Se connecter / S'enregistrer
Votre question

infecté rapport hijackthis

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Octobre 2008 17:23:20

salut a tous
besoin d aide j ai des problemes avec un pc de marque hp une tour
plus d acces sur le net ,plus de copier/coller ,impossible de supprimé les
programmes installer
merci d avance

Autres pages sur : infecte rapport hijackthis

4 Octobre 2008 17:47:45

re
voila commej en ai besoin lundi pour mon job
je me suis permi de faire un rapport hijackthis sur cle usb cause impossible copier/coller/glisser




Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:42:12, on 04/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\CA\SharedComponents\Alert\ALERT.EXE

C:\Program Files\CA\SharedComponents\ThirdParty\Tomcat\5.5\Bin\Tomcat5.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe

C:\Program Files\CA\eTrustITM\InoRpc.exe

C:\Program Files\CA\eTrustITM\InoRT.exe

C:\Program Files\CA\eTrustITM\InoTask.exe

C:\Program Files\CA\eTrustITM\inoweb.exe

C:\Program Files\LogMeIn\x86\RaMaint.exe

C:\Program Files\Fighters\configservice.exe

C:\WINDOWS\System32\snmp.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\Fighters\licenseservice.exe

C:\Program Files\Fighters\updateservice.exe

C:\Program Files\Fighters\ScannerService.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

C:\WINDOWS\system32\ltmsg.exe

C:\Program Files\ltmoh\Ltmoh.exe

C:\WINDOWS\System32\hkcmd.exe

C:\Program Files\LogMeIn\x86\LMIGuardian.exe

C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe

C:\Program Files\CA\eTrustITM\Apache\Bin\Apache.exe

C:\Compaq\EAKDRV\EAUSBKBD.EXE

C:\Program Files\CA\eTrustITM\Apache\Bin\Apache.exe

E:\HiJackThis.exe



R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe

O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program Files\CA\eTrustITM\realmon.exe" -s

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [tkbellexe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunjavaupdatesched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [roxioengineutility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"

O4 - HKLM\..\Run: [quicktime task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [ltwinmodem1] ltmsg.exe 9

O4 - HKLM\..\Run: [ltmoh] C:\Program Files\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [ituneshelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [cpqeasyacc] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe

O4 - HKLM\..\Run: [adobe reader speed launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-21-620943864-1446783137-1313394925-1010 Startup: Print.lnk = C:\Program Files\TUN\tcpw\wlpd32.exe (User '?')

O4 - Startup: Print.lnk = C:\Program Files\TUN\tcpw\wlpd32.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...

O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp08.photoprintit.de/microsite/3462/defaults/ac...

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{FF4D82F7-D18B-436F-A9FC-48F7A2BF5DD4}: NameServer = 194.2.0.20,194.2.0.50

O23 - Service: Alert Notification Server - CA, Inc. - C:\Program Files\CA\SharedComponents\Alert\ALERT.EXE

O23 - Service: Apache Content Server (ApacheContentServer) - Apache Software Foundation - C:\Program Files\CA\eTrustITM\Apache\Bin\Apache.exe

O23 - Service: Apache Tomcat Application Server (ApacheTomcatApplicationServer) - Apache Software Foundation - C:\Program Files\CA\SharedComponents\ThirdParty\Tomcat\5.5\Bin\Tomcat5.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Gestion d'applications (AppMgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Audio Windows (AudioSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Explorateur d'ordinateur (Browser) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Services de cryptographie (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Lanceur de processus serveur DCOM (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Client DHCP (Dhcp) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Gestionnaire de disque logique (dmserver) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Configuration automatique de réseau câblé (Dot3svc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Service Protocole EAP (Extensible Authentication Protocol) (EapHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Error Reporting Service (ERSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Esker License Control (EskerLicenseControl) - Esker S.A. - C:\PROGRA~1\TUN\COMMON\ESLCBCST.EXE

O23 - Service: Système d'événements de COM+ (EventSystem) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Aide et support (helpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Service Gestion des clés et des certificats d'intégrité (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iTechnology iGateway 4.2 (iGateway) - CA, Inc. - C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe

O23 - Service: Service serveur eTrust ITM (InoNmSrv) - CA - C:\Program Files\CA\eTrustITM\InoNmSrv.exe

O23 - Service: Service RPC eTrust ITM (InoRPC) - CA - C:\Program Files\CA\eTrustITM\InoRpc.exe

O23 - Service: Service en temps réel eTrust ITM (InoRT) - CA - C:\Program Files\CA\eTrustITM\InoRT.exe

O23 - Service: Service des jobs eTrust ITM (InoTask) - CA - C:\Program Files\CA\eTrustITM\InoTask.exe

O23 - Service: Service d'accès Web eTrust ITM (InoWeb) - CA - C:\Program Files\CA\eTrustITM\inoweb.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Serveur (lanmanserver) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Station de travail (lanmanworkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Assistance TCP/IP NetBIOS (LmHosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

O23 - Service: Esker LPD (lpds) - Esker - C:\PROGRA~1\TUN\TCPW\WLPDSNT.EXE

O23 - Service: Agent de protection d'accès réseau (napagent) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Connexions réseau (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: NLA (Network Location Awareness) (Nla) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Stockage amovible (NtmsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: PTK License-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\licenseservice.exe

O23 - Service: PTK Live Update-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\updateservice.exe

O23 - Service: PTK Scanner-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\ScannerService.exe

O23 - Service: PTK SharedAccess-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\configservice.exe

O23 - Service: Gestionnaire de connexion automatique d'accès distant (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Gestionnaire de connexions d'accès distant (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Routage et accès distant (RemoteAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Appel de procédure distante (RPC) (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Connexion secondaire (seclogon) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Notification d'événement système (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Pare-feu Windows / Partage de connexion Internet (SharedAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Détection matériel noyau (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Service de restauration système (srservice) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Service de découvertes SSDP (SSDPSRV) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Acquisition d'image Windows (WIA) (stisvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Téléphonie (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Services Terminal Server (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Thèmes (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Client de suivi de lien distribué (TrkWks) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Hôte de périphérique universel Plug-and-Play (upnphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Horloge Windows (W32Time) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: WebClient - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Infrastructure de gestion Windows (winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Service de numéro de série du lecteur multimédia portable (WmdmPmSN) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Extensions du pilote WMI (Wmi) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Centre de sécurité (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Configuration automatique sans fil (WZCSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

O23 - Service: Service d'approvisionnement réseau (xmlprov) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)



--

End of file - 14218 bytes
4 Octobre 2008 19:11:49

personne ??? je vais etre obliger de formater snif snif
merci quand meme
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS