Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

Rapport hijackthis

 

LOGICIELS : Peter07c et 2 utilisateurs anonymes
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

Rapport hijackthis

Prévenir les modérateurs en cas d'abus 
Maniaki
maniaki
  1. Posté le 12/11/2011 à 10:23:47  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Après une demi journée à chercher le problème je m'en remet à vous.
 J'ai fais un scan minutieux avec Ad-Aware et Spybot. Y'avait quelques trucs mais j'ai toujours un gros problème.

 En ce moment j'utilise le safe mode car quand je lance windows normalement au bout d'un certains il bloque et avant de bloquer il met très longtemps à lancer les programmes. Par exemple dès l'ouverture de windows je met de la musique ça marche mais au bout de deux minutes ça coupe régulièrement et au bout de 5min c'est bloqué.

 Le rapport :

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 10:06:04, on 12/11/2011
 Platform: Unknown Windows (WinNT 6.01.3505 SP1)
 MSIE: Unable to get Internet Explorer version!
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
 C:\Program Files\Common Files\Java\Java Update\jusched.exe
 C:\Program Files\Common Files\Intel\WirelessCommon\iFr​mewrk.exe
 C:\Program Files\TortoiseSVN\bin\TSVNCach​e.exe
 C:\Program Files\FeedReader30\feedreader.​exe
 C:\Windows\system32\taskhost.e​xe
 C:\Windows\system32\wbem\unsec​app.exe
 C:\Windows\system32\SearchFilt​erHost.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Program Files\Lavasoft\Ad-Aware\AAWTra​y.exe
 D:\Users\Mr\Downloads\HiJackTh​is.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://www.01net.com
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://encyclopedie.org
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,First Home Page = http://www.01net.com | http://www.telecharger.com | http://www.rmc.fr
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
 O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - (no file)
 O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
 O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFr​mewrk.exe" /tf Intel PAN Tray
 O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\Upd​aterStartupUtility.exe"
 O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManage​r\CS5.5ServiceManager.exe" -launchedbylogin
 O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\Switch​Board.exe
 O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files\FeedReader30\feedreader.​exe"
 O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Windows\System32\Presentati​onSettings.exe /start (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #0] C:\Windows\System32\Presentati​onSettings.exe /start (User 'Default user')
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\​REFIEBAR.DLL
 O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
 O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
 O15 - ESC Trusted Zone: http://*.update.microsoft.com
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O17 - HKLM\System\CCS\Services\Tcpip​\..\{513B5E8E-D123-44E3-8EAA-3​28B68222ADA}: NameServer = 0.0.0.0
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Sky​pe4COM.dll
 O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAm​pPalService.exe
 O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
 O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSe​curityMgr.exe
 O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
 O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.ex​e
 O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.ex​e
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWSer​vice.exe
 O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtse​rv.exe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDn​s.exe
 O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.de​s.exe (file missing)
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\Reg​Srvc.exe
 O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
 O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
 O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
 O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
 O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\Switch​Board.exe
 O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.1​1\bin\httpd.exe
 O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\​bin\mysqld.exe

 --
 End of file - 7059 bytes

maniaki
  1. Posté le 12/11/2011 à 10:42:16  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Voici un log quand ça commence à bug je ne sais pas si ça change quelques chose

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 10:30:48, on 12/11/2011
 Platform: Unknown Windows (WinNT 6.01.3505 SP1)
 MSIE: Unable to get Internet Explorer version!
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
 C:\Program Files\Common Files\Java\Java Update\jusched.exe
 C:\Program Files\Common Files\Intel\WirelessCommon\iFr​mewrk.exe
 C:\Program Files\TortoiseSVN\bin\TSVNCach​e.exe
 C:\Windows\system32\taskhost.e​xe
 C:\Windows\system32\wbem\unsec​app.exe
 D:\Users\Mr\Downloads\HiJackTh​is.exe
 C:\Program Files\Windows Media Player\wmplayer.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Windows\system32\wuauclt.ex​e
 C:\Windows\system32\SearchFilt​erHost.exe
 C:\Windows\system32\SearchProt​ocolHost.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://www.01net.com
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://encyclopedie.org
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,First Home Page = http://www.01net.com | http://www.telecharger.com | http://www.rmc.fr
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
 O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
 O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFr​mewrk.exe" /tf Intel PAN Tray
 O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\Upd​aterStartupUtility.exe"
 O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManage​r\CS5.5ServiceManager.exe" -launchedbylogin
 O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\Switch​Board.exe
 O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files\FeedReader30\feedreader.​exe"
 O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Windows\System32\Presentati​onSettings.exe /start (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #0] C:\Windows\System32\Presentati​onSettings.exe /start (User 'Default user')
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\​REFIEBAR.DLL
 O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
 O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
 O15 - ESC Trusted Zone: http://*.update.microsoft.com
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O17 - HKLM\System\CCS\Services\Tcpip​\..\{513B5E8E-D123-44E3-8EAA-3​28B68222ADA}: NameServer = 0.0.0.0
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Sky​pe4COM.dll
 O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAm​pPalService.exe
 O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
 O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSe​curityMgr.exe
 O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
 O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.ex​e
 O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.ex​e
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWSer​vice.exe
 O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtse​rv.exe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDn​s.exe
 O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.de​s.exe (file missing)
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\Reg​Srvc.exe
 O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
 O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
 O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
 O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
 O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\Switch​Board.exe
 O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.1​1\bin\httpd.exe
 O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\​bin\mysqld.exe

