[LOGICIEL] [Centralisation] .:::: Hijackthis ::::.

snooky · le 7 mai 2006

Question dans la section P2P ...

Puis il y a pas mal de sites qui en parle , du LOW ID

mousse2109 · le 7 mai 2006

voici le nouveau rapport du pc de ma fille apres avoir suivi tes instructions. S'il faut que je fixe quoi que se soit fait le moi savoir. :chinois:

merci de ton aide precieuse :francais:

Logfile of HijackThis v1.99.1

Scan saved at 18:07:25, on 7/05/2006

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\RunDll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\System32\LVCOMSX.EXE

C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\MSNMES~1\msnmsgr.exe

C:\Program Files\Antipub\antipub.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cfuuaneasqsuixac.com/k1hVaaIOU4...2D7_695ioj8.jpg

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.skynet.be

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {31b0908f-c9aa-4a67-8476-72c485490cf2} - (no file)

O2 - BHO: (no name) - {57F8D85B-A61A-DBC7-C36A-65C8A4D5C484} - (no file)

O3 - Toolbar: (no name) - {CC46D8BC-85F4-4D0F-BCA9-F90286040C7E} - (no file)

O3 - Toolbar: (no name) - {f6ba59c3-02fe-4bbc-b711-a45b1a40fcf7} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [AME_CSA] rundll32 AmeCSA.cpl,RUN_DLL

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background

O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe

O4 - Global Startup: Aide de PowerDVD.lnk = C:\Program Files\CyberLink\PowerDVD\PowerDVD.CHM

O4 - Global Startup: Désinstallez PowerDVD.lnk = ?

O4 - Global Startup: Lisezmoi.lnk = C:\WINDOWS\NOTEPAD.EXE

O4 - Global Startup: PowerDVD.lnk = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O14 - IERESET.INF: START_PAGE_URL=http://www.skynet.be

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...up1.0.0.8-2.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion....ebio5_1_6_0.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: AntiVir Update Temp (TmpUpSrv) - Unknown owner - C:\DOCUME~1\XXXX\LOCALS~1\TEMP\_VWUPSRV.EXE (file missing)

mousse2109

snooky · le 7 mai 2006

@ mousse 2109 :

Fixe ces lignes :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cfuuaneasqsuixac.com/k1hVaaIOU4...2D7_695ioj8.jpg

O2 - BHO: (no name) - {31b0908f-c9aa-4a67-8476-72c485490cf2} - (no file)

O2 - BHO: (no name) - {57F8D85B-A61A-DBC7-C36A-65C8A4D5C484} - (no file)

O3 - Toolbar: (no name) - {CC46D8BC-85F4-4D0F-BCA9-F90286040C7E} - (no file)

O3 - Toolbar: (no name) - {f6ba59c3-02fe-4bbc-b711-a45b1a40fcf7} - (no file)

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

Passe CWShredder .

Encore des problèmes , après ceci ?

monsieurb · le 8 mai 2006

Désinstalle VMware via ajout/supp des programmes reboot et teste .

Ensuite :

1/ Désinstalle Kaspersky , reboot et teste si tu as encore des erreurs ..

2/ Installer la dernière version en date , ta clé de licence reste valide ( en bas à droite , dernières versions des produits )

http://grandpublic.kaspersky.fr/index.php?

3/ Dans Hijackthis : config / outils / ouvrir ajout/suppr des programmes / Sauver , puis colle le log ici .

salut!

j'ai désinstalé VmWare, quand à savoir, si ca plante toujours, je ne pourrais voir ca qu'avec le temps, mais si d'ici deux jour ca n'a pas recommencer, c'est que ca devrais être bon, je pense, plutôt, j'espère. Sinon, je suivrai les étapes comme précedemment citées.

par contre, si toutefois le problème était résolu, cela vaut-il vraiment le cout de désinstalé kaspersky pour faire une réinstale, une simple mise a jour n'est-elle pas envisageable?

merci

pour finir, je t'envois le log hijackthis (en espérant que c'est bien ca que tu voulais):

Adaptec UDF Reader

Adobe Reader 6.0.1 - Français

Archiveur WinRAR

ASUS Enhanced Display Driver

ASUS Probe V2.24.10

ASUSDVD

AsusUpdate

Athlon 64 Processor Driver

CCleaner (remove only)

CDex extraction audio

Cool & Quiet

Correctif Windows XP - KB885884

DAEMON Tools

EAX Unified

eMule

Eurobarre

EVEREST Home Edition v1.51

Far Cry

Foxmail 5.0 Fr.

