Se connecter / S'enregistrer
Votre question

Rapport HijackThis - Suis-je infecté?

Tags :
  • X86
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Avril 2011 03:47:51

Bonjour à tous,
Depuis quelques jours, ma consommation internet est très élevée.
En effet, en aval (download) j'ai entre 5 et 10go par jour, alors que d'habitude, ça se limite à 1.5go.

Je vous présente donc un rapport HijackThis, et j'aimerais que vous m'indiquiez si je suis infecté.

  1. Logfile of Trend Micro HijackThis v2.0.2
  2. Scan saved at 21:28:42, on 2011-04-08
  3. Platform: Unknown Windows (WinNT 6.01.3504)
  4. MSIE: Internet Explorer v8.00 (8.00.7600.16722)
  5. Boot mode: Normal
  6.  
  7. Running processes:
  8. C:\Windows\PLFSetI.exe
  9. C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
  10. C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
  11. C:\Program Files (x86)\Launch Manager\LManager.exe
  12. C:\Program Files (x86)\MagicDisc\MagicDisc.exe
  13. C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
  14. C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
  15. C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  16. C:\Program Files (x86)\iTunes\iTunesHelper.exe
  17. C:\Users\Collette\AppData\Local\Google\Chrome\Application\chrome.exe
  18. C:\Users\Collette\AppData\Local\Google\Chrome\Application\chrome.exe
  19. C:\Users\Collette\AppData\Local\Google\Chrome\Application\chrome.exe
  20. C:\Users\Collette\AppData\Local\Google\Chrome\Application\chrome.exe
  21. C:\Users\Collette\AppData\Local\Google\Chrome\Application\chrome.exe
  22. C:\Users\Collette\AppData\Local\Google\Chrome\Application\chrome.exe
  23. C:\Users\Collette\AppData\Local\Google\Chrome\Application\chrome.exe
  24. C:\Users\Collette\AppData\Local\Google\Chrome\Application\chrome.exe
  25. C:\Users\Collette\Downloads\HiJackThis.exe
  26.  
  27. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0c0c&m=id49c&r=27360810b535l0474z155a4662d295" rel="nofollow" target="_blank">http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0c0c&m=id...</a>
  28. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.bigseekpro.com/hypercam/" rel="nofollow" target="_blank">http://www.bigseekpro.com/hypercam/</a>{7A282724-E667-40AA-9525-98E89AC58407}
  29. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0c0c&m=id49c&r=27360810b535l0474z155a4662d295" rel="nofollow" target="_blank">http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0c0c&m=id...</a>
  30. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = <a href="http://go.microsoft.com/fwlink/?LinkId=54896" rel="nofollow" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>
  31. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = <a href="http://go.microsoft.com/fwlink/?LinkId=54896" rel="nofollow" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>
  32. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.bigseekpro.com/hypercam/" rel="nofollow" target="_blank">http://www.bigseekpro.com/hypercam/</a>{7A282724-E667-40AA-9525-98E89AC58407}
  33. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  34. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  35. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  36. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
  37. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  38. R3 - URLSearchHook: IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
  39. R3 - URLSearchHook: FCToolbarURLSearchHook Class - {19013e5a-2ac6-4291-8759-377a16fd98c6} - C:\Program Files (x86)\GameCoins GamerBar\Helper.dll (file missing)
  40. R3 - URLSearchHook: (no name) - - (no file)
  41. F2 - REG:system.ini: UserInit=userinit.exe,
  42. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  43. O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
  44. O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
  45. O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~2\WIA6EB~1\ToolBar\SearchquDx.dll (file missing)
  46. O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  47. O2 - BHO: IMVU Inc - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
  48. O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
  49. O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  50. O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
  51. O2 - BHO: DCA - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll
  52. O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
  53. O2 - BHO: FCTBPos00Pos - {B5909367-F226-4A19-A23B-ED7B5CA49236} - C:\Program Files (x86)\GameCoins GamerBar\Toolbar.dll (file missing)
  54. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
  55. O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Fun4IM\Plugins\IE\ieplugin.dll
  56. O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~2\WIA6EB~1\ToolBar\SearchquDx.dll (file missing)
  57. O3 - Toolbar: IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
  58. O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
  59. O3 - Toolbar: GameCoins GamerBar - {33987D87-8F7A-46A2-A2DB-18D7F6166881} - C:\Program Files (x86)\GameCoins GamerBar\Toolbar.dll (file missing)
  60. O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
  61. O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
  62. O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
  63. O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  64. O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
  65. O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
  66. O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
  67. O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
  68. O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
  69. O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
  70. O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
  71. O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
  72. O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
  73. O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
  74. O4 - HKCU\..\Run: [Google Update] "C:\Users\Collette\AppData\Local\Google\Update\GoogleUpdate.exe" /c
  75. O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
  76. O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
  77. O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  78. O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
  79. O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
  80. O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
  81. O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
  82. O4 - Global Startup: Air Mouse.lnk = C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
  83. O4 - Global Startup: HD Writer.lnk = C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
  84. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
  85. O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
  86. O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  87. O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  88. O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
  89. O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
  90. O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
  91. O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
  92. O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  93. O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  94. O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
  95. O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  96. O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  97. O13 - Gopher Prefix:
  98. O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - <a href="http://d1ylr6sba64qi3.cloudfront.net/global/bin/srldetect_cyri_4.1.71.0.cab" rel="nofollow" target="_blank">http://d1ylr6sba64qi3.cloudfront.net/global/bin/srldete...</a>
  99. O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
  100. O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - <a href="http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx" rel="nofollow" target="_blank">http://trial.trymicrosoftoffice.com/trialoaa/buymsoffic...</a>
  101. O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - <a href="http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab" rel="nofollow" target="_blank">http://messenger.zone.msn.com/binary/MessengerStatsPACl...</a>
  102. O18 - Protocol: intu-ir2010 - {A344EB2D-3A0F-48FA-A073-2E649BAEC9B3} - C:\Program Files (x86)\ImpotRapide 2010\ic2010pp.dll
  103. O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  104. O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
  105. O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  106. O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
  107. O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\progra~2\fun4im\bndhook.dll
  108. O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
  109. O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
  110. O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
  111. O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  112. O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\SysWOW64\bgsvcgen.exe
  113. O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  114. O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
  115. O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
  116. O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
  117. O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
  118. O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
  119. O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
  120. O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
  121. O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  122. O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
  123. O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
  124. O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  125. O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  126. O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  127. O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
  128. O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
  129. O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  130. O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
  131. O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
  132. O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Gateway\Optical Drive Power Management\ODDPWRSvc.exe
  133. O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  134. O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
  135. O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  136. O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
  137. O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
  138. O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
  139. O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
  140. O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
  141. O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
  142. O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  143. O23 - Service: Updater Service - Acer Group - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
  144. O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  145. O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
  146. O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
  147. O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
  148. O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
  149. O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
  150. O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
  151.  
  152. --
  153. End of file - 17018 bytes