 --
 End of file - 6955 bytes

(Publicité)
monafo
  1. Posté le 31/03/2012 à 07:31:31  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
orLogfile of Trend Micro HijackThis v2.0.2
 Scan saved at 08:20:59, on 31/03/2012
 Platform: Windows Vista SP2 (WinNT 6.00.1906)
 MSIE: Internet Explorer v9.00 (9.00.8112.16421)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\Explorer.EXE
 C:\Windows\system32\taskeng.ex​e
 C:\WINDOWS\RtHDVCpl.exe
 C:\Program Files\Microsoft Security Client\msseces.exe
 C:\Program Files\Common Files\Java\Java Update\jusched.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Program Files\Logitech\Logitech Vid\Vid.exe
 C:\WINDOWS\ehome\ehtray.exe
 C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
 C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\MOM.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Windows\system32\wbem\unsec​app.exe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
 C:\Windows\system32\rundll32.e​xe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CCC.exe
 C:\Users\moncef\Downloads\hija​ckthis_telechargement_01net.ex​e
 C:\Windows\system32\conime.exe
 C:\Users\moncef\AppData\Local\​Temp\01net\HiJackThis.exe

 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: Avanquest FR - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
 O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe" MSRun
 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe"
 O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
 O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\moncef\AppData\Local​\Facebook\Update\FacebookUpdat​e.exe" /c /nocrashserver
 O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKCU\..\Run: [Google Update] "C:\Users\moncef\AppData\Local​\Google\Update\GoogleUpdate.ex​e" /c
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O6 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Restrictions present
 O6 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Control Panel present
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Off​ice12\EXCEL.EXE/3000
 O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Util​s\BabylonIEPI.dll/ActionTU.htm
 O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Util​s\BabylonIEPI.dll/Action.htm
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\Office12\​REFIEBAR.DLL
 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
 O13 - Gopher Prefix:
 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89​B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolH​andler.dll
 O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
 O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.e​xe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\105​0\Intel 32\IDriverT.exe
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv​.exe
 O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaD​B9.exe
 O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

 --
 End of file - 8041 bytes

monafo
  1. Posté le 31/03/2012 à 07:39:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 

Maniaki a écrit :

Voici un log quand ça commence à bug je ne sais pas si ça change quelques chose

 Logfile of Trend Micro HijackThis v2.0.2Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 08:39:29, on 31/03/2012
 Platform: Windows Vista SP2 (WinNT 6.00.1906)
 MSIE: Internet Explorer v9.00 (9.00.8112.16421)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\Explorer.EXE
 C:\WINDOWS\RtHDVCpl.exe
 C:\Program Files\Microsoft Security Client\msseces.exe
 C:\Program Files\Common Files\Java\Java Update\jusched.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Program Files\Logitech\Logitech Vid\Vid.exe
 C:\WINDOWS\ehome\ehtray.exe
 C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
 C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\MOM.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Windows\system32\wbem\unsec​app.exe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
 C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CCC.exe
 C:\Users\moncef\Downloads\hija​ckthis_telechargement_01net.ex​e
 C:\Windows\system32\conime.exe
 C:\Users\moncef\AppData\Local\​Temp\01net\HiJackThis.exe

 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: Avanquest FR - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
 O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe" MSRun
 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe"
 O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
 O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\moncef\AppData\Local​\Facebook\Update\FacebookUpdat​e.exe" /c /nocrashserver
 O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKCU\..\Run: [Google Update] "C:\Users\moncef\AppData\Local​\Google\Update\GoogleUpdate.ex​e" /c
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O6 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Restrictions present
 O6 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Control Panel present
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Off​ice12\EXCEL.EXE/3000
 O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Util​s\BabylonIEPI.dll/ActionTU.htm
 O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Util​s\BabylonIEPI.dll/Action.htm
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\Office12\​REFIEBAR.DLL
 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
 O13 - Gopher Prefix:
 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89​B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolH​andler.dll
 O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
 O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.e​xe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\105​0\Intel 32\IDriverT.exe
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv​.exe
 O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaD​B9.exe
 O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

 --
 End of file - 7511 bytes

 Scan saved at 10:30:48, on 12/11/2011
 Platform: Unknown Windows (WinNT 6.01.3505 SP1)
 MSIE: Unable to get Internet Explorer version!
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
 C:\Program Files\Common Files\Java\Java Update\jusched.exe
 C:\Program Files\Common Files\Intel\WirelessCommon\iFr​mewrk.exe
 C:\Program Files\TortoiseSVN\bin\TSVNCach​e.exe
 C:\Windows\system32\taskhost.e​xe
 C:\Windows\system32\wbem\unsec​app.exe
 D:\Users\Mr\Downloads\HiJackTh​is.exe
 C:\Program Files\Windows Media Player\wmplayer.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Windows\system32\wuauclt.ex​e
 C:\Windows\system32\SearchFilt​erHost.exe
 C:\Windows\system32\SearchProt​ocolHost.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://www.01net.com
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://encyclopedie.org
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,First Home Page = http://www.01net.com | http://www.telecharger.com | http://www.rmc.fr
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
 O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
 O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFr​mewrk.exe" /tf Intel PAN Tray
 O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\Upd​aterStartupUtility.exe"
 O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManage​r\CS5.5ServiceManager.exe" -launchedbylogin
 O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\Switch​Board.exe
 O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files\FeedReader30\feedreader.​exe"
 O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Windows\System32\Presentati​onSettings.exe /start (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #0] C:\Windows\System32\Presentati​onSettings.exe /start (User 'Default user')
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\​REFIEBAR.DLL
 O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
 O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
 O15 - ESC Trusted Zone: http://*.update.microsoft.com
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O17 - HKLM\System\CCS\Services\Tcpip​\..\{513B5E8E-D123-44E3-8EAA-3​28B68222ADA}: NameServer = 0.0.0.0
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Sky​pe4COM.dll
 O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAm​pPalService.exe
 O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
 O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSe​curityMgr.exe
 O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
 O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.ex​e
 O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.ex​e
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWSer​vice.exe
 O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtse​rv.exe
 O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfserv​ice.exe
 O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDn​s.exe
 O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.de​s.exe (file missing)
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\Reg​Srvc.exe
 O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
 O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
 O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
 O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
 O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\Switch​Board.exe
 O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.1​1\bin\httpd.exe
 O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\​bin\mysqld.exe

 --
 End of file - 6955 bytes

 



monafo
  1. Posté le 31/03/2012 à 07:43:21  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 

monafo a écrit :

orLogfile of Trend Micro HijackThis v2.0.2
 Scan saved at 08:20:59, on 31/03/2012
 Platform: Windows Vista SP2 (WinNT 6.00.1906)
 MSIE: Internet Explorer v9.00 (9.00.8112.16421)
 Boot mode: Normal
 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 08:43:28, on 31/03/2012
 Platform: Windows Vista SP2 (WinNT 6.00.1906)
 MSIE: Internet Explorer v9.00 (9.00.8112.16421)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\Explorer.EXE
 C:\WINDOWS\RtHDVCpl.exe
 C:\Program Files\Microsoft Security Client\msseces.exe
 C:\Program Files\Common Files\Java\Java Update\jusched.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Program Files\Logitech\Logitech Vid\Vid.exe
 C:\WINDOWS\ehome\ehtray.exe
 C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
 C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\MOM.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Windows\system32\wbem\unsec​app.exe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
 C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CCC.exe
 C:\Users\moncef\Downloads\hija​ckthis_telechargement_01net.ex​e
 C:\Windows\system32\conime.exe
 C:\Users\moncef\AppData\Local\​Temp\01net\HiJackThis.exe
 C:\Windows\system32\rundll32.e​xe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe

 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: Avanquest FR - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
 O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe" MSRun
 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe"
 O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
 O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\moncef\AppData\Local​\Facebook\Update\FacebookUpdat​e.exe" /c /nocrashserver
 O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKCU\..\Run: [Google Update] "C:\Users\moncef\AppData\Local​\Google\Update\GoogleUpdate.ex​e" /c
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O6 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Restrictions present
 O6 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Control Panel present
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Off​ice12\EXCEL.EXE/3000
 O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Util​s\BabylonIEPI.dll/ActionTU.htm
 O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Util​s\BabylonIEPI.dll/Action.htm
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\Office12\​REFIEBAR.DLL
 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
 O13 - Gopher Prefix:
 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89​B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolH​andler.dll
 O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
 O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.e​xe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\105​0\Intel 32\IDriverT.exe
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv​.exe
 O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaD​B9.exe
 O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

