Vérification de mon log Hijackthis S.V.P
Résolu/Fermé
leila76
Messages postés
41
Date d'inscription
vendredi 29 juin 2007
Statut
Membre
Dernière intervention
4 janvier 2009
-
23 déc. 2007 à 15:42
Utilisateur anonyme - 25 déc. 2007 à 00:48
Utilisateur anonyme - 25 déc. 2007 à 00:48
A voir également:
- Vérification de mon log Hijackthis S.V.P
- Hijackthis windows 10 - Télécharger - Antivirus & Antimalwares
- Vérification lien - Guide
- Verification de l'identité du serveur impossible - Forum WiFi
- Vérification d'état du pc - Guide
- Sms tiktok verification code ✓ - Forum Mail
15 réponses
jfkpresident
Messages postés
13408
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
23 déc. 2007 à 16:03
23 déc. 2007 à 16:03
salut ,
tu vas cocher ces lignes(avec hijackthis ):
O2 - BHO: (no name) - {01421D59-0B06-40CD-BE4E-EE7BF92EF237} - (no file)
O2 - BHO: (no name) - {014CF598-C210-4F54-86E5-58A025B9AFBD} - (no file)
O2 - BHO: (no name) - {029D04DB-171A-4799-B478-50F5DB1DABC2} - (no file)
O2 - BHO: (no name) - {056A3DFE-05C6-4A43-87BD-FB28DCAB8190} - (no file)
O2 - BHO: (no name) - {06A4DB67-321E-41CE-AC8C-27CCD8589095} - (no file)
O2 - BHO: (no name) - {08dc8c3b-a3f3-4274-9cff-62e501e91c6c} - (no file)
O2 - BHO: (no name) - {0AFA03D8-1D84-4D93-B91F-7E6FEED9A839} - (no file)
O2 - BHO: (no name) - {0C9E7F1C-5C4C-4C4F-BE83-C338240A315E} - (no file)
O2 - BHO: (no name) - {0E5FF39D-9C94-4790-909A-55F32CCCF87F} - (no file)
O2 - BHO: (no name) - {10BC2311-F363-4010-9769-DE23A9A9272F} - (no file)
O2 - BHO: (no name) - {154D545B-5715-4541-B87D-D003645D16A5} - (no file)
O2 - BHO: (no name) - {15E94C8B-7D0D-4537-BCE8-DBCBEEC3ED6E} - (no file)
O2 - BHO: (no name) - {1AE182A8-1AE2-4136-996E-BA5DFCB5F601} - (no file)
O2 - BHO: (no name) - {1C80CD3F-AD55-4ADC-89E4-4817C0954AFD} - (no file)
O2 - BHO: (no name) - {219D7557-35B8-4C06-BEB6-644B59520804} - (no file)
O2 - BHO: (no name) - {229E7735-97E9-4F01-A23A-D6445E98E0EA} - (no file)
O2 - BHO: (no name) - {2BE3D8F6-1FF3-42D2-9776-373F44EA288E} - (no file)
O2 - BHO: (no name) - {32B66A36-060D-4727-865A-05CC9E04B5AB} - (no file)
O2 - BHO: (no name) - {34C942A2-3582-4FEC-8A00-A7DDE434B74C} - (no file)
O2 - BHO: (no name) - {352E7090-119E-4AAF-8D5D-14F0F6AAFB90} - (no file)
O2 - BHO: (no name) - {41322301-7793-408A-81BD-59E6AA63DD1D} - (no file)
O2 - BHO: (no name) - {44B8E086-01EF-4FC8-BF63-037091D77BF0} - (no file)
O2 - BHO: (no name) - {44C9E7CA-2DA4-4CCE-8744-0A9486D34863} - (no file)
O2 - BHO: (no name) - {45613B43-B6E3-4677-AD26-878D63DCE20F} - (no file)
O2 - BHO: (no name) - {46FF5463-8CFA-401E-93CE-8664AC6EE51F} - (no file)
O2 - BHO: (no name) - {48A8265B-E813-4D2D-B9E4-4FFECFEE057B} - (no file)
