Bonjour,
depuis pas mal de temps,mon ordi déconne, il bloque, s'éteint, ctrl alt ne marche pas,etc.. donc je poste mon hijackthis pour avoir un diagnostique car pour moi c'est du charabia! merçi.
Logfile of Trend Micro HijackThis
v2.0.2
Scan saved at 02:44:15, on
11/05/2009
Platform: Windows XP SP3 (WinNT
5.01.2600)
MSIE: Internet Explorer v7.00
(7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32
\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32
\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-
Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Avira\AntiVir
PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32
\brsvc01a.exe
C:\Program
Files\QuickTime\qttask.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir
PersonalEdition Classic\sched.exe
C:\Program Files\Ask & Record
Toolbar\FLVSrvc.exe
C:\Program Files\Windows
Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Wireless LAN
Utility\SiWake.exe
C:\Program Files\Avira\AntiVir
PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
C:\Program
Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend
Micro\Internet
Security\Tmntsrv.exe
C:\Program Files\Trend
Micro\Internet
Security\tmproxy.exe
C:\Program Files\Trend
Micro\Internet Security\PccPfw.exe
C:\Program Files\Internet
Explorer\iexplore.exe
C:\Program Files\Trend
Micro\HijackThis\HijackThis.exe
R1 -
HKCU\Software\Microsoft\Internet
Explorer\Main,Search Bar =
https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 -
HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
https://www.google.fr/?gws_rd=ssl
R1 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
https://www.microsoft.com/fr-fr/?ref=go
LinkId=69157
R1 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
https://www.microsoft.com/fr-fr/?ref=go
LinkId=54896
R1 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
https://www.microsoft.com/fr-fr/?ref=go
LinkId=54896
R0 -
HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
https://www.microsoft.com/fr-fr/?ref=go
LinkId=69157
R1 -
HKCU\Software\Microsoft\Windows\
CurrentVersion\Internet
Settings,ProxyOverride = *.local
R0 -
HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName
= Liens
R3 - URLSearchHook: Share
Accelerator MM Toolbar -
{4596013b-6c31-408b-a266-
deae5c086dc2} - C:\Program
Files\Share_Accelerator_MM\tbSha1.
dll
R3 - URLSearchHook: Yahoo! Toolbar
avec bloqueur de fenêtres pop-up -
{EF99BD32-C1FB-11D2-892F-
0090271D4F88} - (no file)
R3 - URLSearchHook: Multi Media
France Toolbar - {7009fcd4-05be-
44f4-9583-93fe419ab7b0} -
C:\Program
Files\Multi_Media_France\tbMul1.dl
l
F2 - REG:system.ini: Shell=
O1 - Hosts: 212.150.54.250 dv-
networks.com
O2 - BHO: (no name) - {0EEDB912-
C5FA-486F-8334-57288578C627} -
(no file)
O2 - BHO: AcroIEHelperStub -
{18DF081C-E8AD-4283-A596-
FA578C2EBDC3} - C:\Program
Files\Fichiers
communs\Adobe\Acrobat\ActiveX\
AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar BHO -
{25CEE8EC-5730-41bc-8B58-
22DDC8AB8C20} - C:\Program
Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Share Accelerator MM
Toolbar - {4596013b-6c31-408b-
a266-deae5c086dc2} - C:\Program
Files\Share_Accelerator_MM\tbSha1.
dll
O2 - BHO: Spybot-S&D IE Protection
- {53707962-6F74-2D53-2644-
206D7942484F} - C:\PROGRA~1
\SPYBOT~1\SDHelper.dll
O2 - BHO: Multi Media France
Toolbar - {7009fcd4-05be-44f4-
9583-93fe419ab7b0} - C:\Program
Files\Multi_Media_France\tbMul1.dl
l
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-
626A-48EC-A868-BA8D5E23E045} -
(no file)
O2 - BHO: Programme d'aide de
l'Assistant de connexion Windows
Live - {9030D464-4C02-4ABF-8ECC-
5164760863C6} - C:\Program
Files\Fichiers communs\Microsoft
Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar
Helper - {BDBD1DAD-C946-4A17-
ADC1-64B5B4FF55D0} - C:\Program
Files\Windows Live
Toolbar\msntb.dll
O3 - Toolbar: Share Accelerator MM
Toolbar - {4596013b-6c31-408b-
a266-deae5c086dc2} - C:\Program
Files\Share_Accelerator_MM\tbSha1.
dll
O3 - Toolbar: Windows Live Toolbar
- {BDAD1DAD-C946-4A17-ADC1-
64B5B4FF55D0} - C:\Program
Files\Windows Live
Toolbar\msntb.dll
O3 - Toolbar: Multi Media France
Toolbar - {7009fcd4-05be-44f4-
9583-93fe419ab7b0} - C:\Program
Files\Multi_Media_France\tbMul1.dl
l
O3 - Toolbar: Winamp Toolbar -
{EBF2BA02-9094-4c5a-858B-
BB198F3D8DE2} - C:\Program
Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [snpstd]
C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [avgnt]
"C:\Program Files\Avira\AntiVir
PersonalEdition Classic\avgnt.exe"
/min
O4 - HKLM\..\Run: [QuickTime Task]
"C:\Program
Files\QuickTime\qttask.exe" -
atboottime
O4 - HKLM\..\Run: [Adobe Reader
Speed Launcher] "C:\Program
Files\Adobe\Reader 9.0
\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ask and Record
FLV Service] "C:\Program Files\Ask
& Record Toolbar\FLVSrvc.exe" /run
O4 - HKCU\..\Run: [msnmsgr]
"C:\Program Files\Windows
Live\Messenger\MsnMsgr.Exe"
/background
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run:
[CTFMON.EXE]
C:\WINDOWS\System32
\CTFMON.EXE (User 'SERVICE
LOCAL')
O4 - HKUS\S-1-5-20\..\Run:
[CTFMON.EXE]
C:\WINDOWS\System32
\CTFMON.EXE (User 'SERVICE
RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run:
[CTFMON.EXE]
C:\WINDOWS\System32
\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run:
[CTFMON.EXE]
C:\WINDOWS\System32
\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SiWake.lnk =
C:\Program Files\Wireless LAN
Utility\SiWake.exe
O8 - Extra context menu item:
&Winamp Toolbar Search -
C:\Documents and Settings\All
Users\Application Data\Winamp
Toolbar\ieToolbar\resources\en-
US\local\search.html
O8 - Extra context menu item:
&Windows Live Search -
res://C:\Program Files\Windows Live
Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add
to Windows &Live Favorites -
https://onedrive.live.com/?id=favorites
spx
O8 - Extra context menu item:
Download with &Shareaza -
res://C:\Program
Files\Shareaza\Plugins\RazaWebHoo
k.dll/3000
O8 - Extra context menu item:
Ouvrir dans un nouvel onglet
d'arrière-plan - res://C:\Program
Files\Windows Live
Toolbar\Components\fr-
fr\msntabres.dll.mui/229?
93744856341640e0b2a35ade3b380
985
O8 - Extra context menu item:
Ouvrir dans un nouvel onglet de
premier plan - res://C:\Program
Files\Windows Live
Toolbar\Components\fr-
fr\msntabres.dll.mui/230?
93744856341640e0b2a35ade3b380
985
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem:
Console Java (Sun) - {08B0E5C0-
4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_02
\bin\ssv.dll
O9 - Extra button: (no name) -
{DFB852A3-47F8-48C4-A200-
58CAB36FD2A2} - C:\PROGRA~1
\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot
- Search & Destroy Configuration -
{DFB852A3-47F8-48C4-A200-
58CAB36FD2A2} - C:\PROGRA~1
\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-
f2ba38496583} -
C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 - {e2e2dd38-
d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem:
Windows Messenger - {FB5F1910-
F110-11d2-BB9E-00C04F795683} -
C:\Program
Files\Messenger\msmsgs.exe
O14 - IERESET.INF:
START_PAGE_URL=http://www.asus.
com.tw
O16 - DPF: {30528230-99f7-4bb4-
88d8-fa1d4f56a2ab} (YInstStarter
Class) - C:\Program Files\Yahoo!