 --
 End of file - 7455 bytes

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\Explorer.EXE
 C:\Windows\system32\taskeng.ex​e
 C:\WINDOWS\RtHDVCpl.exe
 C:\Program Files\Microsoft Security Client\msseces.exe
 C:\Program Files\Common Files\Java\Java Update\jusched.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Program Files\Logitech\Logitech Vid\Vid.exe
 C:\WINDOWS\ehome\ehtray.exe
 C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
 C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\MOM.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Windows\system32\wbem\unsec​app.exe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
 C:\Windows\system32\rundll32.e​xe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CCC.exe
 C:\Users\moncef\Downloads\hija​ckthis_telechargement_01net.ex​e
 C:\Windows\system32\conime.exe
 C:\Users\moncef\AppData\Local\​Temp\01net\HiJackThis.exe

 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/ [...] pf=desktop
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: Avanquest FR - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
 O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe" MSRun
 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe"
 O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
 O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\moncef\AppData\Local​\Facebook\Update\FacebookUpdat​e.exe" /c /nocrashserver
 O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKCU\..\Run: [Google Update] "C:\Users\moncef\AppData\Local​\Google\Update\GoogleUpdate.ex​e" /c
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O6 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Restrictions present
 O6 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Control Panel present
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Off​ice12\EXCEL.EXE/3000
 O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Util​s\BabylonIEPI.dll/ActionTU.htm
 O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Util​s\BabylonIEPI.dll/Action.htm
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\Office12\​REFIEBAR.DLL
 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
 O13 - Gopher Prefix:
 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89​B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolH​andler.dll
 O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
 O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.e​xe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\105​0\Intel 32\IDriverT.exe
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv​.exe
 O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaD​B9.exe
 O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

 --
 End of file - 8041 bytes

 



(Publicité)
monafo
  1. Posté le 31/03/2012 à 07:45:48  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 08:43:28, on 31/03/2012
 Platform: Windows Vista SP2 (WinNT 6.00.1906)
 MSIE: Internet Explorer v9.00 (9.00.8112.16421)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\Explorer.EXE
 C:\WINDOWS\RtHDVCpl.exe
 C:\Program Files\Microsoft Security Client\msseces.exe
 C:\Program Files\Common Files\Java\Java Update\jusched.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Windows Sidebar\sidebar.exe
 C:\Program Files\Logitech\Logitech Vid\Vid.exe
 C:\WINDOWS\ehome\ehtray.exe
 C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
 C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\MOM.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Windows\system32\wbem\unsec​app.exe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe
 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
 C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CCC.exe
 C:\Users\moncef\Downloads\hija​ckthis_telechargement_01net.ex​e
 C:\Windows\system32\conime.exe
 C:\Users\moncef\AppData\Local\​Temp\01net\HiJackThis.exe
 C:\Windows\system32\rundll32.e​xe
 C:\Users\moncef\AppData\Local\​Google\Chrome\Application\chro​me.exe

 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: Avanquest FR - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
 O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O3 - Toolbar: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - C:\Program Files\Avanquest_FR\prxtbAva0.d​ll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe" MSRun
 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe"
 O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
 O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\moncef\AppData\Local​\Facebook\Update\FacebookUpdat​e.exe" /c /nocrashserver
 O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKCU\..\Run: [Google Update] "C:\Users\moncef\AppData\Local​\Google\Update\GoogleUpdate.ex​e" /c
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O6 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Restrictions present
 O6 - HKCU\Software\Policies\Microso​ft\Internet Explorer\Control Panel present
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Off​ice12\EXCEL.EXE/3000
 O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Util​s\BabylonIEPI.dll/ActionTU.htm
 O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Util​s\BabylonIEPI.dll/Action.htm
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~3\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~3\Office12\​REFIEBAR.DLL
 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
 O13 - Gopher Prefix:
 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89​B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolH​andler.dll
 O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
 O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.e​xe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\105​0\Intel 32\IDriverT.exe
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv​.exe
 O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaD​B9.exe
 O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

 --
 End of file - 7455 bytes

 Page :
1

Aller à :
 

Sujets relatifs
Rapport HijackThis analyse rapport combofix
Rapport Avira Inquiétant Rapport de Norton étrange...
Suppression de security central avec Combofix - Fichier rapport  
Plus de sujets relatifs à : Rapport hijackthis

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Redirection des liens google vers d'autres sites 0
[Résolu] Problème redirection google : goingonearth / thewebtimes 14
supprimer searchqu 406 de mon ordinateur 26
svp 0
Infecté par TROJAN BACKDOOR:WIN32/fynloski.A 36