Ordi bloque

Fermé
Hello93 Messages postés 1 Date d'inscription lundi 11 mai 2009 Statut Membre Dernière intervention 11 mai 2009 - 11 mai 2009 à 02:47
Bonjour,
depuis pas mal de temps,mon ordi déconne, il bloque, s'éteint, ctrl alt ne marche pas,etc.. donc je poste mon hijackthis pour avoir un diagnostique car pour moi c'est du charabia! merçi.
Logfile of Trend Micro HijackThis

v2.0.2
Scan saved at 02:44:15, on

11/05/2009
Platform: Windows XP SP3 (WinNT

5.01.2600)
MSIE: Internet Explorer v7.00

(7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32

\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32

\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-

Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Avira\AntiVir

PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32

\brsvc01a.exe
C:\Program

Files\QuickTime\qttask.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir

PersonalEdition Classic\sched.exe
C:\Program Files\Ask & Record

Toolbar\FLVSrvc.exe
C:\Program Files\Windows

Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Wireless LAN

Utility\SiWake.exe
C:\Program Files\Avira\AntiVir

PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
C:\Program

Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend

Micro\Internet

Security\Tmntsrv.exe
C:\Program Files\Trend

Micro\Internet

Security\tmproxy.exe
C:\Program Files\Trend

Micro\Internet Security\PccPfw.exe
C:\Program Files\Internet

Explorer\iexplore.exe
C:\Program Files\Trend

Micro\HijackThis\HijackThis.exe

R1 -

HKCU\Software\Microsoft\Internet

Explorer\Main,Search Bar =

https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 -

HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

https://www.google.fr/?gws_rd=ssl
R1 -

HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

https://www.microsoft.com/fr-fr/?ref=go

LinkId=69157
R1 -

HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL =

https://www.microsoft.com/fr-fr/?ref=go

LinkId=54896
R1 -

HKLM\Software\Microsoft\Internet

Explorer\Main,Search Page =

https://www.microsoft.com/fr-fr/?ref=go

LinkId=54896
R0 -

HKLM\Software\Microsoft\Internet

Explorer\Main,Start Page =

https://www.microsoft.com/fr-fr/?ref=go

LinkId=69157
R1 -

HKCU\Software\Microsoft\Windows\

CurrentVersion\Internet

Settings,ProxyOverride = *.local
R0 -

HKCU\Software\Microsoft\Internet

Explorer\Toolbar,LinksFolderName

= Liens
R3 - URLSearchHook: Share

Accelerator MM Toolbar -

{4596013b-6c31-408b-a266-

deae5c086dc2} - C:\Program

Files\Share_Accelerator_MM\tbSha1.

dll
R3 - URLSearchHook: Yahoo! Toolbar

avec bloqueur de fenêtres pop-up -

{EF99BD32-C1FB-11D2-892F-

0090271D4F88} - (no file)
R3 - URLSearchHook: Multi Media

France Toolbar - {7009fcd4-05be-

44f4-9583-93fe419ab7b0} -

C:\Program

Files\Multi_Media_France\tbMul1.dl

l
F2 - REG:system.ini: Shell=
O1 - Hosts: 212.150.54.250 dv-

networks.com
O2 - BHO: (no name) - {0EEDB912-

C5FA-486F-8334-57288578C627} -

(no file)
O2 - BHO: AcroIEHelperStub -

{18DF081C-E8AD-4283-A596-

FA578C2EBDC3} - C:\Program

Files\Fichiers

communs\Adobe\Acrobat\ActiveX\

AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar BHO -

{25CEE8EC-5730-41bc-8B58-

22DDC8AB8C20} - C:\Program

Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Share Accelerator MM

Toolbar - {4596013b-6c31-408b-

a266-deae5c086dc2} - C:\Program

Files\Share_Accelerator_MM\tbSha1.

dll
O2 - BHO: Spybot-S&D IE Protection

- {53707962-6F74-2D53-2644-

206D7942484F} - C:\PROGRA~1

\SPYBOT~1\SDHelper.dll
O2 - BHO: Multi Media France

Toolbar - {7009fcd4-05be-44f4-

9583-93fe419ab7b0} - C:\Program

Files\Multi_Media_France\tbMul1.dl

l
O2 - BHO: SSVHelper Class -

{761497BB-D6F0-462C-B6EB-

D4DAF1D92D43} - C:\Program

Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-

626A-48EC-A868-BA8D5E23E045} -

(no file)
O2 - BHO: Programme d'aide de

l'Assistant de connexion Windows

Live - {9030D464-4C02-4ABF-8ECC-

5164760863C6} - C:\Program

Files\Fichiers communs\Microsoft

Shared\Windows

Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar

Helper - {BDBD1DAD-C946-4A17-

ADC1-64B5B4FF55D0} - C:\Program

Files\Windows Live

Toolbar\msntb.dll
O3 - Toolbar: Share Accelerator MM

Toolbar - {4596013b-6c31-408b-

a266-deae5c086dc2} - C:\Program

Files\Share_Accelerator_MM\tbSha1.

dll
O3 - Toolbar: Windows Live Toolbar

- {BDAD1DAD-C946-4A17-ADC1-

64B5B4FF55D0} - C:\Program

Files\Windows Live

Toolbar\msntb.dll
O3 - Toolbar: Multi Media France

Toolbar - {7009fcd4-05be-44f4-

9583-93fe419ab7b0} - C:\Program

Files\Multi_Media_France\tbMul1.dl

l
O3 - Toolbar: Winamp Toolbar -

{EBF2BA02-9094-4c5a-858B-

BB198F3D8DE2} - C:\Program

Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [snpstd]

C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [avgnt]

"C:\Program Files\Avira\AntiVir

PersonalEdition Classic\avgnt.exe"

/min
O4 - HKLM\..\Run: [QuickTime Task]

"C:\Program

Files\QuickTime\qttask.exe" -

atboottime
O4 - HKLM\..\Run: [Adobe Reader

Speed Launcher] "C:\Program

Files\Adobe\Reader 9.0

\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ask and Record

FLV Service] "C:\Program Files\Ask

& Record Toolbar\FLVSrvc.exe" /run
O4 - HKCU\..\Run: [msnmsgr]

"C:\Program Files\Windows

Live\Messenger\MsnMsgr.Exe"

/background
O4 - HKCU\..\Run: [ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run:

[CTFMON.EXE]

C:\WINDOWS\System32

\CTFMON.EXE (User 'SERVICE

LOCAL')
O4 - HKUS\S-1-5-20\..\Run:

[CTFMON.EXE]

C:\WINDOWS\System32

\CTFMON.EXE (User 'SERVICE

RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run:

[CTFMON.EXE]

C:\WINDOWS\System32

\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run:

[CTFMON.EXE]

C:\WINDOWS\System32

\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SiWake.lnk =

C:\Program Files\Wireless LAN

Utility\SiWake.exe
O8 - Extra context menu item:

&Winamp Toolbar Search -

C:\Documents and Settings\All

Users\Application Data\Winamp

Toolbar\ieToolbar\resources\en-

US\local\search.html
O8 - Extra context menu item:

&Windows Live Search -

res://C:\Program Files\Windows Live

Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add

to Windows &Live Favorites -

https://onedrive.live.com/?id=favorites

spx
O8 - Extra context menu item:

Download with &Shareaza -

res://C:\Program

Files\Shareaza\Plugins\RazaWebHoo

k.dll/3000
O8 - Extra context menu item:

Ouvrir dans un nouvel onglet

d'arrière-plan - res://C:\Program

Files\Windows Live

Toolbar\Components\fr-

fr\msntabres.dll.mui/229?

93744856341640e0b2a35ade3b380

985
O8 - Extra context menu item:

Ouvrir dans un nouvel onglet de

premier plan - res://C:\Program

Files\Windows Live

Toolbar\Components\fr-

fr\msntabres.dll.mui/230?

