log hijackthis

MAC GYVER

23/08/2006 à 13:34

"christellem14" a écrit dans le
message de news:

bjr
sous vos conseils, afin de voir d ou venait mon probleme de fenetres
intempestive, j ai sauvegarder un log hijackthis mais je ne sais pas quoi
en

faire maintenant
si vous pouviez m aider encore svp ce serait cool!!!
expliquez moi en detail si possible ..
merci
--
christellem14

Bonjour,
VOus pouvez le coller ici pour que l'on vous oriente, ou alors le faire vous
même en faisant un coller du log dans :

http://www.hijackthis.de

JF

23/08/2006 à 13:52

*Bonjour christellem14* !
news:

| bjr
| sous vos conseils, afin de voir d ou venait mon probleme de fenetres
| intempestive, j ai sauvegarder un log hijackthis mais je ne sais pas quoi
| en faire maintenant
| si vous pouviez m aider encore svp ce serait cool!!!
| expliquez moi en detail si possible ..
| merci

On ne t'as pas tout dit ?

TUTOS
Ce qu'il faut faire avant de poster un rapport HijackThis
http://forum.telecharger.01net.com/microhebdo/questions_techniques_diverses/securite/procedure_a_faire_avant_de_poster_un_rapport_HIJACKTHIS-319942/messages-1.html
Tutorial d'interprétation des listes d'HijackThis
www.zebulon.fr/articles/HijackThis.php
www.zebulon.fr/articles/analyse-rapports-hijack-this-1.php
ANALYSES ASSISTÉES
www.hijackthis.de/fr
C'est incomplet mais reste utile.

--
1- Salutations, Jean-François :o)
2- Index du site de PN : http://www.d2i.ch/pn/az
3- Montrez vos écrans : http://fspsa.free.fr/copiecran.htm
4- Outlook Express: Suivez vos fils avec [CTL+H]

christellem14

25/08/2006 à 11:22

Logfile of HijackThis v1.99.1
Scan saved at 13:11:55, on 23/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
c:program filesmcafee.comagentmcdetect.exe
c:PROGRA~1mcafee.comvsomcshield.exe
c:PROGRA~1mcafee.comagentmctskshd.exe
c:PROGRA~1mcafee.comvsoOasClnt.exe
c:program filesmcafee.comvsomcvsshld.exe
c:progra~1mcafee.comvsomcvsescn.exe
c:program filesmcafee.comagentmcagent.exe
C:PROGRA~1McAfee.comPERSON~1MpfService.exe
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesHome CinemaPowerCinemaPCMService.exe
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:Program FilesHPhpcoretechhpcmpmgr.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesJavajre1.5.0_06binjusched.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Program FilesMessengerPlus! 3MsgPlus.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesHpHP Software UpdateHPWuSchd2.exe
C:Program Filesoneclickoneclick.exe
C:WINDOWSSystem32LVCOMSX.EXE
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesAheadInCDInCD.exe
C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
C:PROGRA~1mcafee.commpsmscifapp.exe
C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
C:Program FilesPinnacleShared FilesProgramsRemoteRemoterm.exe
C:Program FilesMessengermsmsgs.exe
C:program filesmailskinnermailskinner.exe
C:Program FilesBilliontonLogiciel BluetoothBTTray.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:WINDOWSSystem32nvsvc32.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesADSL AutoconnectADSL Autoconnect.exe
C:PROGRA~1COMMON~1X10Commonx10nets.exe
C:PROGRA~1McAfee.comPERSON~1MpfAgent.exe
C:Program FilesPinnacleShared FilesProgramsPclePvrVideoControl.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesHijackthis Version Françaisehijackthis vf.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://www.wanadoo.fr/go/page_recherche/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.wanadoo.fr
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} -
C:PROGRA~1WanadooSEARCH~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat
7.0ActiveXAcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} -
c:program filesmcafee.commpsmcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} -
c:program filesmcafee.commpspopupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter -
{41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:program
filesmcafeespamkillermcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:Program FilesMSN
AppsST1.03.0000.1005en-xustmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program
FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O3 - Toolbar: (no name) - {00000000-5736-4205-0008-f7ed0776fb27} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [PCMService] "C:Program FilesHome
CinemaPowerCinemaPCMService.exe"
O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1WanadooCnxMon.exe
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [HP Component Manager] "C:Program
FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessengerPlus!
3MsgPlus.exe"
O4 - HKLM..Run: [HP Software Update] C:Program FilesHpHP Software
UpdateHPWuSchd2.exe
O4 - HKLM..Run: [OneClick] "C:Program Filesoneclickoneclick.exe"
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSSystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] C:Program
FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program
FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [VSOCheckTask] "C:PROGRA~1McAfee.comVSOmcmnhdlr.exe"
/checktask
O4 - HKLM..Run: [VirusScan Online] C:Program
FilesMcAfee.comVSOmcvsshld.exe
O4 - HKLM..Run: [OASClnt] C:Program FilesMcAfee.comVSOoasclnt.exe
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] c:PROGRA~1mcafee.comagentmcupdate.exe
O4 - HKLM..Run: [MPFExe] C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
O4 - HKLM..Run: [MPSExe] c:PROGRA~1mcafee.commpsmscifapp.exe /embedding
O4 - HKLM..Run: [MSKAGENTEXE] C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
O4 - HKLM..Run: [MSKDetectorExe] C:PROGRA~1McAfeeSPAMKI~1MSKDetct.exe
/startup
O4 - HKLM..Run: [PinnacleDriverCheck] C:WINDOWSsystem32PSDrvCheck.exe
-CheckReg
O4 - HKLM..Run: [PMCRemote] C:Program FilesPinnacleShared
FilesProgramsRemoteRemoterm.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program
FilesLogitechVideoManifestEngine.exe" boot
O4 - HKCU..Run: [NBJ] "C:Program FilesAheadNero BackItUpNBJ.exe"
O4 - HKCU..Run: [MailSkinner] c:program filesmailskinnermailskinner.exe
O4 - HKCU..Run: [updateMgr] "C:Program FilesAdobeAcrobat
7.0ReaderAdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program
FilesHPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais -
res://c:program filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesBilliontonLogiciel Bluetoothbtsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:program
filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:program
filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:program
filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le
cache Google - res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} -
c:program filesmcafeespamkillermcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter -
{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:program
filesmcafeespamkillermcapfbho.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F}
- C:Program FilesBilliontonLogiciel Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesBilliontonLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) -
http://www.1-click.com/common/files/installer-hidden-test.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM
ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) -
https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.real.com/18a9d9c28203e84e4a17/netzip/RdxIE601_fr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155234698421
O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} -
http://scripts.dlv4.com/binaries/IA/svcia32_FR_XP.cab
O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} -
http://dx.mastacash.com/loader.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader
3.5 Combo Control) -
http://www.colorclub.fr/Components/Upload/ImageUploader3.cab
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} -
http://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall_fr.cab
O16 - DPF: {BB87C3EA-AFC2-401F-84E8-0C166F2B0DA3} (OggPlayer Class) -
http://www.one2one.com/static/class/WMOggPlayer.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,20/mcgdmgr.cab
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} -
http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O16 - DPF: {F4653484-F38C-455F-BB15-1175E527754E} (VideoProducer Class) -
http://www.jointheorgy.com/static/class/webcam_ie6/webcam2.cab
O17 -
HKLMSystemCCSServicesTcpip..{CFCCED59-6F88-4BCF-BD93-7F47F527097A}:
NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: ADSLAutoconnect - Unknown owner - C:Program FilesADSL
AutoconnectADSL Autoconnect.exe" -z (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program
FilesAheadInCDInCDsrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
c:program filesmcafee.comagentmcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
c:PROGRA~1mcafee.comagentmctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
Corporation - C:PROGRA~1McAfee.comPERSON~1MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. -
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 -
C:PROGRA~1COMMON~1X10Commonx10nets.exe

voila
merci bcp de m aider
--
christellem14

"christellem14" a écrit dans le
message de news:
bjr
sous vos conseils, afin de voir d ou venait mon probleme de fenetres
intempestive, j ai sauvegarder un log hijackthis mais je ne sais pas quoi
en

faire maintenant
si vous pouviez m aider encore svp ce serait cool!!!
expliquez moi en detail si possible ..
merci
--
christellem14

Bonjour,
VOus pouvez le coller ici pour que l'on vous oriente, ou alors le faire vous
même en faisant un coller du log dans :

http://www.hijackthis.de

Logfile of HijackThis v1.99.1
Scan saved at 13:11:55, on 23/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
c:program filesmcafee.comagentmcdetect.exe
c:PROGRA~1mcafee.comvsomcshield.exe
c:PROGRA~1mcafee.comagentmctskshd.exe
c:PROGRA~1mcafee.comvsoOasClnt.exe
c:program filesmcafee.comvsomcvsshld.exe
c:progra~1mcafee.comvsomcvsescn.exe
c:program filesmcafee.comagentmcagent.exe
C:PROGRA~1McAfee.comPERSON~1MpfService.exe
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesHome CinemaPowerCinemaPCMService.exe
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:Program FilesHPhpcoretechhpcmpmgr.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesJavajre1.5.0_06binjusched.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Program FilesMessengerPlus! 3MsgPlus.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesHpHP Software UpdateHPWuSchd2.exe
C:Program Filesoneclickoneclick.exe
C:WINDOWSSystem32LVCOMSX.EXE
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesAheadInCDInCD.exe
C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
C:PROGRA~1mcafee.commpsmscifapp.exe
C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
C:Program FilesPinnacleShared FilesProgramsRemoteRemoterm.exe
C:Program FilesMessengermsmsgs.exe
C:program filesmailskinnermailskinner.exe
C:Program FilesBilliontonLogiciel BluetoothBTTray.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:WINDOWSSystem32nvsvc32.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesADSL AutoconnectADSL Autoconnect.exe
C:PROGRA~1COMMON~1X10Commonx10nets.exe
C:PROGRA~1McAfee.comPERSON~1MpfAgent.exe
C:Program FilesPinnacleShared FilesProgramsPclePvrVideoControl.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesHijackthis Version Françaisehijackthis vf.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://www.wanadoo.fr/go/page_recherche/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.wanadoo.fr
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} -
C:PROGRA~1WanadooSEARCH~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat
7.0ActiveXAcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} -
c:program filesmcafee.commpsmcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} -
c:program filesmcafee.commpspopupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter -
{41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:program
filesmcafeespamkillermcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:Program FilesMSN
AppsST1.03.0000.1005en-xustmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program
FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O3 - Toolbar: (no name) - {00000000-5736-4205-0008-f7ed0776fb27} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [PCMService] "C:Program FilesHome
CinemaPowerCinemaPCMService.exe"
O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1WanadooCnxMon.exe
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [HP Component Manager] "C:Program
FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessengerPlus!
3MsgPlus.exe"
O4 - HKLM..Run: [HP Software Update] C:Program FilesHpHP Software
UpdateHPWuSchd2.exe
O4 - HKLM..Run: [OneClick] "C:Program Filesoneclickoneclick.exe"
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSSystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] C:Program
FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program
FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [VSOCheckTask] "C:PROGRA~1McAfee.comVSOmcmnhdlr.exe"
/checktask
O4 - HKLM..Run: [VirusScan Online] C:Program
FilesMcAfee.comVSOmcvsshld.exe
O4 - HKLM..Run: [OASClnt] C:Program FilesMcAfee.comVSOoasclnt.exe
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] c:PROGRA~1mcafee.comagentmcupdate.exe
O4 - HKLM..Run: [MPFExe] C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
O4 - HKLM..Run: [MPSExe] c:PROGRA~1mcafee.commpsmscifapp.exe /embedding
O4 - HKLM..Run: [MSKAGENTEXE] C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
O4 - HKLM..Run: [MSKDetectorExe] C:PROGRA~1McAfeeSPAMKI~1MSKDetct.exe
/startup
O4 - HKLM..Run: [PinnacleDriverCheck] C:WINDOWSsystem32PSDrvCheck.exe
-CheckReg
O4 - HKLM..Run: [PMCRemote] C:Program FilesPinnacleShared
FilesProgramsRemoteRemoterm.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program
FilesLogitechVideoManifestEngine.exe" boot
O4 - HKCU..Run: [NBJ] "C:Program FilesAheadNero BackItUpNBJ.exe"
O4 - HKCU..Run: [MailSkinner] c:program filesmailskinnermailskinner.exe
O4 - HKCU..Run: [updateMgr] "C:Program FilesAdobeAcrobat
7.0ReaderAdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program
FilesHPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais -
res://c:program filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesBilliontonLogiciel Bluetoothbtsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:program
filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:program
filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:program
filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le
cache Google - res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} -
c:program filesmcafeespamkillermcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter -
{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:program
filesmcafeespamkillermcapfbho.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F}
- C:Program FilesBilliontonLogiciel Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesBilliontonLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) -
http://www.1-click.com/common/files/installer-hidden-test.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM
ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) -
https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.real.com/18a9d9c28203e84e4a17/netzip/RdxIE601_fr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155234698421
O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} -
http://scripts.dlv4.com/binaries/IA/svcia32_FR_XP.cab
O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} -
http://dx.mastacash.com/loader.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader
3.5 Combo Control) -
http://www.colorclub.fr/Components/Upload/ImageUploader3.cab
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} -
http://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall_fr.cab
O16 - DPF: {BB87C3EA-AFC2-401F-84E8-0C166F2B0DA3} (OggPlayer Class) -
http://www.one2one.com/static/class/WMOggPlayer.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,20/mcgdmgr.cab
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} -
http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O16 - DPF: {F4653484-F38C-455F-BB15-1175E527754E} (VideoProducer Class) -
http://www.jointheorgy.com/static/class/webcam_ie6/webcam2.cab
O17 -
HKLMSystemCCSServicesTcpip..{CFCCED59-6F88-4BCF-BD93-7F47F527097A}:
NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: ADSLAutoconnect - Unknown owner - C:Program FilesADSL
AutoconnectADSL Autoconnect.exe" -z (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program
FilesAheadInCDInCDsrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
c:program filesmcafee.comagentmcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
c:PROGRA~1mcafee.comagentmctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
Corporation - C:PROGRA~1McAfee.comPERSON~1MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. -
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 -
C:PROGRA~1COMMON~1X10Commonx10nets.exe

voila
merci bcp de m aider
--
christellem14

"christellem14" <christellem14@discussions.microsoft.com> a écrit dans le
message de news: A5D3D2DA-23F0-496B-A310-C0E976F11524@microsoft.com...

bjr
sous vos conseils, afin de voir d ou venait mon probleme de fenetres
intempestive, j ai sauvegarder un log hijackthis mais je ne sais pas quoi
en

faire maintenant
si vous pouviez m aider encore svp ce serait cool!!!
expliquez moi en detail si possible ..
merci
--
christellem14

Bonjour,
VOus pouvez le coller ici pour que l'on vous oriente, ou alors le faire vous
même en faisant un coller du log dans :

http://www.hijackthis.de

Vous avez filtré cet utilisateur ! Consultez son message

Logfile of HijackThis v1.99.1
Scan saved at 13:11:55, on 23/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
c:program filesmcafee.comagentmcdetect.exe
c:PROGRA~1mcafee.comvsomcshield.exe
c:PROGRA~1mcafee.comagentmctskshd.exe
c:PROGRA~1mcafee.comvsoOasClnt.exe
c:program filesmcafee.comvsomcvsshld.exe
c:progra~1mcafee.comvsomcvsescn.exe
c:program filesmcafee.comagentmcagent.exe
C:PROGRA~1McAfee.comPERSON~1MpfService.exe
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesHome CinemaPowerCinemaPCMService.exe
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:Program FilesHPhpcoretechhpcmpmgr.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesJavajre1.5.0_06binjusched.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Program FilesMessengerPlus! 3MsgPlus.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesHpHP Software UpdateHPWuSchd2.exe
C:Program Filesoneclickoneclick.exe
C:WINDOWSSystem32LVCOMSX.EXE
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesAheadInCDInCD.exe
C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
C:PROGRA~1mcafee.commpsmscifapp.exe
C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
C:Program FilesPinnacleShared FilesProgramsRemoteRemoterm.exe
C:Program FilesMessengermsmsgs.exe
C:program filesmailskinnermailskinner.exe
C:Program FilesBilliontonLogiciel BluetoothBTTray.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:WINDOWSSystem32nvsvc32.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesADSL AutoconnectADSL Autoconnect.exe
C:PROGRA~1COMMON~1X10Commonx10nets.exe
C:PROGRA~1McAfee.comPERSON~1MpfAgent.exe
C:Program FilesPinnacleShared FilesProgramsPclePvrVideoControl.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesHijackthis Version Françaisehijackthis vf.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://www.wanadoo.fr/go/page_recherche/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.wanadoo.fr
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} -
C:PROGRA~1WanadooSEARCH~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat
7.0ActiveXAcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} -
c:program filesmcafee.commpsmcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} -
c:program filesmcafee.commpspopupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter -
{41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:program
filesmcafeespamkillermcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:Program FilesMSN
AppsST1.03.0000.1005en-xustmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program
FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O3 - Toolbar: (no name) - {00000000-5736-4205-0008-f7ed0776fb27} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [PCMService] "C:Program FilesHome
CinemaPowerCinemaPCMService.exe"
O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1WanadooCnxMon.exe
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [HP Component Manager] "C:Program
FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessengerPlus!
3MsgPlus.exe"
O4 - HKLM..Run: [HP Software Update] C:Program FilesHpHP Software
UpdateHPWuSchd2.exe
O4 - HKLM..Run: [OneClick] "C:Program Filesoneclickoneclick.exe"
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSSystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] C:Program
FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program
FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [VSOCheckTask] "C:PROGRA~1McAfee.comVSOmcmnhdlr.exe"
/checktask
O4 - HKLM..Run: [VirusScan Online] C:Program
FilesMcAfee.comVSOmcvsshld.exe
O4 - HKLM..Run: [OASClnt] C:Program FilesMcAfee.comVSOoasclnt.exe
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] c:PROGRA~1mcafee.comagentmcupdate.exe
O4 - HKLM..Run: [MPFExe] C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
O4 - HKLM..Run: [MPSExe] c:PROGRA~1mcafee.commpsmscifapp.exe /embedding
O4 - HKLM..Run: [MSKAGENTEXE] C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
O4 - HKLM..Run: [MSKDetectorExe] C:PROGRA~1McAfeeSPAMKI~1MSKDetct.exe
/startup
O4 - HKLM..Run: [PinnacleDriverCheck] C:WINDOWSsystem32PSDrvCheck.exe
-CheckReg
O4 - HKLM..Run: [PMCRemote] C:Program FilesPinnacleShared
FilesProgramsRemoteRemoterm.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program
FilesLogitechVideoManifestEngine.exe" boot
O4 - HKCU..Run: [NBJ] "C:Program FilesAheadNero BackItUpNBJ.exe"
O4 - HKCU..Run: [MailSkinner] c:program filesmailskinnermailskinner.exe
O4 - HKCU..Run: [updateMgr] "C:Program FilesAdobeAcrobat
7.0ReaderAdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program
FilesHPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais -
res://c:program filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesBilliontonLogiciel Bluetoothbtsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:program
filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:program
filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:program
filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le
cache Google - res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} -
c:program filesmcafeespamkillermcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter -
{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:program
filesmcafeespamkillermcapfbho.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F}
- C:Program FilesBilliontonLogiciel Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesBilliontonLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) -
http://www.1-click.com/common/files/installer-hidden-test.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM
ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) -
https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.real.com/18a9d9c28203e84e4a17/netzip/RdxIE601_fr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155234698421
O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} -
http://scripts.dlv4.com/binaries/IA/svcia32_FR_XP.cab
O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} -
http://dx.mastacash.com/loader.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader
3.5 Combo Control) -
http://www.colorclub.fr/Components/Upload/ImageUploader3.cab
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} -
http://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall_fr.cab
O16 - DPF: {BB87C3EA-AFC2-401F-84E8-0C166F2B0DA3} (OggPlayer Class) -
http://www.one2one.com/static/class/WMOggPlayer.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,20/mcgdmgr.cab
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} -
http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O16 - DPF: {F4653484-F38C-455F-BB15-1175E527754E} (VideoProducer Class) -
http://www.jointheorgy.com/static/class/webcam_ie6/webcam2.cab
O17 -
HKLMSystemCCSServicesTcpip..{CFCCED59-6F88-4BCF-BD93-7F47F527097A}:
NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: ADSLAutoconnect - Unknown owner - C:Program FilesADSL
AutoconnectADSL Autoconnect.exe" -z (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program
FilesAheadInCDInCDsrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
c:program filesmcafee.comagentmcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
c:PROGRA~1mcafee.comagentmctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
Corporation - C:PROGRA~1McAfee.comPERSON~1MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. -
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 -
C:PROGRA~1COMMON~1X10Commonx10nets.exe

voila
merci bcp de m aider
--
christellem14

"christellem14" a écrit dans le
message de news:
bjr
sous vos conseils, afin de voir d ou venait mon probleme de fenetres
intempestive, j ai sauvegarder un log hijackthis mais je ne sais pas quoi
en

faire maintenant
si vous pouviez m aider encore svp ce serait cool!!!
expliquez moi en detail si possible ..
merci
--
christellem14

Bonjour,
VOus pouvez le coller ici pour que l'on vous oriente, ou alors le faire vous
même en faisant un coller du log dans :

http://www.hijackthis.de

Jacquouille la Fripouille

25/08/2006 à 11:36

*Bonjour christellem14*
Dans news:, tu as
tapoté sur ton clavier pour écrire :

Logfile of HijackThis v1.99.1
Scan saved at 13:11:55, on 23/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Voici le résultat :

http://www.hijackthis.de/logfiles/67daca4fabefed4330c3f24ecf9009ee.html
"Fixe" déjà tout ce qui est méchant (point d'exclamation rouge).
--
Jacquouille la Fripouille

christellem14

25/08/2006 à 12:05

bjr
peux tu m expliquer comment on fait ,stp!!
merci d avance
--
christellem14

*Bonjour christellem14*
Dans news:, tu as
tapoté sur ton clavier pour écrire :

Logfile of HijackThis v1.99.1
Scan saved at 13:11:55, on 23/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Voici le résultat :

http://www.hijackthis.de/logfiles/67daca4fabefed4330c3f24ecf9009ee.html
"Fixe" déjà tout ce qui est méchant (point d'exclamation rouge).
--
Jacquouille la Fripouille

Jacquouille la Fripouille

25/08/2006 à 13:00

*Bonjour christellem14*
Dans news:, tu as
tapoté sur ton clavier pour écrire :

bjr
peux tu m expliquer comment on fait ,stp!!
merci d avance

Tu fais ton scan sans log,
tu repères et tu coches les lignes à supprimer.
Tu cliques sur "Fix checked", puis Oui.
Ne te trompe pas dans les lignes à supprimer !
--
Jacquouille la Fripouille

christellem14

25/08/2006 à 16:41

bjr
j ai tjr les fenetres qui s ouvrent meme apres avoir fait tout ca!!!
je fais quoi maintenant?
merci
--
christellem14

*Bonjour christellem14* !
news:

| bjr
| sous vos conseils, afin de voir d ou venait mon probleme de fenetres
| intempestive, j ai sauvegarder un log hijackthis mais je ne sais pas quoi
| en faire maintenant
| si vous pouviez m aider encore svp ce serait cool!!!
| expliquez moi en detail si possible ..
| merci

On ne t'as pas tout dit ?

TUTOS
Ce qu'il faut faire avant de poster un rapport HijackThis
http://forum.telecharger.01net.com/microhebdo/questions_techniques_diverses/securite/procedure_a_faire_avant_de_poster_un_rapport_HIJACKTHIS-319942/messages-1.html
Tutorial d'interprétation des listes d'HijackThis
www.zebulon.fr/articles/HijackThis.php
www.zebulon.fr/articles/analyse-rapports-hijack-this-1.php
ANALYSES ASSISTÉES
www.hijackthis.de/fr
C'est incomplet mais reste utile.

--
1- Salutations, Jean-François :o)
2- Index du site de PN : http://www.d2i.ch/pn/az
3- Montrez vos écrans : http://fspsa.free.fr/copiecran.htm
4- Outlook Express: Suivez vos fils avec [CTL+H]

JF

25/08/2006 à 17:25

*Bonjour christellem14* !
news:

| bjr
| j ai tjr les fenetres qui s ouvrent meme apres avoir fait tout ca!!!
| je fais quoi maintenant?

Tout ça quoi ?
Tu recolles un HJT pour que les spécialistes regardent s'il reste un malware
ou un BHO.
Essaie de donner des infos sur les fenêtres, une capture d'écran par
exemple.

--
1- Salutations, Jean-François :o)
2- Index du site de PN : http://www.d2i.ch/pn/az
3- Montrez vos écrans : http://fspsa.free.fr/copiecran.htm
4- Outlook Express: Suivez vos fils avec [CTL+H]

christellem14

25/08/2006 à 18:08

Tu recolles un HJT pour que les spécialistes regardent s'il reste un malware
ou un BHO.

