Pubs intempestives
Résolu
prpg601
Messages postés
2
Statut
Membre
-
prpg601 Messages postés 2 Statut Membre -
prpg601 Messages postés 2 Statut Membre -
Bonjour, nouvelle sur le forum et peu douee en informatique.
mon probleme : fenetres publicitaires qui s'ouvrent trés souvent.
merci beaucoup de m'aider, je vous joint un rapport hijackthis. merci encore.....
d Arcade File Downloads UsenetGeeks --Usenet Geeks-- MSUsenet.com WindowsForum.com WebMasterDev.com TheMoneyForum.com UsenetBikes.com UsenetCars.com Usenethealth.com Usenetlinux.com Usenetmac.com UsenetSports.com UsenetTV.com
Email
Confirm email
Articles Spyware Removal File Help Startup DB Tips Service DB News Hijack This! Analyzer
Bad - Remove almost always
OK Most of the time - don't need to touch
Probably not needed - Safe to remove
Generally harmless - third party applications
Bad if you don't know what it is
Unknown Item - Investigate further
--------------------------------------------------------------------------------
You can reference this log by going to: http://hjt.networktechs.com/parse.php?log=445856
--------------------------------------------------------------------------------
Could not execute query correctly. : 1062: Duplicate entry 'You'll want to keep an eye on this google search for any known viruses. The normal location of this' for key 1Old Version of HijackThis
We suggest you upgrade to the latest version of HijackThis (version 1.99.1") at www.merijn.org
Bad - Remove almost always
OK Most of the time - don't need to touch
Probably not needed - Safe to remove
Generally harmless - third party applications
Bad if you don't know what it is
Unknown Item - Investigate further
--------------------------------------------------------------------------------
You can reference this log by going to: http://hjt.networktechs.com/parse.php?log=445853
--------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2Old Version of HijackThis
We suggest you upgrade to the latest version of HijackThis (version 1.99.1") at www.merijn.org
Scan saved at 20:06:51, on 04/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exetaskeng.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Windows\system32\Dwm.exeDwm.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Windows\Explorer.EXEexplorer.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What is it?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Windows Explorer - explorer.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What does it do?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
explorer.exe - Below is a direct quote from Microsoft found on THIS page:Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
This is the user shell, which we see as the familiar taskbar, desktop, and so on. This process isn't as vital to the running of Windows as you might expect, and can be stopped (and restarted) from Task Manager, usually with no negative side effects on the system.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
I have found that stopping this process is needed sometimes to stop some other processes.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
More InfoUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
More InfoUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Virus Precaution:Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
The original file from Microsoft gets placed at C:WINDOWSSystem32explorer.exe . if you find it anywhere else then you should be suspicious for sure.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
You'll want to keep an eye on this google search for any known viruses. There's only one unique virus found through this search. All of the results are the various names of this single virus.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Deloder-A @ SophosUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
MyDoom.B @ SymantecUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Windows Defender\MSASCui.exeMSASCui.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
MSASCui.exe is a part of the windows defender program which runs in the background to protect you from spyware.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Acer\Empowering Technology\SysMonitor.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeeDSloader.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Related to eDataSecurity Loader from Acer Empowering Technology.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Orange\Systray\SystrayApp.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Alwil Software\Avast4\ashDisp.exeashDisp.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What is it?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
ashDisp.exe is an executable file that is included with the avast! anti virus programUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What does it do?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Both the virus database and the program itself can be updated automatically. The updates are incremental, i.e. only the new or missing data are downloaded, thus reducing the transfer heavily. The typical size of a virus database update are tens of KB, the program update usually has hundreds of KB.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
If your Internet connection is persistent, the updates are performed completely automatically in fixed time intervals. If you connect to the Internet only occasionally, avast! watches your connection and tries to perform the update when you are online.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
More info:Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
http://www.avast.com/Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exezlclient.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What is it?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Zone Alarm - zlclient.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What does it do?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
zlclient.exe is a part of Zone Labs Internet Security. You should not end this process for any reason. This is the firewall I use behind my router as a second level of protection. The most important part of this is having to give permission to applications before they access the internet in any way. routers and the windows firewall have a tendency to allow anything out and only blocking inbound connections.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Virus Precautions:Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program Filesone LabsoneAlarmzlclient.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Windows Sidebar\sidebar.exesidebar.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Windows Live\Messenger\msnmsgr.exemsnmsgr.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
msnmsgr.exe is the main system process for Windows Messenger AKA Microsoft Messenger. You can get more information on this file here.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Quote:Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Instant message in real time, get face-to-face with webcam, send messages to your friends' cell phones, or get the latest news with MSN Alerts. It's easy to explore all the ways to stay in touch!Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Windows\ehome\ehtray.exeehtray.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
ehtray.exe - This is the traybar process for Microsoft Media, this provides easy access to the digital media manager, this is non essential.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Windows Media Player\wmpnscfg.exewmpnscfg.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Windows\ehome\ehmsas.exeehmsas.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
ehmsas.exe - This is a process from Microsoft Windows Media Center, this is? descibed as the Windows Media Center Aggregator Service, this is important for a secure system.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXEUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXEeRAgent.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Internet Explorer\ieuser.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Trend Micro\HijackThis\HijackThis.exeHijackThis.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
This is our favorite application for fighting against malware and other trashy application that bog systems down. Our guide to using this software can be found here. We have also taken the time to write a system to process the log files created from this application here.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Windows\system32\SearchFilterHost.exeSearchFilterHost.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail Start PageInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =Internet Start PageInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dllDefault Search PageDefault Search Page
When using the search toolbar this is your default search. Should be either yahoo, msn or google cause all others suck
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O1 - Hosts: ::1 localhostHostHost
A host is an entry which sets an alias for an internet address. It will send your web browser to a specific site when the given URL is entered regardless of where the URL *should* take you. There are some instances when this is a good thing, and if you or your administrator specifically set up this host, it should not be removed. However, if you or your administrator do not recognise this host, it should be fixed.
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllAcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader http://www.adobe.com/products/acrobat/readsAcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader http://www.adobe.com/products/acrobat/reads
AcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader https://get2.adobe.com/reader/otherversions/
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllSDhelper.dll - SpyBot Search&Destroy http://www.safer-networking.org/index.phpSDhelper.dll - SpyBot Search&Destroy https://www.safer-networking.org/
SDhelper.dll - SpyBot Search&Destroy https://www.safer-networking.org/
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllUnnamed BHOUnnamed BHO
WindowsLiveLogin.dll - Microsoft Windows_Live https://support.microsoft.com/en-us/windows/windows-essentials-2707b879-5004-4349-c4a4-e5900945f2a9
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dllUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideWindows DefenderWindows Defender
"Related to Windows Defender Microsoft (anti-spyware) tool"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeeDataSecurity LoadereDataSecurity Loader
"Part of Acer Empowering Technology. ""Acer eDataSecurity Management is a handy file encryption utility that protects files from being accessed by unauthorized persons
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"Unknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\EoRezo\EoWeather\ItsTV.exe"Unknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeAvast!Avast!
"Avast! anti-virus software"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"Unknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunSidebarSidebar
"Searchcentrix hijacker"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundmsnmsgrmsnmsgr
"MSN Messenger utility. If you don't use MSN Messenger
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')SidebarSidebar
"Searchcentrix hijacker"
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')Unknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')SidebarSidebar
"Searchcentrix hijacker"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLResearchResearch
Microsoft Office related
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O13 - Gopher Prefix:IE DefaultPrefix hijackIE DefaultPrefix hijack
This is always bad.
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cabUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeAdobe LM ServiceAdobe LM Service
Required for PhotoshopCS
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeavast! iAVS4 Control Serviceavast! iAVS4 Control Service
Related to Avast AntiVirus
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeavast! Antivirusavast! Antivirus
Related to Avast AntiVirus
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeavast! Mail Scanneravast! Mail Scanner
Related to Avast AntiVirus
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeavast! Web Scanneravast! Web Scanner
Related to AWIL Software https://www.avast.com/fr-fr/index
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: HP Port Resolver - Unknown owner - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\2\HPBPRO.EXE (file missing)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O23 - Service: HP Status Server - Unknown owner - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\2\HPBOID.EXE (file missing)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeLightScribeService Direct Disc Labeling ServiceLightScribeService Direct Disc Labeling Service
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exeTrueVector Internet MonitorTrueVector Internet Monitor
Zone Alarm Firewall
Copyright 2005 I Am Not A Geek Inc.
mon probleme : fenetres publicitaires qui s'ouvrent trés souvent.
merci beaucoup de m'aider, je vous joint un rapport hijackthis. merci encore.....