Je me penche sur cette ligne, et je doute sa légitimité.
URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

Connaissez-vous cela? Est-ce dangereux?
Et voyez-vous autre chose?

Merci à vous!

Autres pages sur : rapport hijackthis infecte

a c 296 8 Sécurité
9 Avril 2011 12:16:44

Bonjour,

Citation :
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

--> Cela vient de Microsoft Office, pas de souci.

  • Suis la procédure suivante et poste le rapport :
    http://www.malekal.com/2010/11/12/tutorial-malwarebyte-...
    11 Avril 2011 20:02:21

    Désolé du délai.
    J'ai fait un scan mbam juste avant de poster sur Info du Net, et rien n'a été détecté.
    Malheureusement, je ne sauvegarde jamais les rapports.

    Edit: Je me suis muni de COMODO Firewall, et celui-ci bloque les connexions de "svchost.exe".
    Après de courtes recherches, j'ai découvert que ce fichier est essentiel au fonctionnement de Windows.
    Par contre, est-ce normal qu'il ait des connexions entrantes et sortantes?

    Lorsque Chrome est ouvert, "svchost.exe" consomme environ 50% du traffic total de ma connexion.
    Mais d'un autre côté, ni Malwarebyte ni Antivir ne le détecte comme fichier dangereux.

    Que me suggérez vous de faire?

    Au fait, "svchost.exe" n'apparait pas dans le Gestionnaire de Tâches Windows.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS