Utilisation de hijackthis

calu -  
 g3n-h@ckm@n -
Bonjour,

j'ai des problèmes de ralentissement et d'ouverture de fenêtres intempestives. Aprés avoir essayé de suivre vos indications je suis perdue
j'ai fait une analyse hijackthis, puis je suis aller sur le site pour avoir une analyse et j'ai vu qu'il ne fallait pas forcement supprimer les mauvais élements de plus je ne sais pas comment effacer avec hijackthis
merci de bien vouloir m'aider
et chapeau pour tout le travail qui a déjà été effectuer ici

3 réponses

  1. g3n-h@ckm@n
     
    salut colle le contenu de ton rapport ici
    0
  2. calu
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:06:36, on 10/07/2011
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    H:\WINDOWS\System32\smss.exe
    H:\WINDOWS\system32\winlogon.exe
    H:\WINDOWS\system32\services.exe
    H:\WINDOWS\system32\lsass.exe
    H:\WINDOWS\system32\Ati2evxx.exe
    H:\WINDOWS\system32\svchost.exe
    H:\WINDOWS\System32\svchost.exe
    H:\WINDOWS\system32\svchost.exe
    H:\WINDOWS\system32\Ati2evxx.exe
    H:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    H:\WINDOWS\system32\brsvc01a.exe
    H:\WINDOWS\system32\spoolsv.exe
    H:\WINDOWS\system32\brss01a.exe
    H:\WINDOWS\Explorer.EXE
    H:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    H:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    H:\Program Files\Bonjour\mDNSResponder.exe
    H:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
    H:\Program Files\Java\jre6\bin\jqs.exe
    H:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    H:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    H:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    H:\WINDOWS\system32\svchost.exe
    H:\Program Files\Brother\ControlCenter2\brctrcen.exe
    H:\WINDOWS\System32\TUProgSt.exe
    H:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    H:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    H:\WINDOWS\RTHDCPL.EXE
    H:\Program Files\SweetIM\Messenger\SweetIM.exe
    H:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\Monitor.exe
    H:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
    H:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    H:\Program Files\Druide\Antidote 7\Programmes32\agentantidote.exe
    H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    H:\Program Files\iTunes\iTunesHelper.exe
    H:\Program Files\Windows Live\Messenger\msnmsgr.exe
    H:\Program Files\Agence-Exclusive\pctuto.exe
    H:\Documents and Settings\francoise\Application Data\Agence-Exclusive\Agence-Exclusive\autoupdater.exe
    H:\WINDOWS\system32\wbem\wmiapsrv.exe
    H:\Program Files\Ask.com\Updater\Updater.exe
    H:\WINDOWS\system32\ctfmon.exe
    H:\Program Files\Messenger\msmsgs.exe
    H:\Program Files\SFR\Kit\9props.exe
    H:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    H:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
    H:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
    H:\Program Files\iPod\bin\iPodService.exe
    H:\WINDOWS\system32\wuauclt.exe
    H:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe
    H:\WINDOWS\system32\rundll32.exe
    H:\WINDOWS\system32\wuauclt.exe
    H:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - H:\Program Files\Ask.com\GenericAskToolbar.dll
    R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - H:\PROGRA~1\Crawler\ctbr.dll
    R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - H:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    F2 - REG:system.ini: UserInit=H:\WINDOWS\system32\userinit.exe,userinit.exe,
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - H:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - H:\PROGRA~1\Crawler\ctbr.dll
    O2 - BHO: PCTBHO - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} - H:\Program Files\Agence-Exclusive\pctutoBHO.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - H:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - H:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - H:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - H:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - H:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - H:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - H:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - H:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - H:\PROGRA~1\Crawler\ctbr.dll
    O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - H:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - H:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - H:\Program Files\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - H:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "H:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] H:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] H:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [SetDefPrt] H:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] H:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SweetIM] H:\Program Files\SweetIM\Messenger\SweetIM.exe
    O4 - HKLM\..\Run: [Ulead AutoDetector] H:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\Monitor.exe
    O4 - HKLM\..\Run: [Ulead Calendar Checker] H:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
    O4 - HKLM\..\Run: [avast5] H:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [agentantidote.exe] "H:\Program Files\Druide\Antidote 7\Programmes32\agentantidote.exe" /LancementSession
    O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [pctuto] "H:\Program Files\Agence-Exclusive\pctuto.exe"
    O4 - HKLM\..\Run: [autoupdater] H:\Documents and Settings\francoise\Application Data\Agence-Exclusive\Agence-Exclusive\autoupdater.exe
    O4 - HKLM\..\Run: [ApnUpdater] "H:\Program Files\Ask.com\Updater\Updater.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "H:\Program Files\SFR\Kit\9props.exe" /trayicon
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: LimeWire On Startup.lnk = H:\Program Files\LimeWire\LimeWire.exe
    O4 - Startup: PrintKey 2000 Fr.lnk = H:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
    O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = H:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O8 - Extra context menu item: Google Sidewiki... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - H:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://leplaisirducheval.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_9.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - H:\PROGRA~1\Crawler\ctbr.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - AVAST Software - H:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - H:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Boonty Games - BOONTY - H:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - H:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: Capture Device Service - InterVideo Inc. - H:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - H:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - H:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - H:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - H:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - H:\WINDOWS\System32\TUProgSt.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - H:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - H:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    0
  3. g3n-h@ckm@n
     
    chouette !! on va faire voler du pctuto ^^

    ▶ Télécharge ici : Ad-remover sur ton bureau :

    ▶ Déconnecte toi et ferme toutes applications en cours !

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    ▶ sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

    ▶ clique le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

    ▶ Au menu principal choisis "option Nettoyer" et tape sur [entrée] .

    ▶ Laisse travailler l'outil et ne touche à rien ...

    ▶ Poste le rapport qui apparait à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    0