ebougre1387

c fait a te lire Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:48:28, on 03/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\PROGRA~1\A-SQUA~1\a2service.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\AntiVir PersonalEdition Classic\avcenter.exe C:\Documents and Settings\Lorenzo\Bureau\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?sourceid=navclient...fr&ie=UTF-8 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O17 - HKLM\System\CCS\Services\Tcpip\..\{5EEB736B-1FAE-473D-8668-57B63EC6ACB5}: NameServer = 86.64.145.140 84.103.237.140 O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 5570 bytes

salut et merci de ton aide j ai toujours le meme probleme ci joint le rapprt Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:37:19, on 03/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\A-SQUA~1\a2service.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\WgaTray.exe C:\Documents and Settings\Lorenzo\Bureau\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?sourceid=navclient...fr&ie=UTF-8 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O17 - HKLM\System\CCS\Services\Tcpip\..\{5EEB736B-1FAE-473D-8668-57B63EC6ACB5}: NameServer = 86.64.145.145 84.103.237.145 O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 5507 bytes

bonjour mon pc s'eteint et se rallume tout seul je vous joins mon rapport merci a tous de votre aide Logfile of HijackThis v1.99.1 Scan saved at 17:05:35, on 12/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton Ghost\Agent\VProTray.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\A-SQUA~1\a2service.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1179575427703 O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O17 - HKLM\System\CCS\Services\Tcpip\..\{5EEB736B-1FAE-473D-8668-57B63EC6ACB5}: NameServer = 84.103.237.141 86.64.145.141 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

exatement comment faire pour se connecter a internet avec un compte limité merci pour vos réponses

bonjour a tous j arrive a me connecter a internet avec mon compte administrateur mais pas mon fiston qui a un compte limité

j ai eu ca aussi comme rapport "catch me" catchme 0.3.914 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-13 09:16:23 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 a bientot