Free - Kit de connexion

Freeplayer

HijackThis 1.99.1

Hijackthis Version Française

IEEE 802.11g Wireless Cardbus/PCI Adapter

J2SE Runtime Environment 5.0

J2SE Runtime Environment 5.0 Update 6

Kaspersky Anti-Virus Personal

KitBar 3.3

Lecteur Windows Media 10

Logitech Desktop Messenger

Logitech MouseWare 9.80

Logitech SetPoint

Messenger Plus! 3

Microsoft Office XP Professional avec FrontPage

Mise à jour de sécurité pour Lecteur Windows Media (KB911564)

Mise à jour de sécurité pour Windows XP (KB893756)

Mise à jour de sécurité pour Windows XP (KB896423)

Mise à jour de sécurité pour Windows XP (KB896424)

Mise à jour de sécurité pour Windows XP (KB899587)

Mise à jour de sécurité pour Windows XP (KB899589)

Mise à jour de sécurité pour Windows XP (KB899591)

Mise à jour de sécurité pour Windows XP (KB900725)

Mise à jour de sécurité pour Windows XP (KB901017)

Mise à jour de sécurité pour Windows XP (KB902400)

Mise à jour de sécurité pour Windows XP (KB904706)

Mise à jour de sécurité pour Windows XP (KB905414)

Mise à jour de sécurité pour Windows XP (KB905749)

Mise à jour de sécurité pour Windows XP (KB905915)

Mise à jour de sécurité pour Windows XP (KB908519)

Mise à jour de sécurité pour Windows XP (KB908531)

Mise à jour de sécurité pour Windows XP (KB911562)

Mise à jour de sécurité pour Windows XP (KB911567)

Mise à jour de sécurité pour Windows XP (KB911927)

Mise à jour de sécurité pour Windows XP (KB912812)

Mise à jour de sécurité pour Windows XP (KB912919)

Mise à jour de sécurité pour Windows XP (KB913446)

Mise à jour pour Windows XP (KB900485)

Mise à jour pour Windows XP (KB910437)

Mozilla Firefox (1.5.0.3)

MSN Messenger 7.5

Need for Speed™ Most Wanted

Nero 6 Ultra Edition

NVIDIA Drivers

NVIDIA nTune

NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers

PS to USB convert cable

QuickTime

RealPlayer

Realtek AC'97 Audio

Spybot - Search & Destroy 1.4

StuffPlug-NG (Messenger Plus! Plugins)

TuneUp Utilities 2006

Unlocker 1.8.2

Unreal Tournament 2003

Unreal Tournament G.O.T.Y. Edition

VideoLAN VLC media player 0.8.2

Voice Editor

Windows Media Format Runtime

Windows Messenger 5.1

remimer · le 8 mai 2006

Voici mon log, pouvez-vous me l'analyser? :mdr:

Logfile of HijackThis v1.99.1

Scan saved at 12:28:32, on 08/05/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Eset\nod32kui.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\UTILS\YzToolbar\YzToolBar.exe

C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe

C:\Program Files\Eset\nod32krn.exe

C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Documents and Settings\Gore\Bureau\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: YzToolBar.lnk = C:\Program Files\UTILS\YzToolbar\YzToolBar.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Diminuer la page - {A0E6D3BD-A661-447D-8634-0751467857F3} - C:\Program Files\UTILS\EasyRead\ZoomOut.js (file missing)

O9 - Extra button: Agrandir la page - {AEBB571B-4C48-438D-808D-999F168CDECE} - C:\Program Files\UTILS\EasyRead\ZoomIn.js (file missing)

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

A bientôt! :yes:

snooky · le 8 mai 2006

@ monsieurb:

cela vaut-il vraiment le cout de désinstalé kaspersky pour faire une réinstale, une simple mise a jour n'est-elle pas envisageable?