93744856341640e0b2a35ade3b380

985
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-

00401C608501} - C:\Program

Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem:

Console Java (Sun) - {08B0E5C0-

4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.6.0_02

\bin\ssv.dll
O9 - Extra button: (no name) -

{DFB852A3-47F8-48C4-A200-

58CAB36FD2A2} - C:\PROGRA~1

\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot

- Search & Destroy Configuration -

{DFB852A3-47F8-48C4-A200-

58CAB36FD2A2} - C:\PROGRA~1

\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) -

{e2e2dd38-d088-4134-82b7-

f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:

@xpsp3res.dll,-20001 - {e2e2dd38-

d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-

00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem:

Windows Messenger - {FB5F1910-

F110-11d2-BB9E-00C04F795683} -

C:\Program

Files\Messenger\msmsgs.exe
O14 - IERESET.INF:

START_PAGE_URL=http://www.asus.

com.tw
O16 - DPF: {30528230-99f7-4bb4-

88d8-fa1d4f56a2ab} (YInstStarter

Class) - C:\Program Files\Yahoo!

\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-

879C-DC1FA91D2FC3}

(MUWebControl Class) -

http://update.microsoft.com/micro

softupdate/v6/V5Controls/en/x86/

client/muweb_site.cab?

1223231195296
O16 - DPF: {74D05D43-3236-11D4-

BDCD-00C04F9A3B61} (HouseCall

Control) -

http://a840.g.akamai.net/7/840/53

7/2005111401/housecall.trendmicr

o.com/housecall/xscan53.cab
O16 - DPF: {867E13F2-7F31-44FB-

AC97-CD38E0DC46EF}

(HardwareDetection Control) -

https://www.touslesdrivers.com

maconfig/MaConfig_3_1_2_1.cab
O16 - DPF: {87AF076E-D86D-4E87-

ADDD-F05804E1F150} -

https://www.virginmega.fr/Downloa

dManager/Release/Prod/DownMan.c

ab
O16 - DPF: {A90A5822-F108-45AD-

8482-9BC8B12DD539} (Crucial

cpcScan) -

http://www.orderingmemory.com/c

ontrols/cpcScanner.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-

B842-B2CCF06D9A1B} (Zylom

Games Player) -

http://game01.zylom.com/activex/

zylomgamesplayer.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-

AC72-04C2F616BCA7} (get_atlcom

Class) -

http://www.adobe.com/products/ac

robat/nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-

A791-1ACFD5599AB8} (Oberon

Flash Game Host) -

http://jeuxenligne.orange.fr/Games

hell/GameHost/1.0/OberonGameHo

st.cab
O23 - Service: Lavasoft Ad-Aware

Service (aawservice) - Lavasoft -

C:\Program Files\Lavasoft\Ad-

Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal

- Free Antivirus Scheduler

(AntiVirScheduler) - Avira GmbH -

C:\Program Files\Avira\AntiVir

PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal

- Free Antivirus Guard

(AntiVirService) - Avira GmbH -

C:\Program Files\Avira\AntiVir

PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller -

Unknown owner -

C:\WINDOWS\System32

\Ati2evxx.exe
O23 - Service: ATK Keyboard Service

(ATKKeyboardService) - ASUSTeK

COMPUTER INC. -

C:\WINDOWS\ATKKBService.exe
O23 - Service:

##Id_String1.6844F930_1628_4223

_B5CC_5BB94B879762## (Bonjour

Service) - Apple Inc. - C:\Program

Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother

XP spl Service) - brother Industries

Ltd - C:\WINDOWS\System32

\brsvc01a.exe
O23 - Service: FLEXnet Licensing

Service - Macrovision Europe Ltd. -

C:\Program Files\Fichiers

communs\Macrovision

Shared\FLEXnet

Publisher\FNPLicensingService.exe
O23 - Service: Ma-Config Service

(maconfservice) - CybelSoft -

C:\Program Files\ma-

config.com\maconfservice.exe
O23 - Service: Trend Micro Personal

Firewall (PccPfw) - Trend Micro

Incorporated. - C:\Program

Files\Trend Micro\Internet

Security\PccPfw.exe
O23 - Service: Szservice - Unknown

owner - C:\WINDOWS\czsrv.exe (file

missing)
O23 - Service: Trend NT Realtime

Service (Tmntsrv) - Trend Micro

Incorporated. - C:\Program

Files\Trend Micro\Internet

Security\Tmntsrv.exe
O23 - Service: Trend Micro Proxy

Service (tmproxy) - Trend Micro

Incorporated. - C:\Program

Files\Trend Micro\Internet

Security\tmproxy.exe