merci gof de ta réponse car je suis vraiment perdu le pare feu du pc est celui de windows ci dessous le contenu du bloc note encore une fois merci de t occuper de moi DiagHelp version v1.1.2 - http://www.malekal.com excute le 13/07/2007 à 9:16:13,68 Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\sptd.sys -->23/05/2007 17:03:16 C:\WINDOWS\System32/drivers\alcxwdm.sys -->25/04/2007 16:20:48 C:\WINDOWS\System32/drivers\WimFltr.sys -->28/03/2007 20:49:42 C:\WINDOWS\System32/drivers\symsnap.sys -->28/03/2007 20:29:12 C:\WINDOWS\System32/drivers\v2imount.sys -->28/03/2007 20:29:10 C:\WINDOWS\System32/drivers\vproeventmonitor.sys -->28/03/2007 20:23:50 C:\WINDOWS\System32/drivers\avipbb.sys -->20/03/2007 09:55:45 C:\WINDOWS\System32\wpa.dbl -->13/07/2007 08:52:22 C:\WINDOWS\System32\nvapps.xml -->13/07/2007 08:51:20 C:\WINDOWS\System32\CONFIG.NT -->12/07/2007 17:00:49 C:\WINDOWS\System32\FNTCACHE.DAT -->27/06/2007 13:44:03 C:\WINDOWS\System32\iklog.log -->27/06/2007 12:01:06 C:\WINDOWS\System32\BASSMOD.dll -->26/06/2007 08:45:23 C:\WINDOWS\System32\PerfStringBackup.INI -->23/06/2007 19:57:12 C:\WINDOWS\System32\perfh00C.dat -->23/06/2007 19:57:12 C:\WINDOWS\System32\perfh009.dat -->23/06/2007 19:57:12 C:\WINDOWS\System32\perfc00C.dat -->23/06/2007 19:57:12 C:\WINDOWS\System32\perfc009.dat -->23/06/2007 19:57:12 C:\WINDOWS\System32\BitCometRes.dll -->23/06/2007 18:58:18 C:\WINDOWS\System32\bdod.bin -->22/06/2007 09:48:28 C:\WINDOWS\System32\bdss.log -->22/06/2007 09:36:29 C:\WINDOWS\System32\pxsfs.dll -->28/05/2007 17:26:04 C:\WINDOWS\System32\pxinsi64.exe -->28/05/2007 17:26:04 C:\WINDOWS\System32\pxinsa64.exe -->28/05/2007 17:26:04 C:\WINDOWS\System32\pxcpyi64.exe -->28/05/2007 17:26:04 C:\WINDOWS\System32\pxcpya64.exe -->28/05/2007 17:26:04 C:\WINDOWS\System32\wodfamoh.dll -->24/05/2007 08:54:40 C:\WINDOWS\System32\DKRNL.JAX -->23/05/2007 17:36:56 C:\WINDOWS\System32\qtplugin.log -->23/05/2007 17:18:44 C:\WINDOWS\System32\jupdate-1.5.0_04-b05.log -->22/05/2007 18:49:52 C:\WINDOWS\System32\spupdwxp.log -->22/05/2007 08:38:09 C:\WINDOWS\System32\TZLog.log -->21/05/2007 20:19:05 C:\WINDOWS.log -->13/07/2007 08:52:16 C:\WINDOWS\bootstat.dat -->13/07/2007 08:50:57 C:\WINDOWS\WindowsUpdate.log -->12/07/2007 23:06:36 C:\WINDOWS\SchedLgU.Txt -->12/07/2007 23:06:36 C:\WINDOWS\NeroDigital.ini -->12/07/2007 17:39:59 C:\WINDOWS\MEMORY.DMP -->11/07/2007 18:32:39 C:\WINDOWS\wiaservc.log -->10/07/2007 18:56:46 C:\WINDOWS\wiadebug.log -->10/07/2007 18:56:46 C:\WINDOWS\Sti_Trace.log -->09/07/2007 16:45:03 C:\WINDOWS\ODBC.INI -->27/06/2007 12:32:52 C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt -->26/06/2007 09:07:01 C:\WINDOWS\win.ini -->28/05/2007 19:52:41 C:\WINDOWS\WMSysPr9.prx -->28/05/2007 17:31:26 C:\WINDOWS\ODBCINST.INI -->28/05/2007 17:27:29 C:\WINDOWS\ULead32.ini -->23/05/2007 18:14:19 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 407C-E1B8 Répertoire de C:\WINDOWS\system32 19/08/2004 16:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 61 457 383 424 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 407C-E1B8 Répertoire de C:\WINDOWS\Downloaded Program Files 08/07/2007 10:33 <REP> . 08/07/2007 10:33 <REP> .. 07/12/2004 17:07 32 bdcore.dll 25/05/2006 01:21 118 784 bdupd.dll 19/05/2007 13:26 65 desktop.ini 25/07/2002 17:13 24 576 dwusplay.dll 25/07/2002 17:13 196 608 dwusplay.exe 26/03/2007 12:46 1 570 hardwaredetection.inf 14/10/2006 00:16 723 hcImpl.inf 23/05/2007 18:26 385 536 Housecall_ActiveX.dll 29/03/2007 20:49 198 312 HPISDataManager.dll 29/03/2007 20:51 3 822 HPISDataManager.inf 25/05/2006 01:21 53 248 ipsupd.dll 25/07/2002 17:05 172 032 isusweb.dll 08/08/2006 11:45 576 kavwebscan.inf 16/03/2005 12:34 7 407 lang.ini 13/04/2007 15:27 367 LegitCheckControl.inf 07/12/2004 17:07 32 libfn.dll 14/03/2005 14:38 126 live.ini 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 01/06/2006 02:57 1 331 oscan8.inf 01/06/2006 02:54 471 040 oscan8.ocx 31/05/2006 04:15 10 oscan81.ocx_x 14/03/2005 14:58 7 073 scanoptions.tsi 27/02/2007 11:57 302 setup.inf 27/03/2007 16:00 5 021 swflash.inf 26/05/2005 04:19 291 wuweb.inf 25 fichier(s) 1 650 