O2 - BHO: (no name) - {4B57EB8E-611C-4688-A9DB-BDB41D731A81} - (no file)
O2 - BHO: (no name) - {4F3C4F33-EFA3-46E1-A50F-8BBA891F9E05} - (no file)
O2 - BHO: (no name) - {51C429C0-BDD9-4774-A135-922E93D7EE92} - (no file)
O2 - BHO: (no name) - {530CBBFE-A000-483F-B4DA-7B547084EE8C} - (no file)
O2 - BHO: (no name) - {576B9EAD-FB15-45DB-8BEB-259FD48E4807} - (no file)
O2 - BHO: (no name) - {5C457A3F-C748-4BC9-8264-0370CED3E045} - (no file)
O2 - BHO: (no name) - {5F944370-CD84-4239-B765-08EA0E995011} - (no file)
O2 - BHO: (no name) - {61E196AB-0384-41DD-A55F-F74EE9319140} - (no file)
O2 - BHO: (no name) - {68EC0593-70A8-4172-B9F8-227F1417937B} - (no file)
O2 - BHO: (no name) - {6FC73B51-60AD-40AE-A230-C6B6D2F7BCB6} - (no file)
O2 - BHO: (no name) - {722DBAF6-3DB3-4CB4-A631-B3C4AE95B1EB} - (no file)
O2 - BHO: (no name) - {742D76BA-679B-48C5-862E-A282B86C1BDF} - (no file)
O2 - BHO: (no name) - {7625a5a1-e5a0-480d-a2f0-b372b4b2b719} - (no file)
O2 - BHO: (no name) - {7691357A-07B8-48C7-80FB-6AC839D82912} - (no file)
O2 - BHO: (no name) - {76E0FE4F-42C6-4E1B-8AC3-F774F2B3A551} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {812F13C6-5559-4156-B533-18A225783751} - (no file)
O2 - BHO: (no name) - {891FAE4A-ED5E-4540-AA74-4E00410C3870} - (no file)
O2 - BHO: (no name) - {8AB4B97B-3013-47AD-AC3F-261A644CD711} - (no file)
O2 - BHO: (no name) - {8FE98219-3223-496B-9C71-FDDC3932B642} - (no file)
O2 - BHO: (no name) - {96C7AD0A-1ACC-4424-AD3D-DD8064A95C16} - (no file)
O2 - BHO: (no name) - {991E4E84-6594-485F-830B-7307AD19906B} - (no file)
O2 - BHO: (no name) - {9E0CE56C-B494-49D6-B23B-97373DCEAB19} - (no file)
O2 - BHO: (no name) - {9F3E1BBF-6011-4968-A75C-1E1FBBE49A13} - (no file)
O2 - BHO: (no name) - {A609E1F6-33EB-4E54-A174-196F6CE43BFF} - (no file)
O2 - BHO: (no name) - {A6D7AD87-4448-4C4A-9B85-363D5627B096} - (no file)
O2 - BHO: (no name) - {ACFF3FA5-915F-4C3F-8B78-47B964372BB1} - (no file)
O2 - BHO: (no name) - {AEBCD7B3-3A94-4668-80E5-444CB2A2FC7F} - (no file)
O2 - BHO: (no name) - {AF728F11-FD8E-437D-90D0-EA647B5E8288} - (no file)
O2 - BHO: (no name) - {B11FB791-77B4-4164-B24F-2FE2FF48C216} - (no file)
O2 - BHO: (no name) - {B2897EEA-4EF7-4261-9136-A1B59A293513} - (no file)
O2 - BHO: (no name) - {B588FE8A-0F89-46B6-859F-E727DD99CF1C} - (no file)
O2 - BHO: (no name) - {C26C0469-07D6-46FD-9AC0-9074D5828AC8} - (no file)
O2 - BHO: (no name) - {C4C15748-CF84-49EB-884E-7D51C36ED6C3} - (no file)
O2 - BHO: (no name) - {C6C4BD6A-C0DB-48AB-AE3A-5F7BD04B9816} - (no file)
O2 - BHO: (no name) - {CA9016B4-92FE-4259-A24F-315B925798EC} - (no file)
O2 - BHO: (no name) - {D19C515B-8D12-443B-9A5F-B7A9CACC7AAA} - (no file)
O2 - BHO: (no name) - {D1AE98D4-3D97-4A98-8F0B-1F2DDC214E0E} - (no file)
O2 - BHO: (no name) - {D293CCE4-944F-4FA7-A1D3-A8F331F7FAE0} - (no file)
O2 - BHO: (no name) - {D389434F-CC5E-4462-9C67-0D5CC6E0BFCC} - (no file)
O2 - BHO: (no name) - {D444C532-DAE7-45A5-A0C3-7AB043AF3DB1} - (no file)
O2 - BHO: (no name) - {D7DC5F57-F3B9-40F7-8ED7-48EDDD5F2E62} - (no file)
O2 - BHO: (no name) - {DD11D113-40B3-4D74-9F84-63282ACDA29A} - (no file)
O2 - BHO: (no name) - {E2969767-87AC-4B1D-986A-CDF7F07D49A0} - (no file)
O2 - BHO: (no name) - {E6113460-D635-486A-A7DD-E70770F6FD79} - (no file)
O2 - BHO: (no name) - {E77AF872-7098-48A1-A6C6-49A84DE26D6A} - (no file)
O2 - BHO: (no name) - {EF6A3A1C-EE42-4F99-9845-15AE16D0C7C5} - (no file)
O2 - BHO: (no name) - {F0087BE1-2599-4E10-A340-5F95F9B2A725} - (no file)
O2 - BHO: (no name) - {F34F9A2C-048F-45FD-86B0-8E588CB94B35} - (no file)
O2 - BHO: (no name) - {F49DD5FC-4839-42B7-847D-B2734DA97B24} - (no file)
O2 - BHO: (no name) - {F587CD84-61C7-4E8F-92A7-2284F8875D0E} - (no file)
O2 - BHO: (no name) - {F5EFFB3D-1DFA-4BDC-9182-5EC2709D7B51} - (no file)
O2 - BHO: (no name) - {F745F537-4B15-45A9-BA64-CB4C6AADB8FE} - (no file)
O2 - BHO: (no name) - {FC045E8D-9A11-477B-B6BE-5282187CEABF} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O20 - AppInit_DLLs: c:\windows\system32\jkhffcc.dll
O20 - Winlogon Notify: cerlpk - cerlpk.dll (file missing)
O20 - Winlogon Notify: vtuvwwt - C:\WINDOWS\
apres tu clique sur "fixchecked"
tu vas cocher ces lignes(avec hijackthis ):
O2 - BHO: (no name) - {01421D59-0B06-40CD-BE4E-EE7BF92EF237} - (no file)
O2 - BHO: (no name) - {014CF598-C210-4F54-86E5-58A025B9AFBD} - (no file)
O2 - BHO: (no name) - {029D04DB-171A-4799-B478-50F5DB1DABC2} - (no file)
O2 - BHO: (no name) - {056A3DFE-05C6-4A43-87BD-FB28DCAB8190} - (no file)
O2 - BHO: (no name) - {06A4DB67-321E-41CE-AC8C-27CCD8589095} - (no file)
O2 - BHO: (no name) - {08dc8c3b-a3f3-4274-9cff-62e501e91c6c} - (no file)
O2 - BHO: (no name) - {0AFA03D8-1D84-4D93-B91F-7E6FEED9A839} - (no file)
O2 - BHO: (no name) - {0C9E7F1C-5C4C-4C4F-BE83-C338240A315E} - (no file)
O2 - BHO: (no name) - {0E5FF39D-9C94-4790-909A-55F32CCCF87F} - (no file)
O2 - BHO: (no name) - {10BC2311-F363-4010-9769-DE23A9A9272F} - (no file)
O2 - BHO: (no name) - {154D545B-5715-4541-B87D-D003645D16A5} - (no file)
O2 - BHO: (no name) - {15E94C8B-7D0D-4537-BCE8-DBCBEEC3ED6E} - (no file)
O2 - BHO: (no name) - {1AE182A8-1AE2-4136-996E-BA5DFCB5F601} - (no file)
O2 - BHO: (no name) - {1C80CD3F-AD55-4ADC-89E4-4817C0954AFD} - (no file)
O2 - BHO: (no name) - {219D7557-35B8-4C06-BEB6-644B59520804} - (no file)
O2 - BHO: (no name) - {229E7735-97E9-4F01-A23A-D6445E98E0EA} - (no file)
O2 - BHO: (no name) - {2BE3D8F6-1FF3-42D2-9776-373F44EA288E} - (no file)
O2 - BHO: (no name) - {32B66A36-060D-4727-865A-05CC9E04B5AB} - (no file)
O2 - BHO: (no name) - {34C942A2-3582-4FEC-8A00-A7DDE434B74C} - (no file)
O2 - BHO: (no name) - {352E7090-119E-4AAF-8D5D-14F0F6AAFB90} - (no file)
O2 - BHO: (no name) - {41322301-7793-408A-81BD-59E6AA63DD1D} - (no file)
O2 - BHO: (no name) - {44B8E086-01EF-4FC8-BF63-037091D77BF0} - (no file)
O2 - BHO: (no name) - {44C9E7CA-2DA4-4CCE-8744-0A9486D34863} - (no file)
O2 - BHO: (no name) - {45613B43-B6E3-4677-AD26-878D63DCE20F} - (no file)
O2 - BHO: (no name) - {46FF5463-8CFA-401E-93CE-8664AC6EE51F} - (no file)
O2 - BHO: (no name) - {48A8265B-E813-4D2D-B9E4-4FFECFEE057B} - (no file)
O2 - BHO: (no name) - {4B57EB8E-611C-4688-A9DB-BDB41D731A81} - (no file)
O2 - BHO: (no name) - {4F3C4F33-EFA3-46E1-A50F-8BBA891F9E05} - (no file)
O2 - BHO: (no name) - {51C429C0-BDD9-4774-A135-922E93D7EE92} - (no file)
O2 - BHO: (no name) - {530CBBFE-A000-483F-B4DA-7B547084EE8C} - (no file)
O2 - BHO: (no name) - {576B9EAD-FB15-45DB-8BEB-259FD48E4807} - (no file)
O2 - BHO: (no name) - {5C457A3F-C748-4BC9-8264-0370CED3E045} - (no file)
O2 - BHO: (no name) - {5F944370-CD84-4239-B765-08EA0E995011} - (no file)
O2 - BHO: (no name) - {61E196AB-0384-41DD-A55F-F74EE9319140} - (no file)
O2 - BHO: (no name) - {68EC0593-70A8-4172-B9F8-227F1417937B} - (no file)
O2 - BHO: (no name) - {6FC73B51-60AD-40AE-A230-C6B6D2F7BCB6} - (no file)
O2 - BHO: (no name) - {722DBAF6-3DB3-4CB4-A631-B3C4AE95B1EB} - (no file)
O2 - BHO: (no name) - {742D76BA-679B-48C5-862E-A282B86C1BDF} - (no file)
O2 - BHO: (no name) - {7625a5a1-e5a0-480d-a2f0-b372b4b2b719} - (no file)
O2 - BHO: (no name) - {7691357A-07B8-48C7-80FB-6AC839D82912} - (no file)
O2 - BHO: (no name) - {76E0FE4F-42C6-4E1B-8AC3-F774F2B3A551} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {812F13C6-5559-4156-B533-18A225783751} - (no file)
O2 - BHO: (no name) - {891FAE4A-ED5E-4540-AA74-4E00410C3870} - (no file)
O2 - BHO: (no name) - {8AB4B97B-3013-47AD-AC3F-261A644CD711} - (no file)
O2 - BHO: (no name) - {8FE98219-3223-496B-9C71-FDDC3932B642} - (no file)
O2 - BHO: (no name) - {96C7AD0A-1ACC-4424-AD3D-DD8064A95C16} - (no file)
O2 - BHO: (no name) - {991E4E84-6594-485F-830B-7307AD19906B} - (no file)
O2 - BHO: (no name) - {9E0CE56C-B494-49D6-B23B-97373DCEAB19} - (no file)
O2 - BHO: (no name) - {9F3E1BBF-6011-4968-A75C-1E1FBBE49A13} - (no file)
O2 - BHO: (no name) - {A609E1F6-33EB-4E54-A174-196F6CE43BFF} - (no file)
O2 - BHO: (no name) - {A6D7AD87-4448-4C4A-9B85-363D5627B096} - (no file)
O2 - BHO: (no name) - {ACFF3FA5-915F-4C3F-8B78-47B964372BB1} - (no file)
O2 - BHO: (no name) - {AEBCD7B3-3A94-4668-80E5-444CB2A2FC7F} - (no file)
