Aller au contenu

le_jer

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    7

  • Inscription

  • Dernière visite

Profile Information

  • Sexe
    Male

le_jer's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. le_jer
    voila : DDS (Ver_10-03-17.01) - NTFSx86 Run by jer at 22:59:59,62 on 06/07/2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1261 [GMT 2:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: Sunbelt Personal Firewall *disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0} ============== Running Processes =============== D:\WINDOWS\system32\svchost -k DcomLaunch D:\WINDOWS\system32\svchost -k rpcss D:\WINDOWS\System32\svchost.exe -k netsvcs D:\WINDOWS\system32\spoolsv.exe D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe D:\PROGRA~1\AVG\AVG8\avgrsx.exe D:\WINDOWS\system32\svchost.exe -k imgsvc D:\PROGRA~1\AVG\AVG8\avgemc.exe D:\Program Files\AVG\AVG8\avgcsrvx.exe D:\WINDOWS\System32\alg.exe D:\WINDOWS\Explorer.EXE D:\PROGRA~1\AVG\AVG8\avgtray.exe D:\WINDOWS\system32\svchost.exe -k LocalService D:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe D:\WINDOWS\RTHDCPL.EXE D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe D:\Program Files\SuperCopier2\SuperCopier2.exe D:\Program Files\DAEMON Tools Lite\daemon.exe D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe D:\Program Files\PeerGuardian2\pg2.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe D:\Program Files\AVG\AVG8\avgui.exe D:\PROGRA~1\AVG\AVG8\avgnsx.exe D:\WINDOWS\system32\taskmgr.exe D:\Documents and Settings\jer\Bureau\dds.scr D:\WINDOWS\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uWindow Title = uInternet Connection Wizard,ShellNext = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = <local> mWinlogon: SFCDisable=4 (0x4) BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - d:\program files\avg\avg8\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\progra~1\spybot~1\SDHelper.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - d:\program files\java\jre6\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - d:\program files\daemon tools toolbar\DTToolbar.dll uRun: [superCopier2.exe] d:\program files\supercopier2\SuperCopier2.exe uRun: [DAEMON Tools Lite] "d:\program files\daemon tools lite\daemon.exe" -autorun uRun: [AtiTrayTools] "d:\program files\ray adams\ati tray tools\atitray.exe" uRun: [spybotSD TeaTimer] d:\program files\spybot - search & destroy\TeaTimer.exe uRun: [PeerGuardian] d:\program files\peerguardian2\pg2.exe uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe mRun: [AVG8_TRAY] d:\progra~1\avg\avg8\avgtray.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [startCCC] "d:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [sunJavaUpdateSched] "d:\program files\java\jre6\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "d:\program files\fichiers communs\adobe\arm\1.0\AdobeARM.exe" dRunOnce: [Config] %systemroot%\system32\run.cmd dRunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe uPolicies-explorer: MemCheckBoxInRunDlg = 1 (0x1) uPolicies-explorer: NoSMBalloonTip = 1 (0x1) uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) uPolicies-explorer: NoWelcomeScreen = 1 (0x1) uPolicies-explorer: NoStrCmpLogical = 0 (0x0) uPolicies-explorer: NoInstrumentation = 0 (0x0) dPolicies-explorer: MemCheckBoxInRunDlg = 1 (0x1) dPolicies-explorer: NoSMBalloonTip = 1 (0x1) dPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) dPolicies-explorer: NoWelcomeScreen = 1 (0x1) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC} - d:\program files\java\jre6\bin\ssv.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - d:\program files\windows live\writer\WriterBrowserExtension.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\progra~1\spybot~1\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab TCP: {F3263650-3F9B-4E4D-A009-091E094A1576} = 212.27.40.241,212.27.40.240 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - d:\program files\avg\avg8\avgpp.dll Notify: AtiExtEvent - Ati2evxx.dll Notify: avgrsstarter - avgrsstx.dll Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - d:\docume~1\jer\applic~1\mozilla\firefox\profiles\49p0ac64.default\ FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - component: d:\documents and settings\jer\application data\mozilla\firefox\profiles\49p0ac64.default\extensions\bkmrksync@nokia.com\components\BkMrkExt.dll FF - component: d:\program files\avg\avg8\firefox\components\avgssff.dll FF - component: d:\program files\daemon tools toolbar\firefoxdtt\components\DTToolbarFF.dll FF - plugin: d:\program files\adsltv\npvlc.dll FF - plugin: d:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R0 AVG Anti-Rootkit;AVG Anti-Rootkit;d:\windows\system32\drivers\avgarkt.sys [2007-1-31 5632] R0 ViBus;ViBus;d:\windows\system32\drivers\ViBus.sys [2008-8-3 16896] R0 ViPrt;VIA SATA IDE Device Driver;d:\windows\system32\drivers\ViPrt.sys [2008-8-3 53248] R1 atitray;atitray;d:\program files\ray adams\ati tray tools\atitray.sys [2007-5-22 18088] R1 AvgArCln;Avg Anti-Rootkit Clean Driver;d:\windows\system32\drivers\AvgArCln.sys [2010-7-1 3968] R1 AvgLdx86;AVG AVI Loader Driver x86;d:\windows\system32\drivers\avgldx86.sys [2008-8-3 335240] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;d:\windows\system32\drivers\avgmfx86.sys [2008-8-3 27784] R1 AvgTdiX;AVG8 Network Redirector;d:\windows\system32\drivers\avgtdix.sys [2008-8-3 108552] R1 SbFw;SbFw;d:\windows\system32\drivers\SbFw.sys [2008-8-3 270888] R1 sbhips;Sunbelt HIPS Driver;d:\windows\system32\drivers\sbhips.sys [2008-6-21 66600] R2 avg8emc;AVG8 E-mail Scanner;d:\progra~1\avg\avg8\avgemc.exe [2010-6-8 908056] R2 avg8wd;AVG8 WatchDog;d:\progra~1\avg\avg8\avgwdsvc.exe [2010-6-8 297752] R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;d:\windows\system32\plcndis5.sys [2003-3-13 17018] R2 SbPF.Launcher;SbPF.Launcher;d:\program files\sunbelt software\personal firewall\SbPFLnch.exe [2008-10-31 95528] R2 SPF4;Sunbelt Personal Firewall 4;d:\program files\sunbelt software\personal firewall\SbPFSvc.exe [2008-10-31 1365288] R3 MBAMSwissArmy;MBAMSwissArmy;d:\windows\system32\drivers\mbamswissarmy.sys [2010-6-24 38224] R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;d:\windows\system32\drivers\SbFwIm.sys [2008-8-3 65576] S3 A_USBETHMP;USB PowerPacket Network Adapter;d:\windows\system32\drivers\usbethmp.sys [2008-9-1 14342] S3 EverestDriver;Lavalys EVEREST Kernel Driver;d:\program files\lavalys\everest ultimate edition\kerneld.wnt [2008-11-16 23152] =============== Created Last 30 ================ 2010-07-05 19:28:28 0 d-sh--w- d:\documents and settings\jer\IETldCache 2010-07-05 19:21:13 0 dc-h--w- d:\windows\ie8 2010-07-04 23:25:38 0 d-----w- d:\program files\Messenger 2010-07-04 23:24:06 0 d-----w- d:\windows\ServicePackFiles 2010-07-04 22:55:23 411368 ----a-w- d:\windows\system32\deployJava1.dll 2010-07-02 23:12:16 0 d-----w- d:\docume~1\alluse~1\applic~1\SecTaskMan 2010-07-02 23:12:05 0 d-----w- d:\program files\Security Task Manager 2010-06-30 22:03:52 3968 ----a-w- d:\windows\system32\drivers\AvgArCln.sys 2010-06-26 21:46:24 0 d-----w- d:\docume~1\jer\applic~1\PIFreePC 2010-06-24 20:11:29 0 d-----w- d:\docume~1\jer\applic~1\Malwarebytes 2010-06-24 20:11:11 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys 2010-06-24 20:11:10 20952 ----a-w- d:\windows\system32\drivers\mbam.sys 2010-06-24 20:11:10 0 d-----w- d:\program files\Malwarebytes' Anti-Malware 2010-06-24 20:11:10 0 d-----w- d:\docume~1\alluse~1\applic~1\Malwarebytes 2010-06-11 08:19:00 5632 ----a-w- d:\windows\system32\ptpusb.dll 2010-06-11 08:19:00 159232 ----a-w- d:\windows\system32\ptpusd.dll 2010-06-11 08:19:00 15104 ----a-w- d:\windows\system32\drivers\usbscan.sys 2010-06-08 19:23:48 0 d-----w- d:\program files\PeerGuardian2 2010-06-08 19:00:08 0 d-----w- d:\program files\Spybot - Search & Destroy 2010-06-08 19:00:08 0 d-----w- d:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2010-06-08 17:44:13 0 d-----w- d:\windows\pss ==================== Find3M ==================== 2010-07-04 23:34:36 81040 ----a-w- d:\windows\system32\perfc00C.dat 2010-07-04 23:34:36 501312 ----a-w- d:\windows\system32\perfh00C.dat 2010-06-08 17:39:42 335240 ----a-w- d:\windows\system32\drivers\avgldx86.sys 2010-06-08 17:39:42 11952 ----a-w- d:\windows\system32\avgrsstx.dll 2010-06-08 17:39:40 108552 ----a-w- d:\windows\system32\drivers\avgtdix.sys 2010-04-16 06:33:36 3003680 ----a-w- d:\windows\system32\usbaaplrc.dll 2010-04-08 11:20:02 91424 ----a-w- d:\windows\system32\dnssd.dll 2010-04-08 11:20:02 107808 ----a-w- d:\windows\system32\dns-sd.exe ============= FINISH: 23:01:09,26 ===============
  2. le_jer
    bonsoir, j'ai lancé sino une premiere fois hier soir et il a tourné toute la nuit mais rien ce matin, pas de log et en le fermant il me dit qu'il y a un log de le dossier localsetting\temp.. et dans le log il y a : Exception in Tkinter callback Traceback (most recent call last): File "Tkinter.pyc", line 1403, in __call__ File "SINO.py", line 715, in runScan File "SINO.py", line 409, in Scan UnicodeEncodeError: 'ascii' codec can't encode character u'\xbd' in position 82: ordinal not in range(128) je l'ai relancé il y a 2 heures mais il ne se passe toujours rien, il est bloqué sur : disk drive info mon firewall est desactivé et je ne suis pas connecté au net
  3. le_jer
    juste une dernière chose oui, le processus system est à 100mo ce qui me semble beaucoup trop. qu'en pensez vous? quelle peut en être la raison ?
  4. le_jer
    Bonsoir, le démarrage c'est ok, c'est l'extinction mon pb, j'ai désactivé teatimer, et ça accélère effectivement la fermeture de windows, mais c'est pas encore ce que j'avais avant, peut être est ce les mise à jour que j'ai fait, sp3 et compagnie. concernant le rapport, il n'y a rien d'anormal ? merci
  5. le_jer
    Bonsoir, j'ai fait des mise à jours IE et acrobat. par contre je trouve que le pc met plus de temps à s'eteindre(avant 10s maintenant 30s). voici mon nouveau rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:30:58, on 05/07/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\csrss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe D:\PROGRA~1\AVG\AVG8\avgrsx.exe D:\PROGRA~1\AVG\AVG8\avgnsx.exe D:\WINDOWS\system32\svchost.exe D:\PROGRA~1\AVG\AVG8\avgemc.exe D:\Program Files\AVG\AVG8\avgcsrvx.exe D:\WINDOWS\System32\alg.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\rundll32.exe D:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe D:\PROGRA~1\AVG\AVG8\avgtray.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\RTHDCPL.EXE D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe D:\Program Files\SuperCopier2\SuperCopier2.exe D:\Program Files\DAEMON Tools Lite\daemon.exe D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe D:\Program Files\PeerGuardian2\pg2.exe D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe D:\Documents and Settings\jer\Bureau\HiJackThis.exe D:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Clubic : Actualité informatique, Comparatifs, Logiciels et Forum R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Clubic : Actualité informatique, Comparatifs, Logiciels et Forum R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://windows-ie8.fr/clubic/bienvenue.aspx R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Clubic.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [startCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [superCopier2.exe] D:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [AtiTrayTools] "D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [PeerGuardian] D:\Program Files\PeerGuardian2\pg2.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{F3263650-3F9B-4E4D-A009-091E094A1576}: NameServer = 212.27.40.241,212.27.40.240 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - D:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- End of file - 7993 bytes
  6. le_jer
    Bonjour, c'est un vrai windows, mais ma tour était dans un carton depuis au moins 10mois car j'ai un pc portable donc plus trop besoin d'un desktop j'ai mis à jour sp3 hier soir, et je n'utilise pas IE, il est bloqué par mon firewall. concernant acrobat, je ne savais pas que le fait d'utiliser la version8 était dangereux,et sa mise à jour est bloqué par mon firewall mais je m'en occupe dès ce soir. sinon concernant le rapport y t il qqchose d'anormal ? merci
  7. le_jer
    Bonjour à tous, je me suis aperçu que l'utilisateur invité s'est activé tout seul(je l'avais désactivé) depuis je pense une infection que j'ai eu la semaine dernière. c'est pourquoi en parcourant les forums j'ai donc vu qu'il fallait utiliser HIJACKTHIS. j'ai regarder le tuto du site très bien fait d'ailleurs, mais j'ai besoin de votre aide pour analyser le résultat. un grand merci aux expert. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:31:44, on 05/07/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\csrss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe D:\PROGRA~1\AVG\AVG8\avgrsx.exe D:\PROGRA~1\AVG\AVG8\avgnsx.exe D:\WINDOWS\system32\svchost.exe D:\PROGRA~1\AVG\AVG8\avgemc.exe D:\Program Files\AVG\AVG8\avgcsrvx.exe D:\WINDOWS\System32\alg.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe D:\WINDOWS\system32\svchost.exe D:\PROGRA~1\AVG\AVG8\avgtray.exe D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe D:\WINDOWS\RTHDCPL.EXE D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe D:\Program Files\SuperCopier2\SuperCopier2.exe D:\Program Files\DAEMON Tools Lite\daemon.exe D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe D:\Program Files\PeerGuardian2\pg2.exe D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe D:\Documents and Settings\jer\Bureau\HiJackThis.exe D:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Google Toolbar R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Google R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [startCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [superCopier2.exe] D:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [AtiTrayTools] "D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [PeerGuardian] D:\Program Files\PeerGuardian2\pg2.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{F3263650-3F9B-4E4D-A009-091E094A1576}: NameServer = 212.27.40.241,212.27.40.240 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - D:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- End of file - 6716 bytes
×
×
  • Créer...