Indispensable . La mise à jour est réservée aux bases virales , pas au logiciel lui même .

__________________________________________

@reminer :

Le rapport est clean

A fixer :

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

Des soucis ?

FaTaL1Ty · le 8 mai 2006

Slt snooky cette fois ce n'est pas la mule,c'est un programme que j'ai téléchargé et en coryant que c'était celle la je me suis rendu compte que c'était un autre.

Je l'ai désinstallé et supprimé tous les fichiers a son nom,mais une fenetre revien tout le temps

Voila le rapport hijack this:

Logfile of HijackThis v1.99.1

Scan saved at 15:31:41, on 08/05/2006

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\alg.exe

C:\Program Files\kerio\Personal Firewall 4\kpf4ss.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\kerio\Personal Firewall 4\kpf4gui.exe

C:\Program Files\ITE\Smart Guardian\ITESmart.exe

C:\Program Files\Razer\razerhid.exe

C:\Program Files\ClamWin\bin\ClamTray.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\kerio\Personal Firewall 4\kpf4gui.exe

C:\Program Files\Dantz\Retrospect\retrorun.exe

c:\progra~1\intern~1\iexplore.exe

C:\Program Files\Razer\razertra.exe

C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\Program Files\Raxco\PerfectDisk\PDSched.exe

C:\Program Files\Razer\razerofa.exe

C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [smartGuardian] C:\Program Files\ITE\Smart Guardian\ITESmart.exe

O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\razerhid.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Keepaudio] C:\DOCUME~1\GUILLA~1\APPLIC~1\INTRAP~1\TonsBaseFirst.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1147080399936

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - file://E:\Player\noflash\swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{5B93A3EE-F9DC-4085-9F62-F8DACA54B2D8}: NameServer = 127.0.0.1

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\kerio\Personal Firewall 4\kpf4ss.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe

O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe

O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe

O23 - Service: Assistant Retrospect (Retrospect Helper) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\rthlpsvc.exe

O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

-------------------------------------------

Voici un screen qui montre que a² a trouvé 3 malwares mais j'ai beau les supprimé rien n'y fais

ad aware ne trouve rien ainsi que spybot

Vindev_HELL84 · le 8 mai 2006

Logfile of HijackThis v1.99.1

Scan saved at 00:42:37, on 06/05/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5335.0005)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Logitech\Easy Synchronization\servicestub.exe

C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Mozy\mozybackup.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\PAStiSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Switch Off\swoff.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

C:\WINDOWS\system32\vmnat.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\LiteStep\litestep.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\Program Files\Dusco\IRAssistant\IRAssistant.exe

C:\Program Files\Logitech\MediaLife\MediaLifeService.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

c:\windows\hffext\hffsrv.exe

C:\Program Files\Easy TM\EasyTM.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Pando Networks\Pando\Pando.exe

C:\PROGRA~1\Common Files\X10\Common\x10nets.exe

C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe

C:\Program Files\ImageShack\QuickShot\QuickShot.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\DU Meter\DUMeter.exe

C:\Program Files\NetLimiter\NetLimiter.exe

C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\WinPLOSION\WinPlosion.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Google\Google Talk\googletalk.exe

c:\program files\netappel\netappel.exe

C:\WINDOWS\system32\DrvMon.exe

C:\Program Files\SuperCopier2\SuperCopier2.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\TorCP\torcp.exe

E:\Mes documents\USDownloader\USDownloader\USDownloader.exe

C:\Program Files\VisualTaskTips\VisualTaskTips.exe

C:\Program Files\Tor\tor.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\DigitalPeers\CamTrack\camtrack.exe

C:\Program Files\Folding@Home\winFAH.exe

C:\Program Files\Mozy\mozystat.exe

C:\Program Files\Privoxy\privoxy.exe

C:\Program Files\OpenOffice.org 2.0\program\soffice.exe

C:\Documents and Settings\vindev_hell84.XP-LSD3-CH-DUG.000\Menu Démarrer\Programmes\Démarrage\SnapKey_v2.0.2.1.exe

C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN

C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe

C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe

C:\Program Files\Folding@Home\FahCore_7a.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\FlashGet\flashget.exe

C:\PROGRA~1\TribalWeb.net\tribalweb.exe

C:\WINDOWS\explorer.exe

C:\Program Files\X-Chat 2\xchat.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=552...cid={SUB_CLCID}

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8118

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [iRAssistant] C:\Program Files\Dusco\IRAssistant\IRAssistant.exe -noSplash

O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon

O4 - HKLM\..\Run: [hffsrv] c:\windows\hffext\hffsrv.exe

O4 - HKLM\..\Run: [Easy TM] C:\Program Files\Easy TM\EasyTM.exe /min

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [Pando] C:\Program Files\Pando Networks\Pando\Pando.exe /Automation

O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"

O4 - HKLM\..\Run: [imageShackUtil] C:\Program Files\ImageShack\QuickShot\QuickShot.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe

O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s

O4 - HKLM\..\Run: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe

O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [WinPLOSION] "C:\Program Files\WinPLOSION\WinPlosion.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart

O4 - HKCU\..\Run: [NetAppel] "c:\program files\netappel\netappel.exe" -nosplash -minimized

O4 - HKCU\..\Run: [switch Off] C:\Program Files\Switch Off\swoff.exe

O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Pando] C:\Program Files\Pando Networks\Pando\pando.exe /Automation

O4 - HKCU\..\Run: [TorCP] C:\Program Files\TorCP\torcp.exe

O4 - HKCU\..\Run: [uSDownloader] "E:\Mes documents\USDownloader\USDownloader\USDownloader.exe"

O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe

O4 - Startup: Folding@Home 5.03.lnk = ?

O4 - Startup: Mozy Status.lnk = C:\Program Files\Mozy\mozystat.exe

O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe

O4 - Startup: Privoxy.lnk = C:\Program Files\Privoxy\privoxy.exe

O4 - Startup: SnapKey_v2.0.2.1.exe

O4 - Startup: XChat.lnk = C:\Program Files\X-Chat 2\xchat.exe

O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm (file missing)

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm (file missing)

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{660E9147-11EC-48D2-9C02-5EBAE0A4C633}: NameServer = 192.168.1.65,192.168.1.1

O18 - Protocol: bw+0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)

O18 - Protocol: offline-8876480 - {1F0B2DA2-7898-48AD-A24F-8E98B11E72C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live Mail Desktop Beta\mailcomm.dll

O20 - AppInit_DLLs: ,wbsys.dll

O20 - Winlogon Notify: LBTWlgn - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll

O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll

O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\Object Desktop\WindowBlinds\wbsrv.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe (file missing)

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE

O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe

O23 - Service: MozyBackup - Unknown owner - C:\Program Files\Mozy\mozybackup.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe

O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

O23 - Service: Switch Off - YaSoft - C:\Program Files\Switch Off\swoff.exe

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\Common Files\X10\Common\x10nets.exe

Vindev, tu peux fixer ces lignes :

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm (file missing)

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm (file missing)

Pour le reste, attends Snooky.

Tu sais que que c'est Pando.exe ? Edit : c'est bon j'ai trouvé.

@maxsims1 :

Ces lignes sont légitimes et à conserver :

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm (file missing)

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm (file missing)

Il ne faut pas tenir compte de l'indication ( File missing ) .

Bon je up car j'ai l'impression que tu as "sauté" mon rapport snooky

donc j'ai déja fixé les lignes que m'a indiqué maxsims1 et j'ai bien suivi tes conseils j'ai gardé les lignes que tu as indiqué

donc voili voilou

FaTaL1Ty · le 8 mai 2006

@Vindev_HELL84 enleve les citations et pour ton rapport met le en écriture normal

:fumer:

fixe