Aller au contenu

incal32

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    2

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par incal32

  1. incal32
    Bonjour, Par ce mail je demande votre aide car mon PC rame+++ en ce moment et lorsque j'effectue une recherche sur google, quand je cliquesur un résultat, la plupart du temps je suis redirigé sur un site publicitaire Voici le rapport HIJACKTHIS : Merci de votre aide: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:46:23, on 12/01/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: E:\Windows\system32\Dwm.exe E:\Windows\Explorer.EXE E:\Windows\system32\taskhost.exe E:\Windows\System32\igfxtray.exe E:\Windows\system32\igfxsrvc.exe E:\Windows\System32\hkcmd.exe E:\Windows\System32\igfxpers.exe E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe E:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe E:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe E:\Program Files\iTunes\iTunesHelper.exe E:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe E:\Windows\system32\wuauclt.exe E:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe E:\Program Files\Internet Explorer\iexplore.exe E:\Program Files\Internet Explorer\iexplore.exe E:\Windows\system32\Macromed\Flash\FlashUtil10c.exe E:\Windows\system32\taskeng.exe E:\Program Files\Internet Explorer\iexplore.exe E:\Users\Denver\Documents\UseNeXT\wizard\Xfloodx - Alias S04e07 DVDRip XviD - WAT - aliass0\HiJackThis.exe E:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\Program Files\Norton AntiVirus\Engine\17.1.0.19\IPSBHO.DLL O4 - HKLM\..\Run: [igfxTray] E:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] E:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] E:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Corel Photo Downloader] "E:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup O4 - HKLM\..\Run: [Corel File Shell Monitor] E:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "E:\Users\Denver\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://E:\Windows\system32\GPhotos.scr/200 O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - E:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - E:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - E:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - E:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- End of file - 5457 bytes
  2. incal32
    Bonjour, J'ai un pb, a chaque fois, que j'ai un résultat sur google, je clique dessus et suit rediriger sur un lien exoclick, S'agit t'il d'un détournement DNS. Je poste le rapport de hijackthis Merci pour votre aide Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:46:23, on 12/01/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: E:\Windows\system32\Dwm.exe E:\Windows\Explorer.EXE E:\Windows\system32\taskhost.exe E:\Windows\System32\igfxtray.exe E:\Windows\system32\igfxsrvc.exe E:\Windows\System32\hkcmd.exe E:\Windows\System32\igfxpers.exe E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe E:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe E:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe E:\Program Files\iTunes\iTunesHelper.exe E:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe E:\Windows\system32\wuauclt.exe E:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe E:\Program Files\Internet Explorer\iexplore.exe E:\Program Files\Internet Explorer\iexplore.exe E:\Windows\system32\Macromed\Flash\FlashUtil10c.exe E:\Windows\system32\taskeng.exe E:\Program Files\Internet Explorer\iexplore.exe E:\Users\Denver\Documents\UseNeXT\wizard\Xfloodx - Alias S04e07 DVDRip XviD - WAT - aliass0\HiJackThis.exe E:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\Program Files\Norton AntiVirus\Engine\17.1.0.19\IPSBHO.DLL O4 - HKLM\..\Run: [igfxTray] E:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] E:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] E:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Corel Photo Downloader] "E:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup O4 - HKLM\..\Run: [Corel File Shell Monitor] E:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "E:\Users\Denver\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://E:\Windows\system32\GPhotos.scr/200 O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - E:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - E:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - E:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - E:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- End of file - 5457 bytes Malwarebyte a trouvé en plus une infection par Bitrose Trace ? mais cela se poursuit tout de même après supression des fichiers.
×
×
  • Créer...