voila un nouveau log

Logfile of HijackThis v1.99.1
Scan saved at 17:51:09, on 25/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
c:program filesmcafee.comagentmcdetect.exe
c:PROGRA~1mcafee.comvsomcshield.exe
c:PROGRA~1mcafee.comagentmctskshd.exe
c:PROGRA~1mcafee.comvsoOasClnt.exe
c:program filesmcafee.comvsomcvsshld.exe
c:progra~1mcafee.comvsomcvsescn.exe
C:PROGRA~1McAfee.comPERSON~1MpfService.exe
c:program filesmcafee.comagentmcagent.exe
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
C:WINDOWSsystem32RunDll32.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesHome CinemaPowerCinemaPCMService.exe
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:Program FilesHPhpcoretechhpcmpmgr.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesJavajre1.5.0_06binjusched.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Program FilesMessengerPlus! 3MsgPlus.exe
C:Program FilesHpHP Software UpdateHPWuSchd2.exe
C:WINDOWSSystem32LVCOMSX.EXE
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesAheadInCDInCD.exe
C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
C:PROGRA~1mcafee.commpsmscifapp.exe
C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
C:Program FilesPinnacleShared FilesProgramsRemoteRemoterm.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesBilliontonLogiciel BluetoothBTTray.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:WINDOWSSystem32nvsvc32.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesADSL AutoconnectADSL Autoconnect.exe
C:PROGRA~1COMMON~1X10Commonx10nets.exe
C:PROGRA~1McAfee.comPERSON~1MpfAgent.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesHijackthis Version Françaisehijackthis vf.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://www.wanadoo.fr/go/page_recherche/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.wanadoo.fr
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} -
C:PROGRA~1WanadooSEARCH~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat
7.0ActiveXAcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} -
c:program filesmcafee.commpsmcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} -
c:program filesmcafee.commpspopupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter -
{41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:program
filesmcafeespamkillermcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program
FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [PCMService] "C:Program FilesHome
CinemaPowerCinemaPCMService.exe"
O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1WanadooCnxMon.exe
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [HP Component Manager] "C:Program
FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessengerPlus!
3MsgPlus.exe"
O4 - HKLM..Run: [HP Software Update] C:Program FilesHpHP Software
UpdateHPWuSchd2.exe
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSSystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] C:Program
FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program
FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [VSOCheckTask] "C:PROGRA~1McAfee.comVSOmcmnhdlr.exe"
/checktask
O4 - HKLM..Run: [VirusScan Online] C:Program
FilesMcAfee.comVSOmcvsshld.exe
O4 - HKLM..Run: [OASClnt] C:Program FilesMcAfee.comVSOoasclnt.exe
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comagentMcUpdate.exe
O4 - HKLM..Run: [MPFExe] C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
O4 - HKLM..Run: [MPSExe] c:PROGRA~1mcafee.commpsmscifapp.exe /embedding
O4 - HKLM..Run: [MSKAGENTEXE] C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
O4 - HKLM..Run: [MSKDetectorExe] C:PROGRA~1McAfeeSPAMKI~1MSKDetct.exe
/startup
O4 - HKLM..Run: [PinnacleDriverCheck] C:WINDOWSsystem32PSDrvCheck.exe
-CheckReg
O4 - HKLM..Run: [PMCRemote] C:Program FilesPinnacleShared
FilesProgramsRemoteRemoterm.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program
FilesLogitechVideoManifestEngine.exe" boot
O4 - HKCU..Run: [NBJ] "C:Program FilesAheadNero BackItUpNBJ.exe"
O4 - HKCU..Run: [updateMgr] "C:Program FilesAdobeAcrobat
7.0ReaderAdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessengerPlus!
3MsgPlus.exe" /WinStart
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program
FilesHPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais -
res://c:program filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesBilliontonLogiciel Bluetoothbtsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:program
filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:program
filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:program
filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le
cache Google - res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} -
c:program filesmcafeespamkillermcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter -
{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:program
filesmcafeespamkillermcapfbho.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F}
- C:Program FilesBilliontonLogiciel Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesBilliontonLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) -
https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.real.com/18a9d9c28203e84e4a17/netzip/RdxIE601_fr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155234698421
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,20/mcgdmgr.cab
O17 -
HKLMSystemCCSServicesTcpip..{CFCCED59-6F88-4BCF-BD93-7F47F527097A}:
NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: ADSLAutoconnect - Unknown owner - C:Program FilesADSL
AutoconnectADSL Autoconnect.exe" -z (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program
FilesAheadInCDInCDsrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
c:program filesmcafee.comagentmcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
c:PROGRA~1mcafee.comagentmctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
Corporation - C:PROGRA~1McAfee.comPERSON~1MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. -
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 -
C:PROGRA~1COMMON~1X10Commonx10nets.exe

Essaie de donner des infos sur les fenêtres, une capture d'écran par
exemple.

en voici 3 qui se sont ouverts PENDANT les manip de capture d ecran :

http://www.image-dream.com/image.php?image[746689ccf1e664c9eb21ba10fcb001.jpg&pseudo=anonym
http://www.image-dream.com/image.php?image:a9b2ac6940c5a4b7c281ff44ea81b3.jpg&pseudo=anonym
http://www.image-dream.com/image.php?imagee4fca20234d6246cfe8f031ee58d40.jpg&pseudo=anonym

bon j arrete car a chaque fois que j ouvre une fenetre internet une fenetre
publicitaire nouvelle s ouvre

christellem14

Tu recolles un HJT pour que les spécialistes regardent s'il reste un malware
ou un BHO.

voila un nouveau log

Logfile of HijackThis v1.99.1
Scan saved at 17:51:09, on 25/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
c:program filesmcafee.comagentmcdetect.exe
c:PROGRA~1mcafee.comvsomcshield.exe
c:PROGRA~1mcafee.comagentmctskshd.exe
c:PROGRA~1mcafee.comvsoOasClnt.exe
c:program filesmcafee.comvsomcvsshld.exe
c:progra~1mcafee.comvsomcvsescn.exe
C:PROGRA~1McAfee.comPERSON~1MpfService.exe
c:program filesmcafee.comagentmcagent.exe
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
C:WINDOWSsystem32RunDll32.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesHome CinemaPowerCinemaPCMService.exe
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:Program FilesHPhpcoretechhpcmpmgr.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesJavajre1.5.0_06binjusched.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Program FilesMessengerPlus! 3MsgPlus.exe
C:Program FilesHpHP Software UpdateHPWuSchd2.exe
C:WINDOWSSystem32LVCOMSX.EXE
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesAheadInCDInCD.exe
C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
C:PROGRA~1mcafee.commpsmscifapp.exe
C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
C:Program FilesPinnacleShared FilesProgramsRemoteRemoterm.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesBilliontonLogiciel BluetoothBTTray.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:WINDOWSSystem32nvsvc32.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesADSL AutoconnectADSL Autoconnect.exe
C:PROGRA~1COMMON~1X10Commonx10nets.exe
C:PROGRA~1McAfee.comPERSON~1MpfAgent.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesHijackthis Version Françaisehijackthis vf.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://www.wanadoo.fr/go/page_recherche/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.wanadoo.fr
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} -
C:PROGRA~1WanadooSEARCH~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat
7.0ActiveXAcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} -
c:program filesmcafee.commpsmcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} -
c:program filesmcafee.commpspopupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter -
{41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:program
filesmcafeespamkillermcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program
FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [PCMService] "C:Program FilesHome
CinemaPowerCinemaPCMService.exe"
O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1WanadooCnxMon.exe
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [HP Component Manager] "C:Program
FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessengerPlus!
3MsgPlus.exe"
O4 - HKLM..Run: [HP Software Update] C:Program FilesHpHP Software
UpdateHPWuSchd2.exe
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSSystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] C:Program
FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program
FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [VSOCheckTask] "C:PROGRA~1McAfee.comVSOmcmnhdlr.exe"
/checktask
O4 - HKLM..Run: [VirusScan Online] C:Program
FilesMcAfee.comVSOmcvsshld.exe
O4 - HKLM..Run: [OASClnt] C:Program FilesMcAfee.comVSOoasclnt.exe
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comagentMcUpdate.exe
O4 - HKLM..Run: [MPFExe] C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
O4 - HKLM..Run: [MPSExe] c:PROGRA~1mcafee.commpsmscifapp.exe /embedding
O4 - HKLM..Run: [MSKAGENTEXE] C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
O4 - HKLM..Run: [MSKDetectorExe] C:PROGRA~1McAfeeSPAMKI~1MSKDetct.exe
/startup
O4 - HKLM..Run: [PinnacleDriverCheck] C:WINDOWSsystem32PSDrvCheck.exe
-CheckReg
O4 - HKLM..Run: [PMCRemote] C:Program FilesPinnacleShared
FilesProgramsRemoteRemoterm.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program
FilesLogitechVideoManifestEngine.exe" boot
O4 - HKCU..Run: [NBJ] "C:Program FilesAheadNero BackItUpNBJ.exe"
O4 - HKCU..Run: [updateMgr] "C:Program FilesAdobeAcrobat
7.0ReaderAdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessengerPlus!
3MsgPlus.exe" /WinStart
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program
FilesHPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais -
res://c:program filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesBilliontonLogiciel Bluetoothbtsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:program
filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:program
filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:program
filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le
cache Google - res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} -
c:program filesmcafeespamkillermcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter -
{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:program
filesmcafeespamkillermcapfbho.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F}
- C:Program FilesBilliontonLogiciel Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesBilliontonLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) -
https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.real.com/18a9d9c28203e84e4a17/netzip/RdxIE601_fr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155234698421
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,20/mcgdmgr.cab
O17 -
HKLMSystemCCSServicesTcpip..{CFCCED59-6F88-4BCF-BD93-7F47F527097A}:
NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: ADSLAutoconnect - Unknown owner - C:Program FilesADSL
AutoconnectADSL Autoconnect.exe" -z (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program
FilesAheadInCDInCDsrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
c:program filesmcafee.comagentmcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
c:PROGRA~1mcafee.comagentmctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
Corporation - C:PROGRA~1McAfee.comPERSON~1MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. -
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 -
C:PROGRA~1COMMON~1X10Commonx10nets.exe

Essaie de donner des infos sur les fenêtres, une capture d'écran par
exemple.

en voici 3 qui se sont ouverts PENDANT les manip de capture d ecran :

http://www.image-dream.com/image.php?image[746689ccf1e664c9eb21ba10fcb001.jpg&pseudo=anonym
http://www.image-dream.com/image.php?image:a9b2ac6940c5a4b7c281ff44ea81b3.jpg&pseudo=anonym
http://www.image-dream.com/image.php?imagee4fca20234d6246cfe8f031ee58d40.jpg&pseudo=anonym

bon j arrete car a chaque fois que j ouvre une fenetre internet une fenetre
publicitaire nouvelle s ouvre

christellem14

Vous avez filtré cet utilisateur ! Consultez son message

Tu recolles un HJT pour que les spécialistes regardent s'il reste un malware
ou un BHO.

voila un nouveau log

Logfile of HijackThis v1.99.1
Scan saved at 17:51:09, on 25/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
c:program filesmcafee.comagentmcdetect.exe
c:PROGRA~1mcafee.comvsomcshield.exe
c:PROGRA~1mcafee.comagentmctskshd.exe
c:PROGRA~1mcafee.comvsoOasClnt.exe
c:program filesmcafee.comvsomcvsshld.exe
c:progra~1mcafee.comvsomcvsescn.exe
C:PROGRA~1McAfee.comPERSON~1MpfService.exe
c:program filesmcafee.comagentmcagent.exe
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
C:WINDOWSsystem32RunDll32.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesHome CinemaPowerCinemaPCMService.exe
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:Program FilesHPhpcoretechhpcmpmgr.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesJavajre1.5.0_06binjusched.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Program FilesMessengerPlus! 3MsgPlus.exe
C:Program FilesHpHP Software UpdateHPWuSchd2.exe
C:WINDOWSSystem32LVCOMSX.EXE
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesAheadInCDInCD.exe
C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
C:PROGRA~1mcafee.commpsmscifapp.exe
C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
C:Program FilesPinnacleShared FilesProgramsRemoteRemoterm.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesBilliontonLogiciel BluetoothBTTray.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:WINDOWSSystem32nvsvc32.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesADSL AutoconnectADSL Autoconnect.exe
C:PROGRA~1COMMON~1X10Commonx10nets.exe
C:PROGRA~1McAfee.comPERSON~1MpfAgent.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesHijackthis Version Françaisehijackthis vf.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://www.wanadoo.fr/go/page_recherche/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.wanadoo.fr
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} -
C:PROGRA~1WanadooSEARCH~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat
7.0ActiveXAcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} -
c:program filesmcafee.commpsmcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} -
c:program filesmcafee.commpspopupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter -
{41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:program
filesmcafeespamkillermcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:program filesgooglegoogletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -
c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program
FilesMSN AppsMSN ToolbarMSN Toolbar1.02.5000.1021frmsntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program
filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [PCMService] "C:Program FilesHome
CinemaPowerCinemaPCMService.exe"
O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1WanadooCnxMon.exe
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [HP Component Manager] "C:Program
FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessengerPlus!
3MsgPlus.exe"
O4 - HKLM..Run: [HP Software Update] C:Program FilesHpHP Software
UpdateHPWuSchd2.exe
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSSystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] C:Program
FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program
FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [VSOCheckTask] "C:PROGRA~1McAfee.comVSOmcmnhdlr.exe"
/checktask
O4 - HKLM..Run: [VirusScan Online] C:Program
FilesMcAfee.comVSOmcvsshld.exe
O4 - HKLM..Run: [OASClnt] C:Program FilesMcAfee.comVSOoasclnt.exe
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comagentMcUpdate.exe
O4 - HKLM..Run: [MPFExe] C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
O4 - HKLM..Run: [MPSExe] c:PROGRA~1mcafee.commpsmscifapp.exe /embedding
O4 - HKLM..Run: [MSKAGENTEXE] C:PROGRA~1McAfeeSPAMKI~1MskAgent.exe
O4 - HKLM..Run: [MSKDetectorExe] C:PROGRA~1McAfeeSPAMKI~1MSKDetct.exe
/startup
O4 - HKLM..Run: [PinnacleDriverCheck] C:WINDOWSsystem32PSDrvCheck.exe
-CheckReg
O4 - HKLM..Run: [PMCRemote] C:Program FilesPinnacleShared
FilesProgramsRemoteRemoterm.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program
FilesLogitechVideoManifestEngine.exe" boot
O4 - HKCU..Run: [NBJ] "C:Program FilesAheadNero BackItUpNBJ.exe"
O4 - HKCU..Run: [updateMgr] "C:Program FilesAdobeAcrobat
7.0ReaderAdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessengerPlus!
3MsgPlus.exe" /WinStart
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program
FilesHPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program
FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais -
res://c:program filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesBilliontonLogiciel Bluetoothbtsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:program
filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:program
filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:program
filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le
cache Google - res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} -
c:program filesmcafeespamkillermcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter -
{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:program
filesmcafeespamkillermcapfbho.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F}
- C:Program FilesBilliontonLogiciel Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesBilliontonLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) -
https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.real.com/18a9d9c28203e84e4a17/netzip/RdxIE601_fr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155234698421
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,20/mcgdmgr.cab
O17 -
HKLMSystemCCSServicesTcpip..{CFCCED59-6F88-4BCF-BD93-7F47F527097A}:
NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: ADSLAutoconnect - Unknown owner - C:Program FilesADSL
AutoconnectADSL Autoconnect.exe" -z (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesBilliontonLogiciel Bluetoothbinbtwdins.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program
FilesAheadInCDInCDsrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc -
c:program filesmcafee.comagentmcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. -
c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc -
c:PROGRA~1mcafee.comagentmctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee,
Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee
Corporation - C:PROGRA~1McAfee.comPERSON~1MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. -
C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 -
C:PROGRA~1COMMON~1X10Commonx10nets.exe

Essaie de donner des infos sur les fenêtres, une capture d'écran par
exemple.

en voici 3 qui se sont ouverts PENDANT les manip de capture d ecran :

http://www.image-dream.com/image.php?image[746689ccf1e664c9eb21ba10fcb001.jpg&pseudo=anonym
http://www.image-dream.com/image.php?image:a9b2ac6940c5a4b7c281ff44ea81b3.jpg&pseudo=anonym
http://www.image-dream.com/image.php?imagee4fca20234d6246cfe8f031ee58d40.jpg&pseudo=anonym

bon j arrete car a chaque fois que j ouvre une fenetre internet une fenetre
publicitaire nouvelle s ouvre

christellem14

JF

25/08/2006 à 19:10

*Bonjour christellem14* !
news:

|| Essaie de donner des infos sur les fenêtres, une capture d'écran par
|| exemple.
||
| en voici 3 qui se sont ouverts PENDANT les manip de capture d ecran :
|
http://www.image-dream.com/image.php?image[746689ccf1e664c9eb21ba10fcb001.jpg&pseudo=anonym
|
http://www.image-dream.com/image.php?image:a9b2ac6940c5a4b7c281ff44ea81b3.jpg&pseudo=anonym
|
http://www.image-dream.com/image.php?imagee4fca20234d6246cfe8f031ee58d40.jpg&pseudo=anonym
|
| bon j arrete car a chaque fois que j ouvre une fenetre internet une
| fenetre
| publicitaire nouvelle s ouvre
|
| christellem14

Les casinos sont des pièges à touristes.
Voici un exemple pour chercher des solutions en attendant que les
spécialistes se réveillent de leur sieste:
http://www.google.fr/search?hl=fr&q=navisearch&meta Continue ...
En dépannage utiliser Firefox:
http://www.gratilog.net/internet1.htm

--
1- Salutations, Jean-François :o)
2- Index du site de PN : http://www.d2i.ch/pn/az
3- Montrez vos écrans : http://fspsa.free.fr/copiecran.htm
4- Outlook Express: Suivez vos fils avec [CTL+H]

log hijackthis

10 réponses

Veuillez sélectionner un problème