Sujet Précédent Sujet Suivant

Rapport

Fermé
nass - 7 avril 2008 à 20:44
 Utilisateur anonyme - 7 avril 2008 à 20:49
Bonjour,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:41:28, on 07/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Babylon\Babylon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {32FC7352-F51A-4905-ABC7-2F5F2AB0EA31} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {71AD1384-7BD4-4F17-AAD3-C4080AF3D793} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7AE0C369-A5AB-4223-88C6-06398DFD0C47} - (no file)
O2 - BHO: (no name) - {7CE67716-5803-4FB7-B344-0C7A17F93B5D} - C:\WINDOWS\system32\vtUkLdbc.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9B8AA8CD-1C20-4408-AAE2-616D16867D98} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {CC352608-51EF-4E18-911A-F3FA45336355} - C:\WINDOWS\system32\cbXpQJAt.dll (file missing)
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: (no name) - {FA92695B-C762-4FBB-B7CD-6B573A3D4A34} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Afficher Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [3c9cdf65] rundll32.exe "C:\WINDOWS\system32\vrpeykmk.dll",b
O4 - HKLM\..\Run: [BM3fafecf9] Rundll32.exe "C:\WINDOWS\system32\bxyknulk.dll",s
O4 - HKLM\..\RunOnce: [SpybotDeletingA8392] command /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6829] cmd /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1517] command /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC650] cmd /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6556] command /c del "C:\WINDOWS\system32\vrpeykmk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8374] cmd /c del "C:\WINDOWS\system32\vrpeykmk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7218] command /c del "C:\WINDOWS\system32\xxywWnNh.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9362] cmd /c del "C:\WINDOWS\system32\xxywWnNh.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4600] command /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9741] cmd /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1338] command /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6725] cmd /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7171] command /c del "C:\WINDOWS\system32\vrpeykmk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8493] cmd /c del "C:\WINDOWS\system32\vrpeykmk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3492] command /c del "C:\WINDOWS\system32\xxywWnNh.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7523] cmd /c del "C:\WINDOWS\system32\xxywWnNh.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1225] command /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7721] cmd /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1701] command /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8987] cmd /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3808] command /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC624] cmd /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4761] command /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6840] cmd /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8062] command /c del "C:\WINDOWS\system32\vrpeykmk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9302] cmd /c del "C:\WINDOWS\system32\vrpeykmk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6698] command /c del "C:\WINDOWS\system32\xxywWnNh.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2573] cmd /c del "C:\WINDOWS\system32\xxywWnNh.dll_old"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB1542] command /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7261] cmd /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9653] command /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2428] cmd /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1319] command /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7900] cmd /c del "C:\WINDOWS\system32\bftquetw.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8030] command /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6872] cmd /c del "C:\WINDOWS\system32\cbXpQJAt.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3824] command /c del "C:\WINDOWS\system32\vrpeykmk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1902] cmd /c del "C:\WINDOWS\system32\vrpeykmk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1963] command /c del "C:\WINDOWS\system32\xxywWnNh.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5064] cmd /c del "C:\WINDOWS\system32\xxywWnNh.dll_old"
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jdk/6u5b/jinstall-6u5-windows-i586-jc.cab?AuthParam=1206206134_1f4d2e93a7a47e788bb6e22612f4bd88&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD39/JSCDL/jdk/6u5b/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: vtUkLdbc - C:\WINDOWS\SYSTEM32\vtUkLdbc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

1 réponse

Réponse 1 / 1
Utilisateur anonyme
7 avril 2008 à 20:49
C'est un beau rapport
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Accés au cloud
Dadou1968 -
loisou17 -

3 réponses