MN PC EST INFECTE WIND SUBIT DES METAMORPHOSE
Fermé
baldinho20
Messages postés
23
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
-
22 janv. 2008 à 20:01
Utilisateur anonyme - 22 janv. 2008 à 23:48
Utilisateur anonyme - 22 janv. 2008 à 23:48
A voir également:
- MN PC EST INFECTE WIND SUBIT DES METAMORPHOSE
- Test performance pc - Guide
- Mon pc est lent - Guide
- Reinitialiser pc - Guide
- Whatsapp pc - Télécharger - Messagerie
- Double ecran pc - Guide
27 réponses
baldinho20
Messages postés
23
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
22 janv. 2008 à 21:08
22 janv. 2008 à 21:08
apres jefais quoi
Utilisateur anonyme
22 janv. 2008 à 21:09
22 janv. 2008 à 21:09
Re
Télécharge HJT
Lance-le et choisi l'option '' do a system scan and save a logfile '' et poste moi le rapport.
A+
Télécharge HJT
Lance-le et choisi l'option '' do a system scan and save a logfile '' et poste moi le rapport.
A+
baldinho20
Messages postés
23
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
22 janv. 2008 à 21:13
22 janv. 2008 à 21:13
on peu le telecharger sans la connexion
baldinho20
Messages postés
23
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
22 janv. 2008 à 22:38
22 janv. 2008 à 22:38
DI C SAA LE RAPPORT?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:24:31, on 22/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rxjddnvj.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\WINDOWS\system32\regsvr32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\P4P\P4P.exe
C:\WINDOWS\system32\oopmagentts.exe
C:\WINDOWS\htssv32.exe
C:\DOCUME~1\ALPHAB~1\LOCALS~1\Temp\services.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\WINDOWS\system32\ASUSTPE.exe
C:\WINDOWS\ASScrPro.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\bhij.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\rxjddnvj.exe,
O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file)
O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
O2 - BHO: (no name) - {61680ea6-1dd2-11b2-ab8e-fdb9a2286a3a} - C:\WINDOWS\utsdgjgn.dll
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {944864a5-3916-46e2-96a9-a2e84f3f1208} - (no file)
O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
O2 - BHO: (no name) - {c5af2622-8c75-4dfb-9693-23ab7686a456} - (no file)
O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {DA517E05-A1DD-4CB8-801B-9B630F9122D2} - (no file)
O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [Windows Service] C:\Documents and Settings\alphabalde\Bureau\hdeqjs.exe
O4 - HKLM\..\Run: [tarahkje] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\tarahkje.dll"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ooquickpdfv7] "C:\WINDOWS\system32\oopmagentts.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [htssv32.exe] C:\WINDOWS\htssv32.exe
O4 - HKLM\..\Run: [Flash Player2] C:\DOCUME~1\ALPHAB~1\LOCALS~1\Temp\services.exe
O4 - HKLM\..\Run: [drmsrv32] c:\cvbkwtb.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [WintelUpdate] C:\bhij.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [kb4mUYGMRE] rundll32.exe "C:\WINDOWS\gzabitgh.dll",DllCleanServer
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [WintelUpdate] C:\bhij.exe (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-110163013-2713782433-2446114462-1005 Startup: CCC.lnk = ? (User '?')
O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')
O4 - Startup: CCC.lnk = ?
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Gestion d'applications (AppMgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Audio Windows (AudioSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Explorateur d'ordinateur (Browser) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Services de cryptographie (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Lanceur de processus serveur DCOM (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Client DHCP (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Gestionnaire de disque logique (dmserver) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Client DNS (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Service de rapport d'erreurs (ERSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Système d'événements de COM+ (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: FFI - Unknown owner - C:\WINDOWS\system32\ffi.exe
O23 - Service: Aide et support (helpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Serveur (lanmanserver) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Station de travail (lanmanworkstation) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Assistance TCP/IP NetBIOS (LmHosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Connexions réseau (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: NLA (Network Location Awareness) (Nla) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Stockage amovible (NtmsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Gestionnaire de connexion automatique d'accès distant (RasAuto) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Gestionnaire de connexions d'accès distant (RasMan) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Accès à distance au Registre (RemoteRegistry) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Appel de procédure distante (RPC) (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Connexion secondaire (seclogon) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Notification d'événement système (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Pare-feu Windows / Partage de connexion Internet (SharedAccess) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Détection matériel noyau (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Service de restauration système (srservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Service de découvertes SSDP (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Acquisition d'image Windows (WIA) (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe
O23 - Service: Téléphonie (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Services Terminal Server (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Thèmes (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Client de suivi de lien distribué (TrkWks) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Hôte de périphérique universel Plug-and-Play (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Horloge Windows (W32Time) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: WebClient - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Infrastructure de gestion Windows (winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Service de numéro de série du lecteur multimédia portable (WmdmPmSN) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Extensions du pilote WMI (Wmi) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Configuration automatique sans fil (WZCSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Service d'approvisionnement réseau (xmlprov) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:24:31, on 22/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rxjddnvj.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\WINDOWS\system32\regsvr32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\P4P\P4P.exe
C:\WINDOWS\system32\oopmagentts.exe
C:\WINDOWS\htssv32.exe
C:\DOCUME~1\ALPHAB~1\LOCALS~1\Temp\services.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\WINDOWS\system32\ASUSTPE.exe
C:\WINDOWS\ASScrPro.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\bhij.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\rxjddnvj.exe,
O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file)
O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
O2 - BHO: (no name) - {61680ea6-1dd2-11b2-ab8e-fdb9a2286a3a} - C:\WINDOWS\utsdgjgn.dll
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {944864a5-3916-46e2-96a9-a2e84f3f1208} - (no file)
O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
O2 - BHO: (no name) - {c5af2622-8c75-4dfb-9693-23ab7686a456} - (no file)
O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {DA517E05-A1DD-4CB8-801B-9B630F9122D2} - (no file)
O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [Windows Service] C:\Documents and Settings\alphabalde\Bureau\hdeqjs.exe
O4 - HKLM\..\Run: [tarahkje] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\tarahkje.dll"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ooquickpdfv7] "C:\WINDOWS\system32\oopmagentts.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [htssv32.exe] C:\WINDOWS\htssv32.exe
O4 - HKLM\..\Run: [Flash Player2] C:\DOCUME~1\ALPHAB~1\LOCALS~1\Temp\services.exe
O4 - HKLM\..\Run: [drmsrv32] c:\cvbkwtb.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [WintelUpdate] C:\bhij.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [kb4mUYGMRE] rundll32.exe "C:\WINDOWS\gzabitgh.dll",DllCleanServer
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [WintelUpdate] C:\bhij.exe (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-110163013-2713782433-2446114462-1005 Startup: CCC.lnk = ? (User '?')
O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')
O4 - Startup: CCC.lnk = ?
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Gestion d'applications (AppMgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Audio Windows (AudioSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Explorateur d'ordinateur (Browser) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Services de cryptographie (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Lanceur de processus serveur DCOM (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Client DHCP (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Gestionnaire de disque logique (dmserver) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Client DNS (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Service de rapport d'erreurs (ERSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Système d'événements de COM+ (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: FFI - Unknown owner - C:\WINDOWS\system32\ffi.exe
O23 - Service: Aide et support (helpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Serveur (lanmanserver) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Station de travail (lanmanworkstation) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Assistance TCP/IP NetBIOS (LmHosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Connexions réseau (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: NLA (Network Location Awareness) (Nla) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Stockage amovible (NtmsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Gestionnaire de connexion automatique d'accès distant (RasAuto) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Gestionnaire de connexions d'accès distant (RasMan) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Accès à distance au Registre (RemoteRegistry) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Appel de procédure distante (RPC) (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Connexion secondaire (seclogon) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Notification d'événement système (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Pare-feu Windows / Partage de connexion Internet (SharedAccess) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Détection matériel noyau (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Service de restauration système (srservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Service de découvertes SSDP (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Acquisition d'image Windows (WIA) (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe
O23 - Service: Téléphonie (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Services Terminal Server (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Thèmes (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Client de suivi de lien distribué (TrkWks) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Hôte de périphérique universel Plug-and-Play (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Horloge Windows (W32Time) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: WebClient - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Infrastructure de gestion Windows (winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Service de numéro de série du lecteur multimédia portable (WmdmPmSN) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Extensions du pilote WMI (Wmi) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Configuration automatique sans fil (WZCSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Service d'approvisionnement réseau (xmlprov) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
22 janv. 2008 à 23:07
22 janv. 2008 à 23:07
Re
Mon Dieu ! quel rapport apocalyptique o_0
Bon , fixe ces lignes ( coche la case à leurs gauches ->' fixchecked ' )
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\rxjddnvj.exe,
O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file)
O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
O2 - BHO: (no name) - {61680ea6-1dd2-11b2-ab8e-fdb9a2286a3a} - C:\WINDOWS\utsdgjgn.dll
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
O2 - BHO: (no name) - {944864a5-3916-46e2-96a9-a2e84f3f1208} - (no file)
O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
O2 - BHO: (no name) - {c5af2622-8c75-4dfb-9693-23ab7686a456} - (no file)
O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {DA517E05-A1DD-4CB8-801B-9B630F9122D2} - (no file)
O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
O4 - HKLM\..\Run: [Windows Service] C:\Documents and Settings\alphabalde\Bureau\hdeqjs.exe
O4 - HKLM\..\Run: [tarahkje] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\tarahkje.dll"
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [htssv32.exe] C:\WINDOWS\htssv32.exe
O4 - HKLM\..\Run: [drmsrv32] c:\cvbkwtb.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [WintelUpdate] C:\bhij.exe
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [WintelUpdate] C:\bhij.exe (User '?')
O23 - Service: FFI - Unknown owner - C:\WINDOWS\system32\ffi.exe
**************************************************************
Aprés , télécharge OTmoveIt ( de Old Timer )
Une fois téléchargé double-clique sur OTMoveIt.exe pour le lancer.
copie les lignes qui se trouvent en dessous
C:\WINDOWS\system32\rxjddnvj.exe
C:\WINDOWS\utsdgjgn.dll
C:\Documents and Settings\alphabalde\Bureau\hdeqjs.exe
C:\Documents and Settings\All Users\Application Data\tarahkje.dll
C:\Program Files\P4P
C:\WINDOWS\htssv32.exe
c:\cvbkwtb.exe
C:\WINDOWS\system32\ffi.exe
et colle-les dans le cadre de gauche de OTMoveIt : "Paste List of Files/Folders to be moved."
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.
si c'est le cas accepte.
***********************************
Télécharge clean : http://www.malekal.com/download/clean.zip
Une fois téléchargé et dézippé ( clique droit , extraire tout) , lance clean.cmd ( ou clean ), Choisi l'option 1 et poste moi le rapport.(- Où est le rapport clean ? : « Poste de travail » / double clic sur disque « C / » double-clic sur « rapport_clean.txt » et « copier/coller le contenu » sur le forum. )
**************
Poste le rapport Hijackthis + OTMoveIt + Clean
Fait les procédures dans l'ordre !
A+
Mon Dieu ! quel rapport apocalyptique o_0
Bon , fixe ces lignes ( coche la case à leurs gauches ->' fixchecked ' )
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\rxjddnvj.exe,
O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file)
O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
O2 - BHO: (no name) - {61680ea6-1dd2-11b2-ab8e-fdb9a2286a3a} - C:\WINDOWS\utsdgjgn.dll
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
O2 - BHO: (no name) - {944864a5-3916-46e2-96a9-a2e84f3f1208} - (no file)
O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
O2 - BHO: (no name) - {c5af2622-8c75-4dfb-9693-23ab7686a456} - (no file)
O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {DA517E05-A1DD-4CB8-801B-9B630F9122D2} - (no file)
O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
O4 - HKLM\..\Run: [Windows Service] C:\Documents and Settings\alphabalde\Bureau\hdeqjs.exe
O4 - HKLM\..\Run: [tarahkje] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\tarahkje.dll"
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [htssv32.exe] C:\WINDOWS\htssv32.exe
O4 - HKLM\..\Run: [drmsrv32] c:\cvbkwtb.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [WintelUpdate] C:\bhij.exe
O4 - HKUS\S-1-5-21-110163013-2713782433-2446114462-1005\..\Run: [WintelUpdate] C:\bhij.exe (User '?')
O23 - Service: FFI - Unknown owner - C:\WINDOWS\system32\ffi.exe
**************************************************************
Aprés , télécharge OTmoveIt ( de Old Timer )
Une fois téléchargé double-clique sur OTMoveIt.exe pour le lancer.
copie les lignes qui se trouvent en dessous
C:\WINDOWS\system32\rxjddnvj.exe
C:\WINDOWS\utsdgjgn.dll
C:\Documents and Settings\alphabalde\Bureau\hdeqjs.exe
C:\Documents and Settings\All Users\Application Data\tarahkje.dll
C:\Program Files\P4P
C:\WINDOWS\htssv32.exe
c:\cvbkwtb.exe
C:\WINDOWS\system32\ffi.exe
et colle-les dans le cadre de gauche de OTMoveIt : "Paste List of Files/Folders to be moved."
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.
si c'est le cas accepte.
***********************************
Télécharge clean : http://www.malekal.com/download/clean.zip
Une fois téléchargé et dézippé ( clique droit , extraire tout) , lance clean.cmd ( ou clean ), Choisi l'option 1 et poste moi le rapport.(- Où est le rapport clean ? : « Poste de travail » / double clic sur disque « C / » double-clic sur « rapport_clean.txt » et « copier/coller le contenu » sur le forum. )
**************
Poste le rapport Hijackthis + OTMoveIt + Clean
Fait les procédures dans l'ordre !
A+
baldinho20
Messages postés
23
Date d'inscription
mardi 22 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
22 janv. 2008 à 23:45
22 janv. 2008 à 23:45
jarrive pas fermer apres avoir "movelt"... lordi plante g essayer 4 fois ç'a plante 4 fois!