O2 - BHO: (no name) - {AF728F11-FD8E-437D-90D0-EA647B5E8288} - (no file)
O2 - BHO: (no name) - {B11FB791-77B4-4164-B24F-2FE2FF48C216} - (no file)
O2 - BHO: (no name) - {B2897EEA-4EF7-4261-9136-A1B59A293513} - (no file)
O2 - BHO: (no name) - {B588FE8A-0F89-46B6-859F-E727DD99CF1C} - (no file)
O2 - BHO: (no name) - {C26C0469-07D6-46FD-9AC0-9074D5828AC8} - (no file)
O2 - BHO: (no name) - {C4C15748-CF84-49EB-884E-7D51C36ED6C3} - (no file)
O2 - BHO: (no name) - {C6C4BD6A-C0DB-48AB-AE3A-5F7BD04B9816} - (no file)
O2 - BHO: (no name) - {CA9016B4-92FE-4259-A24F-315B925798EC} - (no file)
O2 - BHO: (no name) - {D19C515B-8D12-443B-9A5F-B7A9CACC7AAA} - (no file)
O2 - BHO: (no name) - {D1AE98D4-3D97-4A98-8F0B-1F2DDC214E0E} - (no file)
O2 - BHO: (no name) - {D293CCE4-944F-4FA7-A1D3-A8F331F7FAE0} - (no file)
O2 - BHO: (no name) - {D389434F-CC5E-4462-9C67-0D5CC6E0BFCC} - (no file)
O2 - BHO: (no name) - {D444C532-DAE7-45A5-A0C3-7AB043AF3DB1} - (no file)
O2 - BHO: (no name) - {D7DC5F57-F3B9-40F7-8ED7-48EDDD5F2E62} - (no file)
O2 - BHO: (no name) - {DD11D113-40B3-4D74-9F84-63282ACDA29A} - (no file)
O2 - BHO: (no name) - {E2969767-87AC-4B1D-986A-CDF7F07D49A0} - (no file)
O2 - BHO: (no name) - {E6113460-D635-486A-A7DD-E70770F6FD79} - (no file)
O2 - BHO: (no name) - {E77AF872-7098-48A1-A6C6-49A84DE26D6A} - (no file)
O2 - BHO: (no name) - {EF6A3A1C-EE42-4F99-9845-15AE16D0C7C5} - (no file)
O2 - BHO: (no name) - {F0087BE1-2599-4E10-A340-5F95F9B2A725} - (no file)
O2 - BHO: (no name) - {F34F9A2C-048F-45FD-86B0-8E588CB94B35} - (no file)
O2 - BHO: (no name) - {F49DD5FC-4839-42B7-847D-B2734DA97B24} - (no file)
O2 - BHO: (no name) - {F587CD84-61C7-4E8F-92A7-2284F8875D0E} - (no file)
O2 - BHO: (no name) - {F5EFFB3D-1DFA-4BDC-9182-5EC2709D7B51} - (no file)
O2 - BHO: (no name) - {F745F537-4B15-45A9-BA64-CB4C6AADB8FE} - (no file)
O2 - BHO: (no name) - {FC045E8D-9A11-477B-B6BE-5282187CEABF} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O20 - AppInit_DLLs: c:\windows\system32\jkhffcc.dll
O20 - Winlogon Notify: cerlpk - cerlpk.dll (file missing)
O20 - Winlogon Notify: vtuvwwt - C:\WINDOWS\
apres tu clique sur "fixchecked"
leila76
Messages postés
41
Date d'inscription
vendredi 29 juin 2007
Statut
Membre
Dernière intervention
4 janvier 2009
13
23 déc. 2007 à 16:16
23 déc. 2007 à 16:16
ok je le fais ...
leila76
Messages postés
41
Date d'inscription
vendredi 29 juin 2007
Statut
Membre
Dernière intervention
4 janvier 2009
13
23 déc. 2007 à 16:23
23 déc. 2007 à 16:23
ça y est et ensuite que dois je faire?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
23 déc. 2007 à 16:34
23 déc. 2007 à 16:34
Télécharge VundoFix.exe par Atribune http://www.atribune.org/content/view/24/2/ sur ton Bureau.
* Double-clique sur VundoFix.exe afin de le lancer
* Clique sur le bouton Scan for Vundo
* Lorsque le scan est terminé, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
* Tu verras une invite qui t'annonce que ton PC va redémarrer; clique sur OK
--> Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
* Double-clique sur VundoFix.exe afin de le lancer
* Clique sur le bouton Scan for Vundo
* Lorsque le scan est terminé, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
* Tu verras une invite qui t'annonce que ton PC va redémarrer; clique sur OK
--> Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
leila76
Messages postés
41
Date d'inscription
vendredi 29 juin 2007
Statut
Membre
Dernière intervention
4 janvier 2009
13
23 déc. 2007 à 16:59
23 déc. 2007 à 16:59
bjr,
vundofix m'annonce qu'il n'a rien trouvé ... normal?
Log hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:53, on 23/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O5 "LPT1:" /M "Stylus C66"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - http://espaceabonnes.club-internet.fr/services/symantec/SymDlBrg.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
vundofix m'annonce qu'il n'a rien trouvé ... normal?
Log hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:53, on 23/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O5 "LPT1:" /M "Stylus C66"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - http://espaceabonnes.club-internet.fr/services/symantec/SymDlBrg.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
Utilisateur anonyme
23 déc. 2007 à 17:08
23 déc. 2007 à 17:08
peu tu rebooter ton pc puis relancer hijackthis et coller le rapport stp
leila76
Messages postés
41
Date d'inscription
vendredi 29 juin 2007
Statut
Membre
Dernière intervention
4 janvier 2009
13
23 déc. 2007 à 17:37
23 déc. 2007 à 17:37
ok
leila76
Messages postés
41
Date d'inscription
vendredi 29 juin 2007
Statut
Membre
Dernière intervention
4 janvier 2009
13
23 déc. 2007 à 17:42
23 déc. 2007 à 17:42
re,
voici un nouveau rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:40:16, on 23/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O5 "LPT1:" /M "Stylus C66"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - http://espaceabonnes.club-internet.fr/services/symantec/SymDlBrg.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
voici un nouveau rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:40:16, on 23/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O5 "LPT1:" /M "Stylus C66"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - http://espaceabonnes.club-internet.fr/services/symantec/SymDlBrg.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
jfkpresident
Messages postés
13408
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
23 déc. 2007 à 18:03
23 déc. 2007 à 18:03
salut carossier "je n'ai pas vu d'infection VUNDO"??
Utilisateur anonyme
23 déc. 2007 à 18:09
23 déc. 2007 à 18:09
normal car a prioris leila a commencer a desinfecter avant de venir vue les bho no name et tu as fait fixer le reste c'etait pour controler ca l'air bon !
jfkpresident
Messages postés
13408
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
23 déc. 2007 à 18:12
23 déc. 2007 à 18:12
oui je pense que maintenant y a plus rien....
leila76
Messages postés
41
Date d'inscription
vendredi 29 juin 2007
Statut
Membre
Dernière intervention
4 janvier 2009
13
24 déc. 2007 à 15:58
24 déc. 2007 à 15:58
excuser moi j'ai pas pu repondre avant cause du modem
je vous remercie beaucoup pour votre aide et pour
m'avoir consacré du temps
@+ et bon réveillon a tous !!
je vous remercie beaucoup pour votre aide et pour
m'avoir consacré du temps
@+ et bon réveillon a tous !!
Utilisateur anonyme
25 déc. 2007 à 00:48
25 déc. 2007 à 00:48
de rien hereux de t'avoir rendu service !!
passe de joyeuses fetes et meilleurs voeux!!
passe de joyeuses fetes et meilleurs voeux!!