09:52:45 ----DC---- C:\Documents and Settings\CABRAL\Application Data\DivX 2008-09-19 14:01:54 ----DC---- C:\Program Files\Fichiers communs\Sandlot Shared ======List of files/folders modified in the last 1 months====== 2008-10-09 09:05:31 ----DC---- C:\WINDOWS\Temp 2008-10-09 09:04:41 ----DC---- C:\WINDOWS 2008-10-08 13:09:59 ----DC---- C:\WINDOWS\Prefetch 2008-10-08 10:36:51 ----DC---- C:\WINDOWS\system32 2008-10-08 10:32:39 ----DC---- C:\WINDOWS\system32\CatRoot2 2008-10-06 11:32:51 ----DC---- C:\WINDOWS\BDOSCAN8 2008-10-03 09:39:06 ----SHDC---- C:\WINDOWS\Installer 2008-10-03 09:39:06 ----HDC---- C:\Config.Msi 2008-10-02 10:34:34 ----DC---- C:\Documents and Settings\All Users\Application Data\Google Updater 2008-10-02 10:34:19 ----SDC---- C:\WINDOWS\Downloaded Program Files 2008-10-02 10:34:04 ----DC---- C:\WINDOWS\inf 2008-10-02 10:17:00 ----SDC---- C:\Documents and Settings\CABRAL\Application Data\Microsoft 2008-10-02 10:15:50 ----RDC---- C:\Program Files 2008-10-01 09:36:14 ----DC---- C:\Documents and Settings\CABRAL\Application Data\Shareaza 2008-09-25 11:42:48 ----DC---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-09-24 16:25:10 ----DC---- C:\WINDOWS\system32\CatRoot 2008-09-24 16:21:31 ----DC---- C:\WINDOWS\Debug 2008-09-24 16:14:04 ----SDC---- C:\WINDOWS\Tasks 2008-09-22 10:23:02 ----DC---- C:\Documents and Settings\CABRAL\Application Data\PlayFirst 2008-09-22 10:15:17 ----DC---- C:\WINDOWS\system32\drivers 2008-09-22 09:41:26 ----HDC---- C:\Program Files\InstallShield Installation Information 2008-09-19 14:01:54 ----DC---- C:\Program Files\Fichiers communs 2008-09-18 07:03:27 ----DC---- C:\Documents and Settings\CABRAL\Application Data\Zylom 2008-09-18 07:03:27 ----DC---- C:\Documents and Settings\CABRAL\Application Data\Identities 2008-09-16 14:13:09 ----DC---- C:\Documents and Settings\CABRAL\Application Data\GameHouse ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-07-18 75072] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832] R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [1999-09-10 25244] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-12-13 60800] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-05-16 49664] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-05-16 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-05-16 21568] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-12-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-20 6728032] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-03-06 58752] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-03-06 19968] R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2007-02-16 12032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-04 48128] S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-04 38912] S3 catchme;catchme; \??\C:\DOCUME~1\CABRAL\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [] S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-04 51328] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880] S3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-07-18 68865] R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-09-08 149761] R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-14 137200] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-20 163908] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [] -----------------EOF----------------- et voici info txt info.txt logfile of random's system information tool 1.04 2008-10-09 09:08:15 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Adobe Shockwave Player-->MsiExec.exe /X{A7DB362E-16DC-4E29-8A34-E74381E00B5B} Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE CanoScan Toolbox 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{143FB15C-0C48-41E3-9C30-F56FB69BF3D7}\setup.exe" -l0x40c anything CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Client Windows Rights Management avec Service Pack 2-->MsiExec.exe /X{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2} Free Video Converter V 1.2-->"C:\Program Files\Free Video Converter\unins000.exe" Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll" HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall HP Customer Participation Program 7.0-->D:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Imaging Device Functions 7.0-->D:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart and Deskjet 7.0 Software (fra)-->D:\Program Files\HP\Digital Imaging\{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}\setup\hpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot HP Photosmart Premier Software 6.5-->D:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E} HP Solution Center 7.0-->D:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Manual CanoScan LiDE 35-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6AA4C799-BF98-4573-9C83-0C8E4EA46D14}\setup.exe" -l0x40c Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft ActiveSync 4.0-->MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E} Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9} Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall Mindscape Sudokooo-->"D:\Program Files\Uninstall.exe" "D:\Program Files\install.log" -u Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 6.0 Parser (KB927977)-->MsiExec.exe /I{025B7033-5D4A-4B72-A1C2-84BE4BE2F72F} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Security Update for Microsoft .NET Framework 2.0 (KB917283)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Security Update pour Microsoft .NET Framework 2.0 (KB922770)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Serif PagePlus SE 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25BB07FA-D9A0-478E-8A4B-38466A4E8BF2}\Setup.exe" -l0x9 Shop for HP Supplies-->E:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Sokoban 3D-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{26EFCC05-5205-4990-8B8D-2B37E345B586}\setup.exe" -l0x40c -removeonly Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} =====HijackThis Backups===== O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - http://www.gamehouse.com/realarcade-webgam...GamesPlayer.cab O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game08.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O15 - Trusted Zone: http://assistance.club-internet.fr O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O15 - Trusted Zone: http://flashmail.club-internet.fr O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O4 - HKUS\S-1-5-20\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE RÉSEAU') R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com Securitycenter WMI appears to be broken ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0 "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 127 Stepping 1, AuthenticAMD "PROCESSOR_REVISION"=7f01 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "DEVMGR_SHOW_DETAILS"=1 -----------------EOF-----------------

bonjour a tous ,voila depiuis quelque jour j ai des fenetre de pub qui s ouvre quand je fait des recherche sur le net de plus antivir ne se met plus a jour j ai windows xp et internet explorer 7.0 j ai fait des scan antivirus en ligne mais il n a rien trouver voici un rapport HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:48:56, on 08/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe D:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\PROGRA~1\MICROS~3\wcescomm.exe D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\MICROS~3\rapimgr.exe D:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe" O4 - Startup: IcoSauve.lnk = ? O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - http://h20264.www2.hp.com/ediags/dd/instal...nosticsxp2k.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...ion_3_0_3_1.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6098 bytes merci de bien vouloir lir ce post bizz et bon courage

bonjour angelique merci pour ton aide ,tu m a donné de tres bon conseil bravo a toute l equipe zébulon a bientot

Salut voici le nouveau rapport hijackhis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:05:53, on 14/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE E:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\PROGRA~1\MICROS~3\wcescomm.exe E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\MICROS~3\rapimgr.exe E:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\System32\svchost.exe E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\CABRAL\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe" O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU') O4 - Startup: IcoSauve.lnk = ? O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O15 - Trusted Zone: http://assistance.club-internet.fr O15 - Trusted Zone: http://flashmail.club-internet.fr O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - http://www.gamehouse.com/realarcade-webgam...GamesPlayer.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game08.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/in...l/installer.exe O16 - DPF: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} (ConnectivityTester Class) - http://motive.club-internet.fr:2112/lwp/st...aller_4-0-0.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6270 bytes je crois que ca vas déja mieu je n ai pas eu de publicité depuis un moment

et enfin le raport hijackThis: Avira AntiVir Personal Report file date: mercredi 14 mai 2008 10:55 Scanning for 1264038 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: FAMILLECABRAL Version information: BUILD.DAT : 8.1.00.296 16479 Bytes 29/04/2008 10:47:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 13/05/2008 09:29:04 AVSCAN.DLL : 8.1.1.0 53505 Bytes 13/05/2008 09:29:04 LUKE.DLL : 8.1.2.9 151809 Bytes 13/05/2008 09:29:05 LUKERES.DLL : 8.1.2.1 12033 Bytes 13/05/2008 09:29:05 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 09:29:05 ANTIVIR2.VDF : 7.0.4.0 1554432 Bytes 05/05/2008 09:29:05 ANTIVIR3.VDF : 7.0.4.31 163328 Bytes 13/05/2008 13:49:13 Engineversion : 8.1.0.42 AEVDF.DLL : 8.1.0.5 102772 Bytes 13/05/2008 09:29:05 AESCRIPT.DLL : 8.1.0.31 262522 Bytes 13/05/2008 09:29:05 AESCN.DLL : 8.1.0.16 119156 Bytes 13/05/2008 09:29:05 AERDL.DLL : 8.1.0.20 418165 Bytes 13/05/2008 09:29:05 AEPACK.DLL : 8.1.1.4 364918 Bytes 13/05/2008 09:29:05 AEOFFICE.DLL : 8.1.0.18 192890 Bytes 13/05/2008 09:29:05 AEHEUR.DLL : 8.1.0.26 1237366 Bytes 13/05/2008 09:29:05 AEHELP.DLL : 8.1.0.14 115063 Bytes 13/05/2008 09:29:05 AEGEN.DLL : 8.1.0.20 299380 Bytes 13/05/2008 09:29:05 AEEMU.DLL : 8.1.0.6 430451 Bytes 13/05/2008 09:29:05 AECORE.DLL : 8.1.0.28 168310 Bytes 13/05/2008 09:29:05 AVWINLL.DLL : 1.0.0.7 14593 Bytes 13/05/2008 09:29:04 AVPREF.DLL : 8.0.0.1 25857 Bytes 13/05/2008 09:29:04 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24 AVREG.DLL : 8.0.0.0 30977 Bytes 13/05/2008 09:29:04 AVARKT.DLL : 1.0.0.23 307457 Bytes 13/05/2008 09:29:04 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 13/05/2008 09:29:04 SQLITE3.DLL : 3.3.17.1 339968 Bytes 13/05/2008 09:29:05 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 13/05/2008 09:29:05 NETNT.DLL : 8.0.0.1 7937 Bytes 13/05/2008 09:29:05 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 13/05/2008 09:29:02 RCTEXT.DLL : 8.0.32.0 86273 Bytes 13/05/2008 09:29:02 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: mercredi 14 mai 2008 10:55 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'hpqste08.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'hpqimzone.exe' - '1' Module(s) have been scanned Scan process 'rapimgr.exe' - '1' Module(s) have been scanned Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned Scan process 'wcescomm.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 36 processes with 36 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Master boot sector HD2 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Boot sector 'E:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '30' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Program Files\Navilog1\reboot.exe [DETECTION] Contains detection pattern of the SPR/Tool.Reboot.C program [NOTE] The file was moved to '488caaba.qua'! Begin scan in 'D:\' <disk 40 go> Begin scan in 'E:\' <SAUVGARDE> End of the scan: mercredi 14 mai 2008 11:16 Used time: 20:31 min The scan has been done completely. 3766 Scanning directories 109779 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 109778 Files not concerned 6431 Archives were scanned 2 Warnings 1 Notes

et le raport antivir: Avira AntiVir Personal Report file date: mercredi 14 mai 2008 10:55 Scanning for 1264038 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: FAMILLECABRAL Version information: BUILD.DAT : 8.1.00.296 16479 Bytes 29/04/2008 10:47:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 13/05/2008 09:29:04 AVSCAN.DLL : 8.1.1.0 53505 Bytes 13/05/2008 09:29:04 LUKE.DLL : 8.1.2.9 151809 Bytes 13/05/2008 09:29:05 LUKERES.DLL : 8.1.2.1 12033 Bytes 13/05/2008 09:29:05 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 09:29:05 ANTIVIR2.VDF : 7.0.4.0 1554432 Bytes 05/05/2008 09:29:05 ANTIVIR3.VDF : 7.0.4.31 163328 Bytes 13/05/2008 13:49:13 Engineversion : 8.1.0.42 AEVDF.DLL : 8.1.0.5 102772 Bytes 13/05/2008 09:29:05 AESCRIPT.DLL : 8.1.0.31 262522 Bytes 13/05/2008 09:29:05 AESCN.DLL : 8.1.0.16 119156 Bytes 13/05/2008 09:29:05 AERDL.DLL : 8.1.0.20 418165 Bytes 13/05/2008 09:29:05 AEPACK.DLL : 8.1.1.4 364918 Bytes 13/05/2008 09:29:05 AEOFFICE.DLL : 8.1.0.18 192890 Bytes 13/05/2008 09:29:05 AEHEUR.DLL : 8.1.0.26 1237366 Bytes 13/05/2008 09:29:05 AEHELP.DLL : 8.1.0.14 115063 Bytes 13/05/2008 09:29:05 AEGEN.DLL : 8.1.0.20 299380 Bytes 13/05/2008 09:29:05 AEEMU.DLL : 8.1.0.6 430451 Bytes 13/05/2008 09:29:05 AECORE.DLL : 8.1.0.28 168310 Bytes 13/05/2008 09:29:05 AVWINLL.DLL : 1.0.0.7 14593 Bytes 13/05/2008 09:29:04 AVPREF.DLL : 8.0.0.1 25857 Bytes 13/05/2008 09:29:04 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24 AVREG.DLL : 8.0.0.0 30977 Bytes 13/05/2008 09:29:04 AVARKT.DLL : 1.0.0.23 307457 Bytes 13/05/2008 09:29:04 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 13/05/2008 09:29:04 SQLITE3.DLL : 3.3.17.1 339968 Bytes 13/05/2008 09:29:05 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 13/05/2008 09:29:05 NETNT.DLL : 8.0.0.1 7937 Bytes 13/05/2008 09:29:05 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 13/05/2008 09:29:02 RCTEXT.DLL : 8.0.32.0 86273 Bytes 13/05/2008 09:29:02 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: mercredi 14 mai 2008 10:55 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned Scan process 'hpqste08.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'hpqimzone.exe' - '1' Module(s) have been scanned Scan process 'rapimgr.exe' - '1' Module(s) have been scanned Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned Scan process 'wcescomm.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 36 processes with 36 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Master boot sector HD2 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Boot sector 'E:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '30' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Program Files\Navilog1\reboot.exe [DETECTION] Contains detection pattern of the SPR/Tool.Reboot.C program [NOTE] The file was moved to '488caaba.qua'! Begin scan in 'D:\' <disk 40 go> Begin scan in 'E:\' <SAUVGARDE> End of the scan: mercredi 14 mai 2008 11:16 Used time: 20:31 min The scan has been done completely. 3766 Scanning directories 109779 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 109778 Files not concerned 6431 Archives were scanned 2 Warnings 1 Notes

Bonjour Angelique merci pour ton aide je t envoie pour commencer le raport de navilog option2 Clean Navipromo version 3.5.7 commencé le 14/05/2008 à 10:47:06,53 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "CABRAL" Mise à jour le 11.05.2008 à 18h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * C:\WINDOWS\prefetch\vtgjhbtko*.pf trouvé ! Copie C:\WINDOWS\prefetch\vtgjhbtko*.pf réalisée avec succès ! C:\WINDOWS\prefetch\vtgjhbtko*.pf supprimé ! * Suppression dans "C:\Documents and Settings\CABRAL\locals~1\applic~1" * vtgjhbtko.exe trouvé ! Copie vtgjhbtko.exe réalisée avec succès ! vtgjhbtko.exe supprimé ! vtgjhbtko.dat trouvé ! Copie vtgjhbtko.dat réalisée avec succès ! vtgjhbtko.dat supprimé ! vtgjhbtko_nav.dat trouvé ! Copie vtgjhbtko_nav.dat réalisée avec succès ! vtgjhbtko_nav.dat supprimé ! vtgjhbtko_navps.dat trouvé ! Copie vtgjhbtko_navps.dat réalisée avec succès ! vtgjhbtko_navps.dat supprimé ! *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\CABRAL\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\CABRAL\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\CABRAL\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\CABRAL\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\CABRAL\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 14/05/2008 à 10:49:48,15 ***

bonjour, je suis envahi depuis peu de message publicitaire Pouvez vous m aider a m en débarrasser j ai windows xp et navigue avec internet explorer 7 et voici un rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:46:14, on 13/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\CABRAL\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [internet_Explorer.exe] C:\Windows\System32\Internet_Explorer.exe O4 - HKLM\..\Run: [csrss] C:\Arquivos de programas\csrss.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe" O4 - HKCU\..\Run: [vtgjhbtko] c:\documents and settings\cabral\local settings\application data\vtgjhbtko.exe vtgjhbtko O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE RÉSEAU') O4 - Startup: IcoSauve.lnk = ? O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O15 - Trusted Zone: http://assistance.club-internet.fr O15 - Trusted Zone: http://flashmail.club-internet.fr O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - http://www.gamehouse.com/realarcade-webgam...GamesPlayer.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game08.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/in...l/installer.exe O16 - DPF: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} (ConnectivityTester Class) - http://motive.club-internet.fr:2112/lwp/st...aller_4-0-0.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 5423 bytes