lazagno

Merci !

1/ Kaspersky Antivirus indique : Une tentative du processus avec le PID 1560 obtention de l'acces au processus Kasperksy Antivirus 6.0 avec le PID 1148 a ete bloquee. Cela est le resultat de l'autodéfense. 2/ Ma vitesse de connection internet est vraiment tres basse alors que je suis en 8 Mo habituellement. Merci.

Bonjour, Pouvez-vous SVP analyser le log suivant ? Logfile of HijackThis v1.99.1 Scan saved at 20:58:55, on 14/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\Ati2evxx.exe I:\WINDOWS\system32\svchost.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\system32\Ati2evxx.exe I:\WINDOWS\Explorer.EXE I:\WINDOWS\system32\spoolsv.exe I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe I:\WINDOWS\system32\drivers\crauto.exe I:\WINDOWS\system32\drivers\IMountSRV.exe I:\Program Files\Mozy\mozybackup.exe I:\WINDOWS\system32\slserv.exe I:\WINDOWS\system32\svchost.exe I:\WINDOWS\SOUNDMAN.EXE I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe I:\Program Files\Java\jre1.5.0_10\bin\jusched.exe I:\Program Files\iTunes\iTunesHelper.exe I:\WINDOWS\system32\ctfmon.exe I:\Program Files\Skype\Phone\Skype.exe I:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe I:\Program Files\WinTV\Ir.exe I:\WINDOWS\System32\svchost.exe I:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe I:\Program Files\Mozy\mozystat.exe I:\Program Files\OpenOffice.org 2.0\program\soffice.exe I:\Program Files\OpenOffice.org 2.0\program\soffice.BIN I:\Program Files\iPod\bin\iPodService.exe I:\WINDOWS\system32\wuauclt.exe I:\Program Files\Mozilla Firefox\firefox.exe J:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Encrypted Disk Auto Mount] rundll32.exe edshell.dll,MountAll O4 - HKLM\..\Run: [kav] "I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [Easy-PrintToolBox] I:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [Phase One Media Reader] I:\PROGRA~1\PHASEO~1\CAPTUR~1\DCIMImp.exe /noscan /CheckAutoStart O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "I:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] I:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [updateMgr] "I:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [FolderShare] "I:\Program Files\FolderShare\FolderShare.exe" /background O4 - Startup: Adobe Gamma.lnk = I:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Mozy Status.lnk = I:\Program Files\Mozy\mozystat.exe O4 - Startup: OpenOffice.org 2.0.lnk = I:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: AutoStart IR.lnk = I:\Program Files\WinTV\Ir.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = I:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: cdefs - {B5F329B4-2BBD-48F5-ADAF-9EAF2AFE37B3} - I:\Program Files\Anuman Interactive\Train électrique 3D\monki.dll O18 - Protocol: schmap-help - {2CF664A0-5EA6-47B5-884C-433A60145F78} - I:\Program Files\Schmap\Schmap Player\SchmapDocLib.dll O20 - Winlogon Notify: klogon - I:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - I:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - I:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: crauto - Unknown owner - I:\WINDOWS\system32\drivers\crauto.exe O23 - Service: IMountSRV - Unknown owner - I:\WINDOWS\system32\drivers\IMountSRV.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozy Backup Service (MozyBackup) - Unknown owner - I:\Program Files\Mozy\mozybackup.exe O23 - Service: PMounter - Unknown owner - I:\WINDOWS\system32\PMounter.exe O23 - Service: SmartLinkService (SLService) - - I:\WINDOWS\SYSTEM32\slserv.exe Merci

Bonjour, Je suis sous ADSL Max de Neuf Telecom. Je n'ai plus de debit montant depuis quelques jours. J'ai effectue le log suivant avec HijackThis, pourriez-vous m'indiquer si quelque chose peut etre la consequence de ce probleme ? Merci, Lazagno ----- Logfile of HijackThis v1.99.1 Scan saved at 19:23:47, on 28/06/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe C:\Program Files\PyGrenouille\pygrenouille.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\drivers\crauto.exe C:\WINDOWS\system32\drivers\IMountSRV.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Propriétaire\Mes documents\Thomas\Téléchargements\HijackThis-1.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://urusupport.ubi.com/FR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize O4 - HKLM\..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [Encrypted Disk Auto Mount] rundll32.exe edshell.dll,MountAll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [instantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe O4 - HKCU\..\Run: [iW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /dropdisc O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PyGrenouille.lnk = C:\Program Files\PyGrenouille\pygrenouille.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .fpx: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll O12 - Plugin for .ivr: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{96D735AD-8DAB-46BB-9C16-A08A31645D29}: NameServer = 80.118.192.112 80.118.196.42 O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: crauto - Unknown owner - C:\WINDOWS\system32\drivers\crauto.exe O23 - Service: IMountSRV - Unknown owner - C:\WINDOWS\system32\drivers\IMountSRV.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: PMounter - Unknown owner - C:\WINDOWS\system32\PMounter.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe