Demande d'info sur rapport hijjackthis
alf
-
geoffrey5 Messages postés 14008 Statut Contributeur sécurité -
geoffrey5 Messages postés 14008 Statut Contributeur sécurité -
Bonjour,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:58:40, on 08/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\YUR30B5.exe
C:\Windows\System32\YUR31DD.exe
C:\Windows\System32\YUR3557.exe
C:\Windows\System32\YUR3882.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\users\alphonse\appdata\local\sgauy.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\alphonse\AppData\Local\Temp\Temp1_HiJackThis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O1 - Hosts: ::1 localhost
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [\YUR30B5.exe] C:\Windows\system32\YUR30B5.exe
O4 - HKLM\..\Run: [\YUR31DD.exe] C:\Windows\system32\YUR31DD.exe
O4 - HKLM\..\Run: [\YUR3557.exe] C:\Windows\system32\YUR3557.exe
O4 - HKLM\..\Run: [\YUR3882.exe] C:\Windows\system32\YUR3882.exe
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\MSA\MSA.exe
O4 - HKLM\..\Run: [\YURB81D.exe] C:\Windows\system32\YURB81D.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ahvkesds] C:\ProgramData\ahvkesds\qlwpeboz.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [\YUR30B5.exe] C:\Windows\system32\YUR30B5.exe
O4 - HKCU\..\Run: [\YUR31DD.exe] C:\Windows\system32\YUR31DD.exe
O4 - HKCU\..\Run: [\YUR3557.exe] C:\Windows\system32\YUR3557.exe
O4 - HKCU\..\Run: [\YUR3882.exe] C:\Windows\system32\YUR3882.exe
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program Files\MSA\MSA.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\alphonse\AppData\Local\Temp\ssqOGvwt.dll,#1
O4 - HKCU\..\Run: [\YURB81D.exe] C:\Windows\system32\YURB81D.exe
O4 - HKCU\..\Run: [\YURC679.exe] C:\Windows\system32\YURC679.exe
O4 - HKCU\..\Run: [\YURC908.exe] C:\Windows\system32\YURC908.exe
O4 - HKCU\..\Run: [\YURC8F9.exe] C:\Windows\system32\YURC8F9.exe
O4 - HKCU\..\Run: [\YURD113.exe] C:\Windows\system32\YURD113.exe
O4 - HKCU\..\Run: [\YUR4AF4.exe] C:\Windows\system32\YUR4AF4.exe
O4 - HKCU\..\Run: [\YURDB50.exe] C:\Windows\system32\YURDB50.exe
O4 - HKCU\..\Run: [\YURDBAE.exe] C:\Windows\system32\YURDBAE.exe
O4 - HKCU\..\Run: [\YURDC1B.exe] C:\Windows\system32\YURDC1B.exe
O4 - HKCU\..\Run: [\YURDF85.exe] C:\Windows\system32\YURDF85.exe
O4 - HKCU\..\Run: [\YUR5D5B.exe] C:\Windows\system32\YUR5D5B.exe
O4 - HKCU\..\Run: [\YUR1DBC.exe] C:\Windows\system32\YUR1DBC.exe
O4 - HKCU\..\Run: [\YUR495E.exe] C:\Windows\system32\YUR495E.exe
O4 - HKCU\..\Run: [\YUR52B1.exe] C:\Windows\system32\YUR52B1.exe
O4 - HKCU\..\Run: [\YUR5EE1.exe] C:\Windows\system32\YUR5EE1.exe
O4 - HKCU\..\Run: [\YURDA57.exe] C:\Windows\system32\YURDA57.exe
O4 - HKCU\..\Run: [\YUREA00.exe] C:\Windows\system32\YUREA00.exe
O4 - HKCU\..\Run: [\YURF249.exe] C:\Windows\system32\YURF249.exe
O4 - HKCU\..\Run: [\YURF630.exe] C:\Windows\system32\YURF630.exe
O4 - HKCU\..\Run: [\YURF9F7.exe] C:\Windows\system32\YURF9F7.exe
O4 - HKCU\..\Run: [\YURC754.exe] C:\Windows\system32\YURC754.exe
O4 - HKCU\..\Run: [\YURC753.exe] C:\Windows\system32\YURC753.exe
O4 - HKCU\..\Run: [\YURCABD.exe] C:\Windows\system32\YURCABD.exe
O4 - HKCU\..\Run: [\YURD49C.exe] C:\Windows\system32\YURD49C.exe
O4 - HKCU\..\Run: [\YURDDA1.exe] C:\Windows\system32\YURDDA1.exe
O4 - HKCU\..\Run: [\YUR533D.exe] C:\Windows\system32\YUR533D.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\alphonse\AppData\Local\Temp\yayaYrsp.dll,c
O4 - HKCU\..\Run: [\YUR111F.exe] C:\Windows\system32\YUR111F.exe
O4 - HKCU\..\Run: [\YUR112F.exe] C:\Windows\system32\YUR112F.exe
O4 - HKCU\..\Run: [\YUR14A8.exe] C:\Windows\system32\YUR14A8.exe
O4 - HKCU\..\Run: [\YUR15E0.exe] C:\Windows\system32\YUR15E0.exe
O4 - HKCU\..\Run: [\YURFAC4.exe] C:\Windows\system32\YURFAC4.exe
O4 - HKCU\..\Run: [\YURFAE3.exe] C:\Windows\system32\YURFAE3.exe
O4 - HKCU\..\Run: [\YURFB50.exe] C:\Windows\system32\YURFB50.exe
O4 - HKCU\..\Run: [\YUR24B0.exe] C:\Windows\system32\YUR24B0.exe
O4 - HKCU\..\Run: [\YUR1F.exe] C:\Windows\system32\YUR1F.exe
O4 - HKCU\..\Run: [\YUR9EE.exe] C:\Windows\system32\YUR9EE.exe
O4 - HKCU\..\Run: [\YUR9CF.exe] C:\Windows\system32\YUR9CF.exe
O4 - HKCU\..\Run: [\YUR18AE.exe] C:\Windows\system32\YUR18AE.exe
O4 - HKCU\..\Run: [\YUR1AD0.exe] C:\Windows\system32\YUR1AD0.exe
O4 - HKCU\..\Run: [\YUR1E78.exe] C:\Windows\system32\YUR1E78.exe
O4 - HKCU\..\Run: [\YUR1E1A.exe] C:\Windows\system32\YUR1E1A.exe
O4 - HKCU\..\Run: [\YUR2E02.exe] C:\Windows\system32\YUR2E02.exe
O4 - HKCU\..\Run: [sgauy] "c:\users\alphonse\appdata\local\sgauy.exe" sgauy
O4 - HKCU\..\Run: [d283fbe3] rundll32.exe "C:\Users\alphonse\AppData\Local\Temp\nlpbetmb.dll",b
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:58:40, on 08/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\YUR30B5.exe
C:\Windows\System32\YUR31DD.exe
C:\Windows\System32\YUR3557.exe
C:\Windows\System32\YUR3882.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\users\alphonse\appdata\local\sgauy.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\alphonse\AppData\Local\Temp\Temp1_HiJackThis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O1 - Hosts: ::1 localhost
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [\YUR30B5.exe] C:\Windows\system32\YUR30B5.exe
O4 - HKLM\..\Run: [\YUR31DD.exe] C:\Windows\system32\YUR31DD.exe
O4 - HKLM\..\Run: [\YUR3557.exe] C:\Windows\system32\YUR3557.exe
O4 - HKLM\..\Run: [\YUR3882.exe] C:\Windows\system32\YUR3882.exe
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\MSA\MSA.exe
O4 - HKLM\..\Run: [\YURB81D.exe] C:\Windows\system32\YURB81D.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ahvkesds] C:\ProgramData\ahvkesds\qlwpeboz.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [\YUR30B5.exe] C:\Windows\system32\YUR30B5.exe
O4 - HKCU\..\Run: [\YUR31DD.exe] C:\Windows\system32\YUR31DD.exe
O4 - HKCU\..\Run: [\YUR3557.exe] C:\Windows\system32\YUR3557.exe
O4 - HKCU\..\Run: [\YUR3882.exe] C:\Windows\system32\YUR3882.exe
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program Files\MSA\MSA.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\alphonse\AppData\Local\Temp\ssqOGvwt.dll,#1
O4 - HKCU\..\Run: [\YURB81D.exe] C:\Windows\system32\YURB81D.exe
O4 - HKCU\..\Run: [\YURC679.exe] C:\Windows\system32\YURC679.exe
O4 - HKCU\..\Run: [\YURC908.exe] C:\Windows\system32\YURC908.exe
O4 - HKCU\..\Run: [\YURC8F9.exe] C:\Windows\system32\YURC8F9.exe
O4 - HKCU\..\Run: [\YURD113.exe] C:\Windows\system32\YURD113.exe
O4 - HKCU\..\Run: [\YUR4AF4.exe] C:\Windows\system32\YUR4AF4.exe
O4 - HKCU\..\Run: [\YURDB50.exe] C:\Windows\system32\YURDB50.exe
O4 - HKCU\..\Run: [\YURDBAE.exe] C:\Windows\system32\YURDBAE.exe
O4 - HKCU\..\Run: [\YURDC1B.exe] C:\Windows\system32\YURDC1B.exe
O4 - HKCU\..\Run: [\YURDF85.exe] C:\Windows\system32\YURDF85.exe
O4 - HKCU\..\Run: [\YUR5D5B.exe] C:\Windows\system32\YUR5D5B.exe
O4 - HKCU\..\Run: [\YUR1DBC.exe] C:\Windows\system32\YUR1DBC.exe
O4 - HKCU\..\Run: [\YUR495E.exe] C:\Windows\system32\YUR495E.exe
O4 - HKCU\..\Run: [\YUR52B1.exe] C:\Windows\system32\YUR52B1.exe
O4 - HKCU\..\Run: [\YUR5EE1.exe] C:\Windows\system32\YUR5EE1.exe
O4 - HKCU\..\Run: [\YURDA57.exe] C:\Windows\system32\YURDA57.exe
O4 - HKCU\..\Run: [\YUREA00.exe] C:\Windows\system32\YUREA00.exe
O4 - HKCU\..\Run: [\YURF249.exe] C:\Windows\system32\YURF249.exe
O4 - HKCU\..\Run: [\YURF630.exe] C:\Windows\system32\YURF630.exe
O4 - HKCU\..\Run: [\YURF9F7.exe] C:\Windows\system32\YURF9F7.exe
O4 - HKCU\..\Run: [\YURC754.exe] C:\Windows\system32\YURC754.exe
O4 - HKCU\..\Run: [\YURC753.exe] C:\Windows\system32\YURC753.exe
O4 - HKCU\..\Run: [\YURCABD.exe] C:\Windows\system32\YURCABD.exe
O4 - HKCU\..\Run: [\YURD49C.exe] C:\Windows\system32\YURD49C.exe
O4 - HKCU\..\Run: [\YURDDA1.exe] C:\Windows\system32\YURDDA1.exe
O4 - HKCU\..\Run: [\YUR533D.exe] C:\Windows\system32\YUR533D.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\alphonse\AppData\Local\Temp\yayaYrsp.dll,c
O4 - HKCU\..\Run: [\YUR111F.exe] C:\Windows\system32\YUR111F.exe
O4 - HKCU\..\Run: [\YUR112F.exe] C:\Windows\system32\YUR112F.exe
O4 - HKCU\..\Run: [\YUR14A8.exe] C:\Windows\system32\YUR14A8.exe
O4 - HKCU\..\Run: [\YUR15E0.exe] C:\Windows\system32\YUR15E0.exe
O4 - HKCU\..\Run: [\YURFAC4.exe] C:\Windows\system32\YURFAC4.exe
O4 - HKCU\..\Run: [\YURFAE3.exe] C:\Windows\system32\YURFAE3.exe
O4 - HKCU\..\Run: [\YURFB50.exe] C:\Windows\system32\YURFB50.exe
O4 - HKCU\..\Run: [\YUR24B0.exe] C:\Windows\system32\YUR24B0.exe
O4 - HKCU\..\Run: [\YUR1F.exe] C:\Windows\system32\YUR1F.exe
O4 - HKCU\..\Run: [\YUR9EE.exe] C:\Windows\system32\YUR9EE.exe
O4 - HKCU\..\Run: [\YUR9CF.exe] C:\Windows\system32\YUR9CF.exe
O4 - HKCU\..\Run: [\YUR18AE.exe] C:\Windows\system32\YUR18AE.exe
O4 - HKCU\..\Run: [\YUR1AD0.exe] C:\Windows\system32\YUR1AD0.exe
O4 - HKCU\..\Run: [\YUR1E78.exe] C:\Windows\system32\YUR1E78.exe
O4 - HKCU\..\Run: [\YUR1E1A.exe] C:\Windows\system32\YUR1E1A.exe
O4 - HKCU\..\Run: [\YUR2E02.exe] C:\Windows\system32\YUR2E02.exe
O4 - HKCU\..\Run: [sgauy] "c:\users\alphonse\appdata\local\sgauy.exe" sgauy
O4 - HKCU\..\Run: [d283fbe3] rundll32.exe "C:\Users\alphonse\AppData\Local\Temp\nlpbetmb.dll",b
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
A voir également:
- Demande d'info sur rapport hijjackthis
- Info pc - Guide
- Crystal disk info - Télécharger - Informations & Diagnostic
- Wifi info view - Télécharger - Divers Réseau & Wi-Fi
- Un exemple de rapport de travail ✓ - Forum Word
- Plan rapport de stage - Guide
21 réponses
Salut alf !!
comment se fait il que tu n arrive pas à télécharger combofix ??
Télécharger sur le bureau malwarebytes à cette adresse :
https://www.androidworld.fr/
Voici un tuto pour bien l installer et bien l utiliser :
https://www.androidworld.fr/
aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé
Après l analyse, redémarrer le pc et poste le rapport !!
Et refais un nouveau rapport hijackthis stp
comment se fait il que tu n arrive pas à télécharger combofix ??
Télécharger sur le bureau malwarebytes à cette adresse :
https://www.androidworld.fr/
Voici un tuto pour bien l installer et bien l utiliser :
https://www.androidworld.fr/
aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé
Après l analyse, redémarrer le pc et poste le rapport !!
Et refais un nouveau rapport hijackthis stp