046 octets Total des fichiers listés : 25 fichier(s) 1 650 046 octets 2 Rép(s) 61 457 379 328 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client" "C:\\Program Files\\WINSOS\\winsos.exe"="C:\\Program Files\\Winsos\\winsos.exe:*:Enabled:Winsos" "C:\\Program Files\\WINSOS\\anti-spy.exe"="C:\\Program Files\\Winsos\\anti-spy.exe:*:Enabled:anti-spy Winsos" "C:\\Program Files\\WINSOS\\help.exe"="C:\\Program Files\\Winsos\\help.exe:*:Enabled:Winsos Help" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.914 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-13 09:16:23 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 588 - csrss.exe 612 - winlogon.exe 656 - services.exe 668 - lsass.exe 820 - svchost.exe 876 - svchost.exe 940 - svchost.exe 1048 - PhotoshopElemen 1116 - sched.exe 1200 - GoogleUpdaterSe 1356 - avguard.exe 1500 - nvsvc32.exe 1668 - explorer.exe 1700 - alg.exe 1764 - avgnt.exe 1788 - GoogleToolbarNo 3736 - cmd.exe 3888 - iexplore.exe Total number of processes = 19 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntoskrnl.exe 806EC000 - \WINDOWS\system32\hal.dll F7D2E000 - \WINDOWS\system32\KDCOM.DLL F7C3E000 - \WINDOWS\system32\BOOTVID.dll F7725000 - sptd.sys F7D30000 - \WINDOWS\System32\Drivers\WMILIB.SYS F770D000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS F76DE000 - ACPI.sys F76CD000 - pci.sys F782E000 - ohci1394.sys F783E000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F784E000 - isapnp.sys F7DF6000 - PCIIde.sys F7AAE000 - \WINDOWS\System32\Drivers\PCIIDEX.SYS F7D32000 - intelide.sys F785E000 - MountMgr.sys F76AE000 - ftdisk.sys F7D34000 - dmload.sys F7688000 - dmio.sys F7AB6000 - PartMgr.sys F786E000 - VolSnap.sys F7670000 - atapi.sys F787E000 - disk.sys F788E000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7650000 - fltmgr.sys F763E000 - sr.sys F789E000 - PxHelp20.sys F7627000 - KSecDD.sys F759A000 - Ntfs.sys F756D000 - NDIS.sys F7552000 - Mup.sys F78AE000 - agp440.sys F78DE000 - \SystemRoot\system32\DRIVERS\nic1394.sys F7A3E000 - \SystemRoot\system32\DRIVERS\intelppm.sys F693C000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys F6928000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F7B4E000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F6905000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F7B56000 - \SystemRoot\system32\DRIVERS\usbehci.sys F67CF000 - \SystemRoot\system32\DRIVERS\AGRSM.sys F7B5E000 - \SystemRoot\System32\Drivers\Modem.SYS F7B66000 - \SystemRoot\system32\DRIVERS\RTL8139.SYS F7B6E000 - \SystemRoot\system32\DRIVERS\fdc.sys F67BE000 - \SystemRoot\system32\DRIVERS\serial.sys F7D0A000 - \SystemRoot\system32\DRIVERS\serenum.sys F67AA000 - \SystemRoot\system32\DRIVERS\parport.sys F7A4E000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F7B76000 - \SystemRoot\system32\DRIVERS\mouclass.sys F7B7E000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F7A5E000 - \SystemRoot\system32\DRIVERS\cdrom.sys F7A6E000 - \SystemRoot\system32\DRIVERS\redbook.sys F6787000 - \SystemRoot\system32\DRIVERS\ks.sys F7A7E000 - \SystemRoot\system32\DRIVERS\imapi.sys F63AF000 - \SystemRoot\system32\drivers\ALCXWDM.SYS F638B000 - \SystemRoot\system32\drivers\portcls.sys F7A8E000 - \SystemRoot\system32\drivers\drmk.sys F6325000 - \SystemRoot\System32\Drivers\a1i297ea.SYS F7F36000 - \SystemRoot\system32\DRIVERS\audstub.sys F7A9E000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F7516000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F62EA000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F78EE000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F6D93000 - \SystemRoot\system32\DRIVERS\raspptp.sys F7BDE000 - \SystemRoot\system32\DRIVERS\TDI.SYS F62B1000 - \SystemRoot\system32\DRIVERS\psched.sys F6D83000 - \SystemRoot\system32\DRIVERS\msgpc.sys F7BE6000 - \SystemRoot\system32\DRIVERS\ptilink.sys F7BEE000 - \SystemRoot\system32\DRIVERS\raspti.sys F6280000 - \SystemRoot\system32\DRIVERS\rdpdr.sys F6D73000 - \SystemRoot\system32\DRIVERS\termdd.sys F7D3E000 - \SystemRoot\system32\DRIVERS\swenum.sys F624C000 - \SystemRoot\system32\DRIVERS\update.sys