d Arcade File Downloads UsenetGeeks --Usenet Geeks-- MSUsenet.com WindowsForum.com WebMasterDev.com TheMoneyForum.com UsenetBikes.com UsenetCars.com Usenethealth.com Usenetlinux.com Usenetmac.com UsenetSports.com UsenetTV.com
Confirm email
Articles Spyware Removal File Help Startup DB Tips Service DB News Hijack This! Analyzer
Bad - Remove almost always
OK Most of the time - don't need to touch
Probably not needed - Safe to remove
Generally harmless - third party applications
Bad if you don't know what it is
Unknown Item - Investigate further
--------------------------------------------------------------------------------
You can reference this log by going to: http://hjt.networktechs.com/parse.php?log=445856
--------------------------------------------------------------------------------
Could not execute query correctly. : 1062: Duplicate entry 'You'll want to keep an eye on this google search for any known viruses. The normal location of this' for key 1Old Version of HijackThis
We suggest you upgrade to the latest version of HijackThis (version 1.99.1") at www.merijn.org
Bad - Remove almost always
OK Most of the time - don't need to touch
Probably not needed - Safe to remove
Generally harmless - third party applications
Bad if you don't know what it is
Unknown Item - Investigate further
--------------------------------------------------------------------------------
You can reference this log by going to: http://hjt.networktechs.com/parse.php?log=445853
--------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2Old Version of HijackThis
We suggest you upgrade to the latest version of HijackThis (version 1.99.1") at www.merijn.org
Scan saved at 20:06:51, on 04/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exetaskeng.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Windows\system32\Dwm.exeDwm.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Windows\Explorer.EXEexplorer.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What is it?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Windows Explorer - explorer.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What does it do?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
explorer.exe - Below is a direct quote from Microsoft found on THIS page:Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
This is the user shell, which we see as the familiar taskbar, desktop, and so on. This process isn't as vital to the running of Windows as you might expect, and can be stopped (and restarted) from Task Manager, usually with no negative side effects on the system.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
I have found that stopping this process is needed sometimes to stop some other processes.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
More InfoUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
More InfoUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Virus Precaution:Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
The original file from Microsoft gets placed at C:WINDOWSSystem32explorer.exe . if you find it anywhere else then you should be suspicious for sure.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
You'll want to keep an eye on this google search for any known viruses. There's only one unique virus found through this search. All of the results are the various names of this single virus.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Deloder-A @ SophosUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
MyDoom.B @ SymantecUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Windows Defender\MSASCui.exeMSASCui.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
MSASCui.exe is a part of the windows defender program which runs in the background to protect you from spyware.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Acer\Empowering Technology\SysMonitor.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeeDSloader.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Related to eDataSecurity Loader from Acer Empowering Technology.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Orange\Systray\SystrayApp.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Alwil Software\Avast4\ashDisp.exeashDisp.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What is it?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
ashDisp.exe is an executable file that is included with the avast! anti virus programUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What does it do?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Both the virus database and the program itself can be updated automatically. The updates are incremental, i.e. only the new or missing data are downloaded, thus reducing the transfer heavily. The typical size of a virus database update are tens of KB, the program update usually has hundreds of KB.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
If your Internet connection is persistent, the updates are performed completely automatically in fixed time intervals. If you connect to the Internet only occasionally, avast! watches your connection and tries to perform the update when you are online.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
More info:Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
http://www.avast.com/Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exezlclient.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What is it?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Zone Alarm - zlclient.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
What does it do?Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
zlclient.exe is a part of Zone Labs Internet Security. You should not end this process for any reason. This is the firewall I use behind my router as a second level of protection. The most important part of this is having to give permission to applications before they access the internet in any way. routers and the windows firewall have a tendency to allow anything out and only blocking inbound connections.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Virus Precautions:Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program Filesone LabsoneAlarmzlclient.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Windows Sidebar\sidebar.exesidebar.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Windows Live\Messenger\msnmsgr.exemsnmsgr.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
msnmsgr.exe is the main system process for Windows Messenger AKA Microsoft Messenger. You can get more information on this file here.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Quote:Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Instant message in real time, get face-to-face with webcam, send messages to your friends' cell phones, or get the latest news with MSN Alerts. It's easy to explore all the ways to stay in touch!Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Windows\ehome\ehtray.exeehtray.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
ehtray.exe - This is the traybar process for Microsoft Media, this provides easy access to the digital media manager, this is non essential.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Windows Media Player\wmpnscfg.exewmpnscfg.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Windows\ehome\ehmsas.exeehmsas.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
ehmsas.exe - This is a process from Microsoft Windows Media Center, this is? descibed as the Windows Media Center Aggregator Service, this is important for a secure system.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXEUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXEeRAgent.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Internet Explorer\ieuser.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Program Files\Trend Micro\HijackThis\HijackThis.exeHijackThis.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
This is our favorite application for fighting against malware and other trashy application that bog systems down. Our guide to using this software can be found here. We have also taken the time to write a system to process the log files created from this application here.Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
C:\Windows\system32\SearchFilterHost.exeSearchFilterHost.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
We Don't know! Please post a comment with information about this fileUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail Start PageInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =Internet Start PageInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line!