\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-
879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.microsoft.com/micro
softupdate/v6/V5Controls/en/x86/
client/muweb_site.cab?
1223231195296
O16 - DPF: {74D05D43-3236-11D4-
BDCD-00C04F9A3B61} (HouseCall
Control) -
http://a840.g.akamai.net/7/840/53
7/2005111401/housecall.trendmicr
o.com/housecall/xscan53.cab
O16 - DPF: {867E13F2-7F31-44FB-
AC97-CD38E0DC46EF}
(HardwareDetection Control) -
https://www.touslesdrivers.com
maconfig/MaConfig_3_1_2_1.cab
O16 - DPF: {87AF076E-D86D-4E87-
ADDD-F05804E1F150} -
https://www.virginmega.fr/Downloa
dManager/Release/Prod/DownMan.c
ab
O16 - DPF: {A90A5822-F108-45AD-
8482-9BC8B12DD539} (Crucial
cpcScan) -
http://www.orderingmemory.com/c
ontrols/cpcScanner.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-
B842-B2CCF06D9A1B} (Zylom
Games Player) -
http://game01.zylom.com/activex/
zylomgamesplayer.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-
AC72-04C2F616BCA7} (get_atlcom
Class) -
http://www.adobe.com/products/ac
robat/nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-
A791-1ACFD5599AB8} (Oberon
Flash Game Host) -
http://jeuxenligne.orange.fr/Games
hell/GameHost/1.0/OberonGameHo
st.cab
O23 - Service: Lavasoft Ad-Aware
Service (aawservice) - Lavasoft -
C:\Program Files\Lavasoft\Ad-
Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal
- Free Antivirus Scheduler
(AntiVirScheduler) - Avira GmbH -
C:\Program Files\Avira\AntiVir
PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal
- Free Antivirus Guard
(AntiVirService) - Avira GmbH -
C:\Program Files\Avira\AntiVir
PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller -
Unknown owner -
C:\WINDOWS\System32
\Ati2evxx.exe
O23 - Service: ATK Keyboard Service
(ATKKeyboardService) - ASUSTeK
COMPUTER INC. -
C:\WINDOWS\ATKKBService.exe
O23 - Service:
##Id_String1.6844F930_1628_4223
_B5CC_5BB94B879762## (Bonjour
Service) - Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother
XP spl Service) - brother Industries
Ltd - C:\WINDOWS\System32
\brsvc01a.exe
O23 - Service: FLEXnet Licensing
Service - Macrovision Europe Ltd. -
C:\Program Files\Fichiers
communs\Macrovision
Shared\FLEXnet
Publisher\FNPLicensingService.exe
O23 - Service: Ma-Config Service
(maconfservice) - CybelSoft -
C:\Program Files\ma-
config.com\maconfservice.exe
O23 - Service: Trend Micro Personal
Firewall (PccPfw) - Trend Micro
Incorporated. - C:\Program
Files\Trend Micro\Internet
Security\PccPfw.exe
O23 - Service: Szservice - Unknown
owner - C:\WINDOWS\czsrv.exe (file
missing)
O23 - Service: Trend NT Realtime
Service (Tmntsrv) - Trend Micro
Incorporated. - C:\Program
Files\Trend Micro\Internet
Security\Tmntsrv.exe
O23 - Service: Trend Micro Proxy
Service (tmproxy) - Trend Micro
Incorporated. - C:\Program
Files\Trend Micro\Internet
Security\tmproxy.exe
Afficher la suite