asenkaj

Bpnjour, Help Persone ne sait m'aider!!! Merci d'avance :P

Bonjour, Je suis en raid 0 depuis plus de 20 mois et depuis 4 jours un de mes disques en raid 0 indique, à l'ouverture du PC:error occured. Windows se lance et j'ai accès à tous mes programme(apparemment). A l'ouverture et pour charger ma session, le PC va plus lentement. Je n'arrive pas à réparer et je ne comprends pas bien pourquoi mon PC fonctionne toujours avec un disque qui semble avoir un problème. Merci de bien vouloir m'éclairer et m'aider. A+ Configuration: Windows XP Firefox 3.0.6 hdd, 2x WestD 250Go en raid 0, 1 WD 500Go pour fichiers Core 2duo6600 carte M:P5B-E-PLUS 2go ram</code>

re bonjour, voici le scan avec DiagHelp version v1.2 - http://www.malekal.com excute le lun. 03/09/2007 à 9:23:34,64 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\WSCNTFY.EXE-1B24F5EB.pf -->3/09/2007 9:20:37 C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->3/09/2007 9:17:45 C:\WINDOWS\prefetch\WMIPRVSE.EXE-28F301A9.pf -->3/09/2007 9:08:51 C:\WINDOWS\prefetch\HIJACKTHIS_V2.EXE-05F9BF4A.pf -->3/09/2007 9:08:50 C:\WINDOWS\prefetch\POWERARC.EXE-37FF1F0A.pf -->3/09/2007 9:00:44 C:\WINDOWS\prefetch\UD275QEN.EXE-05C1B4C7.pf -->3/09/2007 9:00:10 C:\WINDOWS\prefetch\HH.EXE-2D1A70B3.pf -->3/09/2007 8:51:47 C:\WINDOWS\prefetch\RUNDLL32.EXE-1EE0753D.pf -->3/09/2007 8:41:00 C:\WINDOWS\prefetch\RUNDLL32.EXE-268BFF96.pf -->3/09/2007 8:40:07 C:\WINDOWS\prefetch\MSNTBUP.EXE-0D913FB9.pf -->3/09/2007 8:40:00 C:\WINDOWS\System32\drivers\aswmon.sys -->28/07/2007 0:02:49 C:\WINDOWS\System32\drivers\aswmon2.sys -->28/07/2007 0:02:34 C:\WINDOWS\System32\drivers\aswRdr.sys -->28/07/2007 0:00:39 C:\WINDOWS\System32\drivers\aswTdi.sys -->27/07/2007 23:59:57 C:\WINDOWS\System32\drivers\aavmker4.sys -->27/07/2007 23:58:36 C:\WINDOWS\System32\drivers\L8042Kbd.sys -->23/01/2007 15:44:00 C:\WINDOWS\System32\drivers\yk51x86.sys -->22/08/2006 4:57:00 C:\WINDOWS\System32\nvapps.xml -->3/09/2007 8:38:57 C:\WINDOWS\System32\CONFIG.NT -->2/09/2007 8:54:53 C:\WINDOWS\System32\wpa.dbl -->2/09/2007 7:57:04 C:\WINDOWS\System32\uD275qen.exe -->1/09/2007 17:37:44 C:\WINDOWS\System32\dn44b0b826.dat -->10/08/2007 16:07:29 C:\WINDOWS\System32\MSCsys.dns -->10/08/2007 16:06:47 C:\WINDOWS\System32\tmp2F.tmp.dll -->6/08/2007 13:35:12 C:\WINDOWS\System32\tmp27.tmp.dll -->6/08/2007 12:51:06 C:\WINDOWS\System32\iklog.log -->6/08/2007 9:50:45 C:\WINDOWS\System32\tmp12A.tmp.dll -->6/08/2007 9:35:01 C:\WINDOWS\System32\datestamp.dll -->6/08/2007 8:45:16 C:\WINDOWS\System32\tmp3.tmp.dll -->5/08/2007 8:13:25 C:\WINDOWS\System32\aswBoot.exe -->28/07/2007 0:07:21 C:\WINDOWS\System32\AvastSS.scr -->27/07/2007 23:57:49 C:\WINDOWS\System32\jupdate-1.6.0_02-b06.log -->21/07/2007 9:36:52 C:\WINDOWS\System32\javaws.exe -->12/07/2007 2:22:38 C:\WINDOWS\System32\javacpl.cpl -->12/07/2007 2:22:36 C:\WINDOWS\System32\javaw.exe -->12/07/2007 1:22:04 C:\WINDOWS\System32\java.exe -->12/07/2007 1:22:00 C:\WINDOWS\System32\FNTCACHE.DAT -->2/07/2007 17:25:36 C:\WINDOWS\System32\perfh00C.dat -->1/07/2007 22:38:46 C:\WINDOWS\System32\perfh009.dat -->1/07/2007 22:38:46 C:\WINDOWS\System32\perfc00C.dat -->1/07/2007 22:38:46 C:\WINDOWS\System32\perfc009.dat -->1/07/2007 22:38:46 C:\WINDOWS\System32\winsock.dll -->1/07/2007 22:30:47 C:\WINDOWS\WindowsUpdate.log -->3/09/2007 8:38:55 C:\WINDOWS.log -->3/09/2007 8:21:35 C:\WINDOWS\wiaservc.log -->3/09/2007 8:20:48 C:\WINDOWS\wiadebug.log -->3/09/2007 8:20:48 C:\WINDOWS\bootstat.dat -->3/09/2007 8:20:35 C:\WINDOWS\setupapi.log -->3/09/2007 7:37:18 C:\WINDOWS\SchedLgU.Txt -->2/09/2007 23:01:07 C:\WINDOWS\msettings.ini -->2/09/2007 11:39:34 C:\WINDOWS\NeroDigital.ini -->28/08/2007 9:09:00 C:\WINDOWS\wmsetup.log -->25/08/2007 14:08:07 C:\WINDOWS\wmsetup10.log -->15/08/2007 20:32:19 C:\WINDOWS\mozver.dat -->15/08/2007 10:43:22 C:\WINDOWS\win.ini -->15/08/2007 10:43:21 C:\WINDOWS\GREUninstall.exe -->15/08/2007 10:43:19 C:\WINDOWS\wininit.ini -->10/08/2007 8:43:18 MD5 des fichiers sensibles tcpip.sys 9f4b36614a0fc234525ba224957de55c ndis.sys 558635d3af1c7546d26067d5d9b6959e null.sys 73c1e1f395918bc2c6dd67af7591a3ad svchost.exe 1bd6c2f707a275cb7c16fd99fe0f31ca Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 44B0-B826 Répertoire de C:\WINDOWS\temp 01/09/2007 17:37 26.176 svcipa.exe 1 fichier(s) 26.176 octets 0 Rép(s) 245.863.362.560 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 44B0-B826 Répertoire de C:\WINDOWS\system32 04/08/2004 06:54 6.144 csrss.exe 1 fichier(s) 6.144 octets 0 Rép(s) 245.863.358.464 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 44B0-B826 Répertoire de C:\WINDOWS\Downloaded Program Files 05/08/2007 10:33 <REP> . 05/08/2007 10:33 <REP> .. 30/03/2007 12:27 65 desktop.ini 23/03/2007 12:17 1.292 erma.inf 29/09/2004 19:04 45.208 SymDlBrg.dll 29/09/2004 18:44 303 SymDlBrg.inf 4 fichier(s) 46.868 octets Total des fichiers listés : 4 fichier(s) 46.868 octets 2 Rép(s) 245.863.358.464 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Documents and Settings\\jacques\\Application Data\\U3\001568D960981B\DE4F643-C398-46ec-9339-2362F2311932\\Exec\\Skype.exe"="C:\\Documents and Settings\\jacques\\Application Data\\U3\001568D960981B\DE4F643-C398-46ec-9339-2362F2311932\\Exec\\Skype.exe:*:Enabled:Skype" "E:\\UT2004\\System\\UT2004.exe"="E:\\UT2004\\System\\UT2004.exe:*:Enabled:UT2004" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\\Documents and Settings\\jacques\\Local Settings\\Temp\\6004.exe"="C:\\Documents and Settings\\jacques\\Local Settings\\Temp\\6004.exe:*:Enabled:6004" "C:\\Documents and Settings\\jacques\\Application Data\\tmp1.tmp.exe"="C:\\Documents and Settings\\jacques\\Appli" "C:\\Program Files\\RssBandit\\RSSBandit.exe"="C:\\Program Files\\RssBandit\\RSSBandit.exe:*:Enabled:RSS Bandit" "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-03 09:23:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 152 - ashMaiSv.exe 164 - apdproxy.exe 224 - svchost.exe 544 - smax4pnp.exe 628 - PASTARTER.EXE 700 - csrss.exe 724 - winlogon.exe 768 - services.exe 780 - lsass.exe 848 - SMax4.exe 960 - svchost.exe 976 - ashWebSv.exe 1028 - svchost.exe 1124 - svchost.exe 1152 - jusched.exe 1176 - VersionCueTray. 1184 - opwareSE2.exe 1220 - explorer.exe 1248 - svchost.exe 1272 - alg.exe 1320 - svchost.exe 1380 - aswUpdSv.exe 1428 - ashServ.exe 1524 - ctfmon.exe 1640 - GameFace.exe 1708 - SetPoint.exe 1720 - spoolsv.exe 1816 - ashDisp.exe 1892 - ATKKBService.ex 1944 - MDM.EXE 1980 - nvsvc32.exe 1996 - acrotray.exe 2180 - KHALMNPR.exe 2588 - cmd.exe 3152 - firefox.exe Total number of processes = 36 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E2000 - \WINDOWS\system32\hal.dll BADA8000 - \WINDOWS\system32\KDCOM.DLL BACB8000 - \WINDOWS\system32\BOOTVID.dll BA778000 - ACPI.sys BADAA000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS BA767000 - pci.sys BA8A8000 - isapnp.sys BA8B8000 - ohci1394.sys BA8C8000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS BA8D8000 - MountMgr.sys BA748000 - ftdisk.sys BADAC000 - dmload.sys BA722000 - dmio.sys BAB28000 - PartMgr.sys BA8E8000 - VolSnap.sys BA66B000 - iaStor.sys BA8F8000 - disk.sys BA908000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS BA64C000 - fltMgr.sys BA63A000 - sr.sys BA623000 - KSecDD.sys BA596000 - Ntfs.sys BA569000 - NDIS.sys BA54E000 - Mup.sys BAA98000 - \SystemRoot\system32\DRIVERS\nic1394.sys BAA88000 - \SystemRoot\system32\DRIVERS\intelppm.sys B9452000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys B943E000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS BABA0000 - \SystemRoot\system32\DRIVERS\usbuhci.sys B941B000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS BABA8000 - \SystemRoot\system32\DRIVERS\usbehci.sys B93F6000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys B93B9000 - \SystemRoot\system32\DRIVERS\yk51x86.sys B93A8000 - \SystemRoot\system32\DRIVERS\serial.sys BA4F6000 - \SystemRoot\system32\DRIVERS\serenum.sys BAC10000 - \SystemRoot\system32\DRIVERS\fdc.sys BADE2000 - \SystemRoot\system32\DRIVERS\ASACPI.sys BAAA8000 - \SystemRoot\system32\DRIVERS\i8042prt.sys BA4F2000 - \SystemRoot\system32\DRIVERS\L8042Kbd.sys BAC20000 - \SystemRoot\system32\DRIVERS\kbdclass.sys BAAB8000 - \SystemRoot\system32\DRIVERS\imapi.sys BAAC8000 - \SystemRoot\system32\DRIVERS\cdrom.sys BAAD8000 - \SystemRoot\system32\DRIVERS\redbook.sys B9385000 - \SystemRoot\system32\DRIVERS\ks.sys BA4EA000 - \SystemRoot\system32\drivers\atkkbnt.sys BAE83000 - \SystemRoot\system32\DRIVERS\audstub.sys BAAE8000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys BA4E6000 - \SystemRoot\system32\DRIVERS\ndistapi.sys B936E000 - \SystemRoot\system32\DRIVERS\ndiswan.sys BAAF8000 - \SystemRoot\system32\DRIVERS\raspppoe.sys BAB08000 - \SystemRoot\system32\DRIVERS\raspptp.sys BABF0000 - \SystemRoot\system32\DRIVERS\TDI.SYS B935D000 - \SystemRoot\system32\DRIVERS\psched.sys BAB18000 - \SystemRoot\system32\DRIVERS\msgpc.sys BABF8000 - \SystemRoot\system32\DRIVERS\ptilink.sys BAC00000 - \SystemRoot\system32\DRIVERS\raspti.sys B932C000 - \SystemRoot\system32\DRIVERS\rdpdr.sys BA998000 - \SystemRoot\system32\DRIVERS\termdd.sys BAC08000 - \SystemRoot\system32\DRIVERS\mouclass.sys BADE4000 - \SystemRoot\system32\DRIVERS\swenum.sys B92F8000 - \SystemRoot\system32\DRIVERS\update.sys B9FCC000 - \SystemRoot\system32\DRIVERS\mssmbios.sys B5DB1000 - \SystemRoot\System32\Drivers\NDProxy.SYS B5DA1000 - \SystemRoot\system32\DRIVERS\usbhub.sys BAE50000 - \SystemRoot\system32\DRIVERS\USBD.SYS ADB9A000 - \SystemRoot\system32\drivers\ADIHdAud.sys ADB76000 - \SystemRoot\system32\drivers\portcls.sys AF38F000 - \SystemRoot\system32\drivers\drmk.sys ADB5F000 - \SystemRoot\system32\drivers\AEAudio.sys ADAFF000 - \SystemRoot\system32\drivers\Senfilt.sys A994C000 - \SystemRoot\system32\DRIVERS\flpydisk.sys BAE56000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS A9920000 - \SystemRoot\System32\Drivers\Null.SYS BAE58000 - \SystemRoot\System32\Drivers\Beep.SYS A993C000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS A9934000 - \SystemRoot\System32\drivers\vga.sys BAE5A000 - \SystemRoot\System32\Drivers\mnmdd.SYS BAE5C000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys A992C000 - \SystemRoot\System32\Drivers\Msfs.SYS A9924000 - \SystemRoot\System32\Drivers\Npfs.SYS A9988000 - \SystemRoot\system32\DRIVERS\rasacd.sys A8523000 - \SystemRoot\system32\DRIVERS\ipsec.sys A84CB000 - \SystemRoot\system32\DRIVERS\tcpip.sys A9A9B000 - \SystemRoot\System32\Drivers\aswTdi.SYS A84AA000 - \SystemRoot\system32\DRIVERS\ipnat.sys A8482000 - \SystemRoot\system32\DRIVERS\netbt.sys A9A8B000 - \SystemRoot\system32\DRIVERS\wanarp.sys A8460000 - \SystemRoot\System32\drivers\afd.sys A8E0B000 - \SystemRoot\system32\DRIVERS\netbios.sys A8DFB000 - \SystemRoot\system32\DRIVERS\arp1394.sys A8434000 - \SystemRoot\system32\DRIVERS\rdbss.sys A83C5000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys A8DEB000 - \SystemRoot\System32\Drivers\Fips.SYS A8C9E000 - \SystemRoot\System32\Drivers\Aavmker4.SYS A83A2000 - \SystemRoot\System32\Drivers\Fastfat.SYS A981F000 - \SystemRoot\system32\DRIVERS\hidusb.sys A8DCB000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS A981B000 - \SystemRoot\system32\DRIVERS\mouhid.sys A82EB000 - \SystemRoot\System32\Drivers\dump_iaStor.sys BF800000 - \SystemRoot\System32\win32k.sys A8C86000 - \SystemRoot\System32\watchdog.sys A8A60000 - \SystemRoot\System32\drivers\Dxapi.sys BF9C1000 - \SystemRoot\System32\drivers\dxg.sys A8609000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D3000 - \SystemRoot\System32\atkdisp.dll BFA12000 - \SystemRoot\System32\nv4_disp.dll B865E000 - \SystemRoot\system32\DRIVERS\ndisuio.sys A7A14000 - \SystemRoot\System32\Drivers\aswMon2.SYS A70F7000 - \SystemRoot\system32\DRIVERS\mrxdav.sys A7170000 - \??\C:\WINDOWS\system32\drivers\EIO.sys A7054000 - \SystemRoot\system32\DRIVERS\srv.sys A6FA0000 - \SystemRoot\System32\Drivers\aswRdr.SYS A6E5F000 - \SystemRoot\system32\drivers\wdmaud.sys ADCFC000 - \SystemRoot\system32\drivers\sysaudio.sys A6C05000 - \SystemRoot\System32\Drivers\HTTP.sys A6CB9000 - \SystemRoot\System32\Drivers\Cdfs.SYS 9D48C000 - \SystemRoot\system32\drivers\kmixer.sys AE984000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 119 Liste des programmes installes Adobe Acrobat 6.0 Professional - English, Français, Deutsch Adobe Creative Suite Adobe Flash Player ActiveX Adobe Flash Player Plugin Adobe Reader 8.1.0 - Français Adobe SVG Viewer 3.0 Adobe® Photoshop® Album Edition Découverte 3.0 ASUS Enhanced Display Driver ASUS GameLiveShow ASUS GameLiveShow ASUS nVidia Driver ASUS SmartDoctor ASUS SmartDoctor ASUS Utilities ASUS Utilities ASUS VideoSecurity Online ASUS VideoSecurity Online avast! Antivirus Barre d'outils Outlook de Windows Live (Windows Live Toolbar) Bloqueur de fenêtres pop-up (Windows Live Toolbar) Canon MP Navigator 2.0 Canon MP500 Canon Utilities Easy-PhotoPrint CD-LabelPrint CDDRV_Installer Dam 2.2 Dariush 6.0.0.0 dBpowerAMP Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) Easy-WebPrint Extension de Windows Live Toolbar (Windows Live Toolbar) FileAlyzer GameFace Messenger High Definition Audio Driver Package - KB888111 HijackThis 2.0.0 J2SE Runtime Environment 5.0 Update 11 Java 6 Update 2 Java SE Runtime Environment 6 Update 1 KhalSetup Logitech SetPoint Macromedia Flash Player 8 Menus intelligents (Windows Live Toolbar) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Office Professional Edition 2003 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox (2.0.0.6) MSN Navigation par onglets (Windows Live Toolbar) Navilog1 Version 2.0.7 Nero 6 Ultra Edition NetAlyzer 0.3 NVIDIA Drivers OmniPage SE 2.0 OneCare Advisor (Windows Live Toolbar) Opera 9.20 Opera 9.23 PowerArchiver 2007 French RunAlyzer Russe d'Or 3.0 Russian Alphabet 2.0 SeaMonkey (1.1.4) SoundMAX SpeechRedist Spelling Dictionaries Support For Adobe Reader 8 Spybot - Search & Destroy 1.4 Unreal Tournament 2004 WebFldrs XP WinBirds 4.0 Windows Live Favorites pour Windows Live Toolbar Windows Live Messenger Windows Live Sign-in Assistant Windows Live Toolbar Windows Live Toolbar Windows Media Format Runtime XviD MPEG-4 Video Codec Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 44B0-B826 Répertoire de C:\Program Files 28/08/2007 11:55 <REP> . 28/08/2007 11:55 <REP> .. 18/06/2007 14:46 <REP> Adobe 30/03/2007 18:19 <REP> Alwil Software 31/03/2007 21:05 <REP> Analog Devices 02/07/2007 18:23 <REP> ASUS 08/05/2007 12:14 <REP> Borland 20/04/2007 13:28 <REP> Canon 30/03/2007 12:26 <REP> ComPlus Applications 08/08/2007 14:24 <REP> Dam22 25/07/2007 08:25 <REP> Dariush 10/08/2007 08:21 <REP> FBM Software 28/08/2007 13:02 <REP> Fichiers communs 01/07/2007 17:18 <REP> GameFace Messenger 31/03/2007 21:09 <REP> Illustrate 31/03/2007 21:59 <REP> Internet Explorer 21/07/2007 09:36 <REP> Java 07/05/2007 12:57 <REP> LanguageHelpers 10/08/2007 08:21 <REP> Lavasoft 28/04/2007 18:58 <REP> Logitech 30/03/2007 12:26 <REP> Messenger 30/03/2007 12:28 <REP> microsoft frontpage 02/07/2007 12:37 <REP> Microsoft Office 02/07/2007 12:37 <REP> Microsoft Visual Studio 02/07/2007 12:37 <REP> Microsoft Works 02/07/2007 12:36 <REP> Microsoft.NET 02/06/2007 18:40 <REP> MMT 30/03/2007 12:26 <REP> Movie Maker 30/08/2007 16:47 <REP> Mozilla Firefox 10/08/2007 08:21 <REP> Mozilla Thunderbird(2) 28/06/2007 16:13 <REP> mozilla.org 30/03/2007 18:41 <REP> MSECache 20/04/2007 18:58 <REP> MSN 30/03/2007 12:26 <REP> MSN Gaming Zone 01/07/2007 20:08 <REP> MSN Messenger 30/03/2007 13:27 <REP> My Company Name 10/08/2007 11:50 <REP> Navilog1 11/07/2007 17:55 <REP> nero 30/03/2007 12:26 <REP> NetMeeting 30/03/2007 12:26 <REP> Online Services 02/09/2007 08:27 <REP> Opera 30/03/2007 12:26 <REP> Outlook Express 29/07/2007 12:30 <REP> PepiMK Software 03/09/2007 09:00 <REP> PowerArchiver 28/08/2007 11:55 <REP> Real 29/07/2007 12:27 <REP> Safer Networking 30/03/2007 12:27 <REP> Services en ligne 08/05/2007 12:14 <REP> SITTELLE 10/08/2007 08:21 <REP> Spybot - Search & Destroy 10/08/2007 08:21 <REP> Symantec 31/03/2007 21:23 <REP> VideoLAN 21/04/2007 12:36 <REP> Windows Live Favorites 21/04/2007 12:36 <REP> Windows Live Toolbar 01/07/2007 19:17 <REP> Windows Media Player 30/03/2007 12:26 <REP> Windows NT 30/03/2007 12:28 <REP> xerox 0 fichier(s) 0 octets 56 Rép(s) 245.863.591.936 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 44B0-B826 Répertoire de C:\Program Files\fichiers communs 28/08/2007 13:02 <REP> . 28/08/2007 13:02 <REP> .. 18/06/2007 14:46 <REP> Adobe 11/04/2007 12:31 <REP> Adobe Systems Shared 11/07/2007 17:55 <REP> Ahead 02/07/2007 12:37 <REP> DESIGNER 20/04/2007 13:30 <REP> InstallShield 31/03/2007 21:34 <REP> Java 28/04/2007 18:58 <REP> Logitech 02/07/2007 12:37 <REP> Microsoft Shared 30/03/2007 12:26 <REP> MSSoap 30/03/2007 13:13 <REP> ODBC 28/08/2007 13:03 <REP> Real 20/04/2007 13:32 <REP> ScanSoft Shared 30/03/2007 12:26 <REP> Services 30/03/2007 13:13 <REP> SpeechEngines 02/07/2007 12:37 <REP> System 0 fichier(s) 0 octets 17 Rép(s) 245.863.587.840 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 44B0-B826 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 02/07/2007 12:37 <REP> . 02/07/2007 12:37 <REP> .. 02/07/2007 12:28 <REP> 1033 02/07/2007 12:37 <REP> 1036 26/10/2006 19:49 970.528 MSONSEXT.DLL 15/07/2003 06:52 35.896 MSOSV.DLL 03/06/1999 12:09 122.937 MSOWS409.DLL 07/03/2001 07:00 127.033 MSOWS40c.DLL 11/07/2003 02:25 80.448 PKMWS.DLL 5 fichier(s) 1.336.842 octets 4 Rép(s) 245.863.587.840 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 44B0-B826 Répertoire de C:\ 21/06/2007 18:55 75.264 a.exe 1 fichier(s) 75.264 octets 0 Rép(s) 245.863.587.840 octets libres c:\Documents and Settings\denis\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\denis\Local Settings\Temp\ADMInstaller.exe c:\Documents and Settings\denis\Local Settings\Temp\mdx-oct-2005.exe c:\Documents and Settings\denis\Local Settings\Temp\mdx-oct-2005\DXSETUP.exe c:\Documents and Settings\denis\Mes documents\AdbeRdr80_fr_FR.exe c:\Documents and Settings\denis\Mes documents\dBpowerAMP-r2.exe c:\Documents and Settings\denis\Mes documents\dotnetfx.exe c:\Documents and Settings\denis\Mes documents\Install_Messenger.exe c:\Documents and Settings\denis\Mes documents\nasa-world-wind_nasa_world_wind_1.4.0_anglais_14069.exe c:\Documents and Settings\denis\Mes documents\psa30se_fr_fr.exe c:\Documents and Settings\denis\Mes documents\vlc-0.8.6a-win32.exe c:\Documents and Settings\jacques\Application Data\tmpB.tmp.exe c:\Documents and Settings\jacques\Application Data\tmpF.tmp.exe c:\Documents and Settings\jacques\Application Data\Microsoft\Installer\{45A54FAD-AADB-4CD2-9E56-2507A15F013D}\ARPPRODUCTICON.exe c:\Documents and Settings\jacques\Application Data\Microsoft\Installer\{6815FCDD-401D-481E-BA88-31B4754C2B46}\ARPPRODUCTICON.exe c:\Documents and Settings\jacques\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\jacques\Bureau\dam227.exe c:\Documents and Settings\jacques\Bureau\Dames.exe c:\Documents and Settings\jacques\Bureau\dariush-6.0.0.0-pro-fullsetup.exe c:\Documents and Settings\jacques\Bureau\filealyz.exe c:\Documents and Settings\jacques\Bureau\HiJackThis_v2.exe c:\Documents and Settings\jacques\Bureau\netalyz.exe c:\Documents and Settings\jacques\Bureau\netscape-navigator-9.0b2.exe c:\Documents and Settings\jacques\Bureau\NIS2007FR.exe c:\Documents and Settings\jacques\Bureau\Opera_9.23_International_Setup.exe c:\Documents and Settings\jacques\Bureau\powarc1011fr.exe c:\Documents and Settings\jacques\Bureau\runalyz.exe c:\Documents and Settings\jacques\Bureau\sdsetup.exe c:\Documents and Settings\jacques\Bureau\seamonkey-1.1.4.fr-FR.win32.installer.exe c:\Documents and Settings\jacques\Bureau\spybotsd14.exe c:\Documents and Settings\jacques\Bureau\VundoFix.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\diff.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\find2.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\grep.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\streams.exe c:\Documents and Settings\jacques\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\jacques\Bureau\Navilog1\Navilog1.exe c:\Documents and Settings\jacques\Local Settings\Temporary Internet Files\Content.IE5\XBR795SE\Defenza[1].exe c:\Documents and Settings\michaël\Application Data\tmp2D.tmp.exe c:\Documents and Settings\michaël\Application Data\tmp2F.tmp.exe c:\Documents and Settings\michaël\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\michaël\Local Settings\Temp\setup_wm.exe c:\Documents and Settings\michaël\Local Settings\Temp\WindowsUpdateAgent20-x86.exe c:\Documents and Settings\michaël\Local Settings\Temp\WMC0000.tmp\WMPAU.exe c:\Documents and Settings\michaël\Mes documents\Mes fichiers reçus\transfert\Micha1\Mes images\PhotoPerfect DigiCam.exe c:\Documents and Settings\michaël\Mes documents\Mes fichiers reçus\transfert\micha4\dap5.exe c:\Documents and Settings\michaël\Mes documents\Mes fichiers reçus\transfert\micha4\NSSetup.exe c:\Documents and Settings\véronique\Application Data\tmp25.tmp.exe c:\Documents and Settings\véronique\Application Data\tmp27.tmp.exe c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules407\CNMlr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules407\CNMsr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules407\CNMur7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules409\CNMlr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules409\CNMsr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules409\CNMur7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules40c\CNMlr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules40c\CNMsr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules40c\CNMur7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules410\CNMlr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules410\CNMsr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules410\CNMur7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules413\CNMlr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules413\CNMsr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules413\CNMur7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules415\CNMlr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules415\CNMsr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules415\CNMur7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules419\CNMlr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules419\CNMsr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules419\CNMur7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules816\CNMlr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules816\CNMsr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules816\CNMur7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModulesc0a\CNMlr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModulesc0a\CNMsr7L.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModulesc0a\CNMur7L.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\USMT\iconlib.dll c:\Documents and Settings\jacques\Application Data\Mozilla\Firefox\Profiles\auedq954.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll c:\Documents and Settings\michaël\Application Data\Mozilla\Firefox\Profiles\e7yr0djh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\michaël\Application Data\Mozilla\Firefox\Profiles\e7yr0djh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll ****** Fin du rapport DiagHelp

Bonjour, D'abord merci pour l'aide. Voilà le résultat: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 9:08:43, on 3/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\GameFace Messenger\GameFace.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe E:\OpwareSE2.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PowerArchiver\PASTARTER.EXE C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\PowerArchiver\POWERARC.EXE C:\Documents and Settings\jacques\Bureau\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: WebAssist - {85589B5D-D53D-4237-A677-46B82EA275F3} - C:\WINDOWS\WebAssist.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [GameFace Messenger] C:\Program Files\GameFace Messenger\GameFace.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [OpwareSE2] "E:\OpwareSE2.exe" O4 - HKLM\..\Run: [OPSE reminder] "E:\EregFre\Ereg.exe" -r "E:\EregFre\ereg.ini" O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?97a41392401f4c7480436d0410863f7c O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?97a41392401f4c7480436d0410863f7c O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://selfcare.belgacom.net/static/pc/dlb...sy/SymDlBrg.cab O20 - AppInit_DLLs: c:\windows\system32\ssqrqom.dll O20 - Winlogon Notify: MSCsys - MSCsys.dll (file missing) O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 10113 bytes voici le texte VundoFix C:\WINDOWS\cbabeg.ini C:\WINDOWS\gebabc.dll C:\WINDOWS\system32\tmpF.tmp.dll DiagHelp suivra,

Bonjour, Voilà l'analyse par hij. Message d'erreur:manque windows\gebabc.dll( à l'ouverture de la session). J'ai en 04:HKLM\..\Run: [systemOptimizer] rundll32.exe "C:\WINDOWS\gebabc.dll",forkonce or il n'existe pas gebabc.dll( enfin je ne sais pas à quoi ça correspond). D'autre part FireFox, explorer et d'autres programmes se ferment avec message d'erreur:fire fox a renconter un problème et doit fermer. Merci pour l'aide que vous pourrez m'apporter Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 11:42:28, on 2/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\GameFace Messenger\GameFace.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe E:\OpwareSE2.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PowerArchiver\PASTARTER.EXE C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\jacques\Bureau\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: WebAssist - {85589B5D-D53D-4237-A677-46B82EA275F3} - C:\WINDOWS\WebAssist.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [GameFace Messenger] C:\Program Files\GameFace Messenger\GameFace.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [OpwareSE2] "E:\OpwareSE2.exe" O4 - HKLM\..\Run: [OPSE reminder] "E:\EregFre\Ereg.exe" -r "E:\EregFre\ereg.ini" O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [systemOptimizer] rundll32.exe "C:\WINDOWS\gebabc.dll",forkonce O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?97a41392401f4c7480436d0410863f7c O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?97a41392401f4c7480436d0410863f7c O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://selfcare.belgacom.net/static/pc/dlb...sy/SymDlBrg.cab O20 - AppInit_DLLs: c:\windows\system32\ssqrqom.dll O20 - Winlogon Notify: MSCsys - MSCsys.dll (file missing) O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 10258 bytes