[LOGICIEL] [Centralisation] .:::: Hijackthis ::::.

[Thierry 63]

A guymauve,

Télécharge la dernière version KAV 6.0.0.303 et installe là en suivant cette procèdure :

Comment passer de Kaspersky 6.0.0.xxx à Kaspersky 6.0.0.303

Ensuite, pour activer les bases étendues il te suffit de cocher la case comme sur la capture ci-dessous :

[guymauve]

Merci à toi Thierry.

Sinon question suppl :

C'est normat que a² me considere process.exe de smitfraudfix comme fichier à haut risque ?

[snooky]

Oui , et tu peux désinstaller a² Squared et consorts ...

kav6 s'occupe de tout !

[guymauve]

Oui , et tu peux désinstaller a² Squared et consorts ...

kav6 s'occupe de tout !

Super j'ai fait un beau post en bois alors

A part KAV, c'est quoi le ou les logiciels utiles en complément de KAV ?

Merci les filles.

[snooky]

A part KAV, c'est quoi le ou les logiciels utiles en complément de KAV ?

Un cerveau ?

[guymauve]

A part KAV, c'est quoi le ou les logiciels utiles en complément de KAV ?

Un cerveau ?

ok bien reçu, je peux prendre le pack cerveau + sympathie et je te fais la partie sympathie à 50%.

[snooky]

[mixpixoto]

-ben j'ai CA(j'ai vu d'autre discussion sur certains forums mais ca date un peu) pas vraiment de gros soucis,mais il faut faire attention a certaines extensions,au fichier"temp" aussi,il est dit aussi que"clean nettoie vraiment tres fort"...

c'est pas une critique du tout hein,ou alors une autocritique peut etre ,j'ai pas envie de perdre un truc meme con mais important pour moi et apres encore vous faire suez pendant 3 plombes

Tous les " temp " sont voués à leur suppression .

Je me demande bien ce que tu pourrais perdre comme données importantes ?

Je te donne un lien à lire ( et à rire ! ) , dans lequel le concepteur de Clean 1.4 s'explique clairement :

http://grandpublic.kaspersky.fr/forum/view...p?p=23364#23364

-je l'avais telecharger depuis ta signature cette nuit ,j'ai parler sans trop savoir et surtout sans avoir essayé,maintenant que j'ai tester,je trouves qu'il marche plutot pas mal mis a part quelques videos d'auto/moto telecharger ca et la sur ftp ou forum(pourquoi certaines et dautres pas )...rien d'important n'est disparu et 89Mo de gagné

-fin du HS...(je ne voulais pas qu'on croit que je descendais un logiciel,qui de plus,m'etait totalement inconnu,moralité:clean by fruit ...utilisateurs confirmé comme novice....et meme tres tres tres novice comme moi :copain:

[zoic]

Bonjour,

Juste pour savoir si tout et normal parceque de temps en temps (lor de la lecture de video ) j'ai des microsacade comme si la video était que en desous des 24 image/seconde et je pense ke c du a un logiciel qui tourne en tache de fond mais jarrive pa a l'identifié

merci d'avance

Logfile of HijackThis v1.99.1

Scan saved at 13:42:11, on 10/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.bin

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\oodag.exe

C:\Program Files\OO Software\Defrag Professional\oodcnt.exe

C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Loïc\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [EVEREST AutoStart] C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe

O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide

O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll

O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL

O17 - HKLM\System\CCS\Services\Tcpip\..\{A91F5D09-2D79-4BCF-AB2B-10A5B7809A97}: NameServer = 80.10.246.130 80.10.246.3

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe

O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

[snooky]

Salut ,

Commence par fixer :

O4 - HKCU\..\Run: [EVEREST AutoStart] C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe

O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide

Redémarre et teste .

[guymauve]

@ guYmauve :

Recherche ce fichier sur ton pc et

Scan manuellement ce fichier avec Kaspersky mis correctement à jour et active las bases étendues " Riskwares "

C:\WINDOWS\system\smss.exe

Donne le résultat du scan .

Aucun code malicieux découvert

Désactive la restauration système .

Coche et fixe :

O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w

OK c'est fait

Passe SmitfraudFix et poste le rapport .

SmitFraudFix v2.81

Rapport fait à 20:41:32.54, jeu. 10/08/2006

Executé à partir de C:\Documents and Settings\Fred\Bureau\Utilitaires\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Poste un nouveau rapport .

Logfile of HijackThis v1.99.1

Scan saved at 20:52:39, on 10/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

D:\Programmes\Kaspersky\avp.exe

C:\WINDOWS\system32\crypserv.exe

D:\Programmes\Kerio\Personal Firewall\kpf4ss.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\oodag.exe

C:\WINDOWS\System32\svchost.exe

D:\Programmes\Kerio\Personal Firewall\kpf4gui.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

D:\Programmes\Winamp\winampa.exe

D:\Programmes\Kaspersky\avp.exe

C:\Program Files\ISP Monitor\isp.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Logitech\SetPoint\KEM.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe

D:\Programmes\Kerio\Personal Firewall\kpf4gui.exe

C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE

C:\WINDOWS\system32\svchost.exe

D:\Programmes\Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmes\acrobat\Reader\ActiveX\AcroIEHelper.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [WinampAgent] D:\Programmes\Winamp\winampa.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [kav] "D:\Programmes\Kaspersky\avp.exe"

O4 - HKCU\..\Run: [iSPMonitor] C:\Program Files\ISP Monitor\isp.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe

O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\OFFICE~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\office\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll

O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Programmes\Kaspersky\scieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\OFFICE~1\Office12\REFIEBAR.DLL

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - D:\Programmes\Kaspersky\avp.exe

O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - D:\Programmes\Kerio\Personal Firewall\kpf4ss.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe

Encore MERCI.

[koskoz]

Salut snooky, voici mon rapport hijackthis.

Se serait sympa que tu commente les lignes que tu me conseilles de décocher, car je suis en train de faire un tuto sur l'optimisation de windows et connaître ces lignes m'aiderait .

Logfile of HijackThis v1.99.1

Scan saved at 01:22:22, on 11/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\System32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

D:\Program Files\Kerio\Personal Firewall\persfw.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\explorer.exe

C:\Jeux\Steam\Steam.exe

D:\Program Files\MSN Messenger\msnmsgr.exe

D:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Hijackthis\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll

O4 - HKLM\..\Run: [kav] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - Global Startup: DSLMON.lnk = D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1151616013095

O17 - HKLM\System\CCS\Services\Tcpip\..\{09CAF4C5-CE92-4B7B-BF77-5B5DA01786EF}: NameServer = 84.103.237.143 86.64.145.143

O17 - HKLM\System\CS1\Services\Tcpip\..\{09CAF4C5-CE92-4B7B-BF77-5B5DA01786EF}: NameServer = 84.103.237.143 86.64.145.143

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: klogon - D:\WINDOWS\System32\klogon.dll

O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - D:\Program Files\Kerio\Personal Firewall\persfw.exe

[theocrite]

Bonjour,

Comment supprimer igetnet qui se trouve sur mon ordi

Logfile of HijackThis v1.99.1

Scan saved at 15:00:56, on 11/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5296.0000)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\netdde.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\system32\clipsrv.exe

C:\WINDOWS\System32\dllhost.exe

C:\WINDOWS\system32\sstray.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

C:\Program Files\Bride.Ru Informer\InformerM.exe

C:\WINDOWS\System32\msdtc.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\ATI Multimedia\main\launchpd.exe

C:\Program Files\Kaspersky Lab\KL News Agent\KLAgent.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\BOINC\boincmgr.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\dllhost.exe

C:\WINDOWS\System32\vssvc.exe

C:\WINDOWS\System32\wbem\wmiapsrv.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe

C:\WINDOWS\System32\dmadmin.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\BOINC\boinc.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\BOINC\boincmgr.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R1_4.02_windows_intelx86.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.popupsearches.com/sidesearch.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clubic.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=552...cid={SUB_CLCID}

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SkypeIEHelper Class - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL

O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll

O3 - Toolbar: (no name) - {FF284F5C-7CF9-4682-8701-D467C1DBB99F} - (no file)

O3 - Toolbar: Skype™ For Internet Explorer - {B13721C7-F507-4982-B2E5-502A71474FED} - C:\Program Files\Skype\toolbars\Skype for Internet Explorer\skype_toolbar.dll

O3 - Toolbar: (no name) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - (no file)

O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [HGTXPEI] C:\WINDOWS\system32\FirstReboot.exe

O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

O4 - HKLM\..\Run: [bride.Ru Inform Tool] C:\Program Files\Bride.Ru Informer\InformerM.exe /startup

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"

O4 - HKCU\..\Run: [KL News Agent] C:\Program Files\Kaspersky Lab\KL News Agent\KLAgent.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe

O4 - Startup: Kaspersky Anti-Virus.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe

O4 - Startup: KLNewsAgent.lnk = C:\Program Files\Kaspersky Lab\KL News Agent\KLAgent.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: SATARaid.lnk = ?

O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Personnaliser - C:\Program Files\PROMT98\promtie4\options.htm

O8 - Extra context menu item: Rechercher sur Internet - C:\Program Files\PROMT98\promtie4\search.htm

O8 - Extra context menu item: Traduire - C:\Program Files\PROMT98\promtie4\translat.htm

O8 - Extra context menu item: Traduire dans R-Express - C:\Program Files\PROMT98\promtie4\wts.htm

O8 - Extra context menu item: Traduire dans WebView - C:\Program Files\PROMT98\promtie4\webview.htm

O8 - Extra context menu item: Traduire la page - C:\Program Files\PROMT98\promtie4\page.htm

O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll

O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL

O9 - Extra button: Skype™ For Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL

O9 - Extra 'Tools' menuitem: Skype™ For Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\toolbars\SKYPEF~1\SKYPE_~1.DLL

O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Translate - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Customize translation options - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Sha...t//DexiaIIA.cab

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - http://www.lizardtech.com/download/files/w...ntrol_fr_FR.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (Contrôleur de DownloadManager) - http://dlmanager.akamaitools.com.edgesuite...vex-2.0.6.0.cab

O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com/ViewerInstall.exe

O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-24.cab

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/07b9ea68f763cc...ip/RdxIE601.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/downl...lscbase7617.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1099520944000

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1136655257453

O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326

O18 - Protocol: bw+0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {E930D3D5-F0CA-4918-84FC-D5F244893FCD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

merci d'avance

Salut ,

non , eudom .

@jicete :

Désactive la restauration système .

Désinstalle Spybot , Windows defender et Bride.Ru Informer .

Coche et fixe ces lignes :

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.popupsearches.com/sidesearch.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=552...cid={SUB_CLCID}

O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O3 - Toolbar: (no name) - {FF284F5C-7CF9-4682-8701-D467C1DBB99F} - (no file)

O4 - HKLM\..\Run: [bride.Ru Inform Tool] C:\Program Files\Bride.Ru Informer\InformerM.exe /startup

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: SATARaid.lnk = ?

+ toutes les lignes 016

+toutes les lignes 018

Passe Clean 1.4 byFFRUiT

Passe SmitfraudFix

Dans kaspersky / Protection / conjiguration , sélectionne " programmes potentiellement dansgereux , ... ")

Met à jour et scan le poste de travail .

Redémarre le pc et poste un nouveau rapport pour vérification .

A déplacer dans la centralisation , merci

[FullTurnIP]

Voila mon hijack :

Logfile of HijackThis v1.99.1

Scan saved at 04:03:03, on 13/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

D:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe

D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

D:\WINDOWS\system32\nvsvc32.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\Explorer.EXE

C:\www\serveur\wamp\apache2\bin\Apache.exe

D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

D:\WINDOWS\system32\RUNDLL32.EXE

C:\apps\DAEMON Tools\daemon.exe

D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

D:\WINDOWS\SOUNDMAN.EXE

D:\windows\hotkey.exe

C:\apps\DeeEnEs.exe

C:\www\serveur\wamp\wampserver.exe

C:\www\serveur\wamp\apache2\bin\Apache.exe

D:\program files\msn messenger\msnmsgr.exe

D:\Progra~1\podXP\podXP.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\taskmgr.exe

C:\APPS\FIREFOX\FIREFOX.EXE

D:\WINDOWS\Explorer.EXE

C:\apps\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O4 - HKLM\..\Run: [nTrayFw] D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

O4 - HKLM\..\Run: [NVRTCLK] D:\WINDOWS\system32\NVRTCLK\NVRTClk.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [DAEMON Tools] "C:\apps\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [sunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [TransBar] D:\Program Files\AKSoftware\TransBar\TransBar.exe /s

O4 - HKCU\..\Run: [HotKey] D:\windows\hotkey.exe

O4 - HKCU\..\Run: [DeeEnEs] C:\apps\DeeEnEs.exe

O4 - Startup: WampServer.lnk = C:\www\serveur\wamp\wampserver.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: MCPClient - D:\PROGRA~1\FICHIE~1\Stardock\mcpstub.dll

O23 - Service: app_filter - Unknown owner - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

O23 - Service: wampapache - Unknown owner - C:\www\serveur\wamp\apache2\bin\Apache.exe" -k runservice (file missing)

Voila, perso j'vois rien de bizarre, excepté le "(file missing)" mais mon papache marche.

[snooky]

Le rapport est clean .

[cariboubis]

Bonjour à tous,

voici les résultats de mon log, quelqu'un peut-il me dire s'il y a quelque chose d'inquiétant?

Merci d'avance.

Logfile of HijackThis v1.99.1

Scan saved at 11:33:19, on 13/08/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Logitech\iTouch\iTouch.exe

C:\WINDOWS\vsnpstd2.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINDOWS\system32\P2P Networking\P2P Networking.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\eMule\emule.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Program Files\vso\DivxToDVD\DivxToDVD.exe

C:\Program Files\vso\DivxToDVD\DivxToDVD.exe

C:\Program Files\vso\DivxToDVD\DivxToDVD.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\CCleaner\ccleaner.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE

O4 - HKLM\..\Run: [sNPSTD2] C:\WINDOWS\vsnpstd2.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [semanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe

O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/upl...ileUploader.cab

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{03680237-2A17-4290-99E5-F39D9B7D28BA}: NameServer = 84.103.237.144 86.64.145.144

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll

O20 - AppInit_DLLs: MsgPlusLoader.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

[koskoz]

Snooky, t'as sauté mon rapport

[snooky]

@ Koskov :

le rapport .

O4 - Global Startup: DSLMON.lnk = D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

Moniteur " inutile " . C'est tout .

++

[guymauve]

Snooky je crois que tu as sauté mon 2ème rapport

Merci à toi.

[snooky]

le rapport , guymauve .

[guymauve]

Grand merci à toi Ô maître.

[maxsims1]

A part KAV, c'est quoi le ou les logiciels utiles en complément de KAV ?

Un cerveau ?

Et pour AVS, il n'y as rien besoin d'autre non plus ?

[snooky]

C'est valable pour n'importe quel logiciel , mais pour d'autres choses aussi .

[maxsims1]

Oui

Mais AVS, utilisant le moteur de kaspersky (un bon v12, au moins), mais ayant quelques fonctionnalités en moins, a-t-il besoin de a-squared, Spybot, ad-aware, spyware blaster, blacklignt anti-rootkit... ?

[snooky]

NON !

Il te faut :

Ceci

AVS , par exemple.

Un firewall.