Analyse hijack log Fermé

Question

Bonjour,
Est ce que quelq'un d'assez aimable et confortable dans l'analyse des hijack log pourrait analyser le log suivant:

Logfile of IObit HijackScan v0.2.0.0
Scan saved at 18:21:0, on 2009-11-9

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32
vvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32undll32.exe
C:\Program Files\Add Program\Avast4\aswUpdSv.exe
C:\Program Files\Add Program\Avast4\ashServ.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Add Program\Avast4\ashDisp.exe
C:\Windows\system32	askeng.exe
C:\Program Files\Add Program\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\System32undll32.exe
C:\Program Files\Add Program\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32	askeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Add Program\IObit Security 360\IS360srv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Add Program\PC Tools Firewall Plus\FWService.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\dllhost.exe
C:\Program Files\TeamViewer3\TeamViewer_Service.exe
C:\Program Files\Add Program\TomTom HOME 2\TomTomHOMEService.exe
C:\Windows\System32\TUProgSt.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Add Program\Avast4\ashMaiSv.exe
C:\Program Files\Add Program\Avast4\ashWebSv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\dllhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\ehome\ehsched.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Add Program\PC Tools Firewall Plus\Update.exe
C:\Program Files\Add Program\IObit Security 360\is360.exe
C:\Program Files\Add Program\IObit Security 360\is360tray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Add Program\IObit Security 360\a_hijackscan.exe

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\: [RocketDock] "C:\Program Files\Add Program\RocketDock\RocketDock.exe"
O4 - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [avast!] C:\PROGRA~1\ADDPRO~1\Avast4\ashDisp.exe
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [00PCTFW] "C:\Program Files\Add Program\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - 
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - 
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - 
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}YInstHelper.YInstStarter.1 - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}SoftwareDistribution.MicrosoftUpdateWebControl.1 - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF}ACTIVEXMATOS.activexmatosCtrl.1 - http://www.ma-config.com/activex/MaConfig_3_5_3_0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_15 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913}AS2StubIE.Installer.3 - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}Java Plug-in 1.6.0 - http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}Java Plug-in 1.6.0_15 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_15 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
O23 - Service: a-squared Free Service - Unknown - C:\USERS\ARNAUD ET ANGELA\DESKTOP\ANTIVIRUS PORTABLE\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service - ALWIL Software - C:\Program Files\Add Program\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Add Program\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Add Program\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Add Program\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) - Unknown - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) - Unknown - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Lanceur de processus serveur DCOM - Unknown - 
O23 - Service: Service de stratégie de diagnostic - Unknown - 
O23 - Service: Lanceur des services Windows Media Center - Unknown - %windir%\system32\svchost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Firebird Server - MAGIX Instance - MAGIX® - C:\Program Files\Add Program\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Client de stratégie de groupe - Unknown - 
O23 - Service: Google Software Updater - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
O23 - Service: Service de l’iPod - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\Add Program\IObit Security 360\IS360srv.exe
O23 - Service: Logitech Bluetooth Service - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Ma-Config Service - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Service de partage de ports Net.Tcp - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\Windows\system32
vvsvc.exe
O23 - Service: PC Tools Firewall Plus - PC Tools - C:\Program Files\Add Program\PC Tools Firewall Plus\FWService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Expérience audio-vidéo haute qualité Windows - Unknown - %windir%\system32\svchost.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcappcapd.exe
O23 - Service: Appel de procédure distante (RPC) - Unknown - 
O23 - Service: Gestionnaire de comptes de sécurité - Unknown - 
O23 - Service: PC Tools Auxiliary Service - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Ouverture de session secondaire - Unknown - %windir%\system32\svchost.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
O23 - Service: TeamViewer 3 - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\Add Program\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Client de suivi de lien distribué - Unknown - 
O23 - Service: Programme d’installation de modules Windows - Unknown - 
O23 - Service: TuneUp Drive Defrag Service - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: Service hôte WDIServiceHost - Unknown - 
O23 - Service: Hôte système de diagnostics - Unknown - 
O23 - Service: Service Partage réseau du Lecteur Windows Media - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

Par avance MILLE MERCIS

moment de grace · Answer

bonsoir

version hijackthis non à jour

https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/

Analyse hijack log

1 réponse

Discussions similaires