F74FA000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F6D63000 - \SystemRoot\System32\Drivers\NDProxy.SYS F6D53000 - \SystemRoot\system32\DRIVERS\usbhub.sys F7D40000 - \SystemRoot\system32\DRIVERS\USBD.SYS F7BFE000 - \SystemRoot\system32\DRIVERS\flpydisk.sys F7D42000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7F1B000 - \SystemRoot\System32\Drivers\Null.SYS F7D44000 - \SystemRoot\System32\Drivers\Beep.SYS F7C0E000 - \SystemRoot\System32\drivers\vga.sys F7D46000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7D48000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F7C16000 - \SystemRoot\System32\Drivers\Msfs.SYS F7C1E000 - \SystemRoot\System32\Drivers\Npfs.SYS F7D26000 - \SystemRoot\system32\DRIVERS\rasacd.sys F50C9000 - \SystemRoot\system32\DRIVERS\ipsec.sys F5071000 - \SystemRoot\system32\DRIVERS\tcpip.sys F5049000 - \SystemRoot\system32\DRIVERS\netbt.sys F5027000 - \SystemRoot\System32\drivers\afd.sys F6D33000 - \SystemRoot\system32\DRIVERS\netbios.sys F7C26000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys F4FFC000 - \SystemRoot\system32\DRIVERS\rdbss.sys F4F8D000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys F6D23000 - \SystemRoot\System32\Drivers\Fips.SYS F4F6C000 - \SystemRoot\system32\DRIVERS\ipnat.sys F6D13000 - \SystemRoot\system32\DRIVERS\wanarp.sys F6D03000 - \SystemRoot\system32\DRIVERS\arp1394.sys F78FE000 - \SystemRoot\system32\DRIVERS\avipbb.sys F7D4A000 - \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys F791E000 - \SystemRoot\System32\Drivers\Cdfs.SYS F4E8C000 - \SystemRoot\System32\Drivers\dump_atapi.sys F7D4C000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F62C6000 - \SystemRoot\System32\drivers\Dxapi.sys F7C36000 - \SystemRoot\System32\watchdog.sys BF000000 - \SystemRoot\System32\drivers\dxg.sys F7F68000 - \SystemRoot\System32\drivers\dxgthk.sys BF012000 - \SystemRoot\System32\nv4_disp.dll F7AD6000 - \SystemRoot\System32\Drivers\usbdtv.sys BA5F4000 - \SystemRoot\System32\Drivers\BdaSup.SYS BA508000 - \SystemRoot\system32\DRIVERS\ndisuio.sys B9A7D000 - \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys B9A00000 - \SystemRoot\system32\DRIVERS\mrxdav.sys B99C3000 - \SystemRoot\system32\drivers\wdmaud.sys BA408000 - \SystemRoot\system32\drivers\sysaudio.sys F7D58000 - \SystemRoot\System32\Drivers\ParVdm.SYS B9629000 - \SystemRoot\system32\DRIVERS\srv.sys B7FF9000 - \SystemRoot\system32\drivers\kmixer.sys F7F82000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 120 Liste des programmes installes a-squared Free 2.1 Abrosoft FantaMorph 3.7 Ad-Aware SE Personal Adobe Flash Player 9 ActiveX Adobe Help Center 2.0 Adobe Photoshop Elements 4.0 Adobe Photoshop Elements 4.0 Adobe Reader 8.1.0 - Français Agere Systems PCI Soft Modem Archiveur WinRAR Audacity 1.2.6 Avira AntiVir PersonalEdition Classic BitComet 0.89 CCleaner (remove only) CDBurnerXP Pro 3 Correctif Windows XP - KB885835 eMule Google Toolbar for Internet Explorer Google Toolbar for Internet Explorer Guitar Pro 5.0 HijackThis 1.99.1 J2SE Runtime Environment 5.0 Update 4 Kaspersky Online Scanner Kit de connexion ADSL Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Office PowerPoint Viewer 2003 Microsoft Office XP Professional avec FrontPage Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB923789) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB931836) Nero Lite 7.8.5.0 NVIDIA Drivers Outil de mise à jour Google Picasa 2 QuickTime Realtek AC'97 Audio RootKit Hook Analyzer 3.00 Savvy TV SmartSound Quicktracks Plugin SmartSound Quicktracks Plugin Spybot - Search & Destroy 1.4 Ulead VideoStudio 9.0 VideoLAN VLC media player 0.8.6b WebFldrs XP Windows Media Encoder 9 Series Windows Media Encoder 9 Series Windows Media Format Runtime Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 407C-E1B8 Répertoire de C:\Program Files 12/07/2007 17:01 <REP> . 12/07/2007 17:01 <REP> .. 24/05/2007 08:54 <REP> Abrosoft 26/05/2007 20:17 <REP> Adobe 19/05/2007 18:36 <REP> Alwil Software 11/07/2007 16:41 <REP> AntiVir PersonalEdition Classic 11/07/2007 16:42 <REP> a-squared Free 22/06/2007 18:48 <REP> Audacity 23/06/2007 18:58 <REP> BitComet 08/07/2007 11:19 <REP> CCleaner 22/05/2007 09:40 <REP> CDBurnerXP Pro 3 19/05/2007 13:24 <REP> ComPlus Applications 23/05/2007 17:05 <REP> DAEMON Tools 07/07/2007 19:23 <REP> eMule 27/06/2007 12:32 <REP> Fichiers communs 19/05/2007 18:57 <REP> Google 25/05/2007 16:34 <REP> Guitar Pro 5 12/07/2007 17:05 <REP> hijackthis 10/07/2007 19:17 212 849 hijackthis.zip 22/05/2007 20:02 <REP> Internet Explorer 22/05/2007 18:49 <REP> Java 19/05/2007 13:41 <REP> Kit ADSL 24/05/2007 09:08 <REP> Lavalys 25/05/2007 09:24 <REP> Lavasoft 22/05/2007 16:37 <REP> messenger 19/05/2007 13:27 <REP> microsoft frontpage 15/06/2007 14:57 <REP> Microsoft Office 21/05/2007 19:48 <REP> movie maker 29/05/2007 16:31 <REP> MSN 19/05/2007 13:27 <REP> msn gaming zone 22/05/2007 10:18 <REP> Nero 21/05/2007 19:44 <REP> NetMeeting 12/07/2007 17:04 <REP> Norton Ghost 21/05/2007 20:09 <REP> Outlook Express 11/07/2007 16:42 <REP> Picasa2 23/05/2007 17:19 <REP> QuickTime 19/05/2007 14:17 <REP> Realtek AC97 08/07/2007 12:06 <REP> RootKit Hook Analyzer 19/05/2007 18:52 <REP> Savvy TV 19/05/2007 13:26 <REP> Services en ligne 23/05/2007 17:20 <REP> SmartSound Software 01/06/2007 11:23 <REP> Spybot - Search & Destroy 26/06/2007 08:48 <REP> TuneUp Utilities 2007 23/05/2007 18:15 <REP> Ulead Systems 22/05/2007 09:31 <REP> VideoLAN 23/05/2007 17:18 <REP> Windows Media Components 28/05/2007 17:31 <REP> Windows Media Player 21/05/2007 19:44 <REP> Windows NT 21/05/2007 19:00 <REP> WinRAR 19/05/2007 13:27 <REP> xerox 1 fichier(s) 212 849 octets 49 Rép(s) 61 457 350 656 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 407C-E1B8 Répertoire de C:\Program Files\fichiers communs 27/06/2007 12:32 <REP> . 27/06/2007 12:32 <REP> .. 28/05/2007 17:36 <REP> Adobe 22/05/2007 10:18 <REP> Ahead 27/06/2007 12:32 <REP> Designer 23/05/2007 17:20 <REP> InstallShield 22/05/2007 18:48 <REP> Java 27/06/2007 12:32 <REP> Microsoft Shared 19/05/2007 13:25 <REP> MSSoap 19/05/2007 15:19 <REP> ODBC 27/06/2007 12:01 <REP> Sage 19/05/2007 13:25 <REP> Services 19/05/2007 19:03 <REP> Softwin 23/05/2007 17:26 <REP> SONY Digital Images 19/05/2007 15:19 <REP> SpeechEngines 12/07/2007 17:01 <REP> Symantec Shared 25/05/2007 16:56 <REP> System 23/05/2007 17:26 <REP> Ulead Systems 0 fichier(s) 0 octets 18 Rép(s) 61 457 350 656 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 407C-E1B8 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 27/06/2007 12:32 <REP> . 27/06/2007 12:32 <REP> .. 27/06/2007 12:32 <REP> 1033 27/06/2007 12:32 <REP> 1036 15/02/2001 07:45 1 318 912 MSONSEXT.DLL 13/02/2001 10:23 58 784 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 06/08/2000 12:04 401 462 MSVCP60.DLL 22/01/2001 05:25 69 632 PKMAXCTL.DLL 22/01/2001 05:25 872 448 PKMCDO.DLL 22/01/2001 05:25 159 744 PKMCORE.DLL 07/02/2001 11:59 106 496 PKMFORMS.DLL 12/02/2001 06:03 684 032 PKMRES.DLL 22/01/2001 05:25 28 672 PKMSSTLB.DLL 22/01/2001 05:25 40 960 PKMTEMPL.DLL 22/01/2001 05:25 24 576 PKMTRACE.DLL 22/01/2001 05:25 86 016 PKMWS.DLL 22/01/2001 05:25 237 568 PROMDEMO.DLL 22/01/2001 05:25 184 320 SECMGR.DLL 22/01/2001 05:25 323 584 VAIDDMGR.DLL 22/01/2001 05:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 61 457 350 656 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 407C-E1B8 Répertoire de C:\ 12/05/2007 18:22 68 096 diff.exe 12/05/2007 18:22 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 61 457 350 656 octets libres c:\Documents and Settings\Administrateur\.housecall6.6\getMac.exe c:\Documents and Settings\Administrateur\.housecall6.6\patch.exe c:\Documents and Settings\Administrateur\.housecall6.6\tsc.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\find2.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\Administrateur\Local Settings\Application Data\Symantec_Corporation\VProConsole.exe_Url_lpdc2k50jgmq1bxprss5e1wfkmvu5yvj c:\Documents and Settings\Administrateur\Mes documents5 Mes Jeux 16 R4DS ROM Trimmer.exe c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll c:\Documents and Settings\All Users\Application Data\Ciel\Données Communes\pdf.dll ****** Fin du rapport DiagHelp j ai supprimez avast pour ne garder que antivir

bonjour a toi j ai fais ce que tu ma s dit je suis resté sur le meme sujet tu peux verifier....... mais personne ne m aide alors que je suis vraiment ds ma m.... heu je veux dire la panade

non je voulais dire un reponse

salut a tous je suis un nouveau et j aimerais savoir comment faire pour voir si l on a un nouveau message merci pour les réponses

bonjour et merci de ton aide Phengizy ci dessous mon rapport complet ogfile of HijackThis v1.99.1 Scan saved at 17:05:35, on 12/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton Ghost\Agent\VProTray.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\A-SQUA~1\a2service.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1179575427703 O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O17 - HKLM\System\CCS\Services\Tcpip\..\{5EEB736B-1FAE-473D-8668-57B63EC6ACB5}: NameServer = 84.103.237.141 86.64.145.141 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

bonjour a tous j ai de gros problemes grosses difficultes pour l allumer extinctions intenpestives merci de me dire quoi fair Logfile of HijackThis v1.99.1 Scan saved at 16:38:10, on 11/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [Norton Ghost 12.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1179575427703 O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://www.touslesdrivers.com/fichiers/har...on.cab?version= O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

bonjour a tous j ai de graves problemes merci de m aider allumage de l'ordi au bout de 6 fois ventilateur qui se met en marche arret du pc au bout de 10 mn voici mon rapport Logfile of HijackThis v1.99.1 Scan saved at 19:19:58, on 10/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\PROGRA~1\A-SQUA~1\a2service.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton Ghost\Agent\VProTray.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\drwtsn32.exe C:\WINDOWS\system32\drwtsn32.exe C:\WINDOWS\system32\drwtsn32.exe C:\WINDOWS\system32\drwtsn32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\hijackthis\HijackThis.exe