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dllDefault Search PageDefault Search Page
When using the search toolbar this is your default search. Should be either yahoo, msn or google cause all others suck
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O1 - Hosts: ::1 localhostHostHost
A host is an entry which sets an alias for an internet address. It will send your web browser to a specific site when the given URL is entered regardless of where the URL *should* take you. There are some instances when this is a good thing, and if you or your administrator specifically set up this host, it should not be removed. However, if you or your administrator do not recognise this host, it should be fixed.
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllAcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader http://www.adobe.com/products/acrobat/readsAcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader http://www.adobe.com/products/acrobat/reads
AcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader https://get2.adobe.com/reader/otherversions/
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllSDhelper.dll - SpyBot Search&Destroy http://www.safer-networking.org/index.phpSDhelper.dll - SpyBot Search&Destroy https://www.safer-networking.org/
SDhelper.dll - SpyBot Search&Destroy https://www.safer-networking.org/
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllUnnamed BHOUnnamed BHO
WindowsLiveLogin.dll - Microsoft Windows_Live https://support.microsoft.com/en-us/windows/windows-essentials-2707b879-5004-4349-c4a4-e5900945f2a9
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dllUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideWindows DefenderWindows Defender
"Related to Windows Defender Microsoft (anti-spyware) tool"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeeDataSecurity LoadereDataSecurity Loader
"Part of Acer Empowering Technology. ""Acer eDataSecurity Management is a handy file encryption utility that protects files from being accessed by unauthorized persons
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"Unknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\EoRezo\EoWeather\ItsTV.exe"Unknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeAvast!Avast!
"Avast! anti-virus software"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"Unknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunSidebarSidebar
"Searchcentrix hijacker"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundmsnmsgrmsnmsgr
"MSN Messenger utility. If you don't use MSN Messenger
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')SidebarSidebar
"Searchcentrix hijacker"
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')Unknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')SidebarSidebar
"Searchcentrix hijacker"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLResearchResearch
Microsoft Office related
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O13 - Gopher Prefix:IE DefaultPrefix hijackIE DefaultPrefix hijack
This is always bad.
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cabUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeAdobe LM ServiceAdobe LM Service
Required for PhotoshopCS
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeavast! iAVS4 Control Serviceavast! iAVS4 Control Service
Related to Avast AntiVirus
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeavast! Antivirusavast! Antivirus
Related to Avast AntiVirus
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeavast! Mail Scanneravast! Mail Scanner
Related to Avast AntiVirus
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeavast! Web Scanneravast! Web Scanner
Related to AWIL Software https://www.avast.com/fr-fr/index
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: HP Port Resolver - Unknown owner - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\2\HPBPRO.EXE (file missing)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O23 - Service: HP Status Server - Unknown owner - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\2\HPBOID.EXE (file missing)File MissingFile Missing
When a file is missing, you should always have HijackThis fix the item.
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeLightScribeService Direct Disc Labeling ServiceLightScribeService Direct Disc Labeling Service
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exeUnknown ItemUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exeTrueVector Internet MonitorTrueVector Internet Monitor
Zone Alarm Firewall
Copyright 2005 I Am Not A Geek Inc.
A voir également:
- Pubs intempestives
- Bloquer les pubs youtube - Accueil - Streaming
- Supprimer les pubs - Guide
- Mon téléphone lance des pubs tout seul ✓ - Forum Téléphones & tablettes Android
- Comment couper le son des pubs dans les jeux - Forum Enceintes / HiFi
- Pubs scrabble ✓ - Forum iPad
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:51, on 04/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\EoRezo\EoWeather\ItsTV.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: HP Port Resolver - Unknown owner - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\2\HPBPRO.EXE (file missing)
O23 - Service: HP Status Server - Unknown owner - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\2\HPBOID.EXE (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe