BONSOIR QUE PENSEZ VOUS DU RESULTAT DE MON LOG HIJACK
MOI JE PENSE QUE J AI PLEINS DE PROBLEME "VIRUS" !!!
MERCI DE M AIDER
Logfile of HijackThis v1.99.1
Scan saved at 22:35:22, on 19/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\CAPRPCSN.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\2\CAPPSWN.EXE
C:\WINDOWS\croz32.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\WinPortrait\floater.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\WINDOWS\iplc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Pierre\Bureau\Scanner.exe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\krmjl.dll/sp.html#37049%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\krmjl.dll/sp.html#37049%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\krmjl.dll/sp.html#37049%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\krmjl.dll/sp.html#37049%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\krmjl.dll/sp.html#37049%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\krmjl.dll/sp.html#37049%resultposition.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\krmjl.dll/sp.html#37049%resultposition.net
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {456B0350-C35D-AF9C-C437-EF1B9E35850D} - C:\WINDOWS\sysqa.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [CAPON] C:\WINDOWS\system32\Spool\Drivers\w32x86\2\CAPONN.EXE
O4 - HKLM\..\Run: [Opware12] "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ntho32.exe] C:\WINDOWS\ntho32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [winvy.exe] C:\WINDOWS\system32\winvy.exe
O4 - HKLM\..\Run: [atljh32.exe] C:\WINDOWS\atljh32.exe
O4 - HKLM\..\Run: [d3uw.exe] C:\WINDOWS\d3uw.exe
O4 - HKLM\..\Run: [netfl32.exe] C:\WINDOWS\system32\netfl32.exe
O4 - HKLM\..\Run: [d3mp.exe] C:\WINDOWS\system32\d3mp.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [mfcth.exe] C:\WINDOWS\mfcth.exe
O4 - HKLM\..\Run: [javado32.exe] C:\WINDOWS\javado32.exe
O4 - HKLM\..\Run: [javahl32.exe] C:\WINDOWS\system32\javahl32.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msvj32.exe] C:\WINDOWS\system32\msvj32.exe
O4 - HKLM\..\Run: [winoz32.exe] C:\WINDOWS\winoz32.exe
O4 - HKLM\..\Run: [d3hi.exe] C:\WINDOWS\d3hi.exe
O4 - HKLM\..\Run: [sdkbl32.exe] C:\WINDOWS\sdkbl32.exe
O4 - HKLM\..\Run: [syssr.exe] C:\WINDOWS\syssr.exe
O4 - HKLM\..\Run: [ipip32.exe] C:\WINDOWS\system32\ipip32.exe
O4 - HKLM\..\Run: [msie.exe] C:\WINDOWS\system32\msie.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\RunOnce: [mfcth.exe] C:\WINDOWS\mfcth.exe
O4 - HKLM\..\RunOnce: [appmt.exe] C:\WINDOWS\appmt.exe
O4 - HKLM\..\RunOnce: [iplc32.exe] C:\WINDOWS\iplc32.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=
https://www.free.fr/freebox/index.html
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{5635101A-E5E7-48FA-8AEA-BDADD6BED12C}: NameServer = 195.95.218.18,85.255.112.11
O17 - HKLM\System\CCS\Services\Tcpip\..\{6FC0AE9A-F6BA-4116-8FD1-5537A877015B}: NameServer = 195.95.218.18,85.255.112.11
O17 - HKLM\System\CCS\Services\Tcpip\..\{8156A500-D682-4183-9921-46C1A8E363DD}: NameServer = 195.95.218.18,85.255.112.11
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8A92409-B540-49DA-8FFE-1E061C5A0E9F}: NameServer = 195.95.218.18,85.255.112.11
O17 - HKLM\System\CS1\Services\Tcpip\..\{5635101A-E5E7-48FA-8AEA-BDADD6BED12C}: NameServer = 195.95.218.18,85.255.112.11
O17 - HKLM\System\CS2\Services\Tcpip\..\{5635101A-E5E7-48FA-8AEA-BDADD6BED12C}: NameServer = 195.95.218.18,85.255.112.11
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\croz32.exe" /s (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Afficher la suite