Kesenjangan
Dernière réponse : dans Sécurité
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:10:04, on 10/02/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\Local Settings\Application Data\ListenArabic\listenarabic.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
D:\mes documents\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.ma/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\KesenjanganSosial.exe"
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: ShopperReports - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.497.0\ShopperReports.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [listenarabic] C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\Local Settings\Application Data\ListenArabic\listenarabic.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [Z810PNP] C:\Program Files\Modem Samsung SCH-U209\SamsungPnPServiceManager.exe
O4 - HKCU\..\Run: [Z810SysStart] C:\Program Files\Modem Samsung SCH-U209\sysctrlU.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [weaxa] C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\weaxa.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [UpdateMyDrivers] C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe -t
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\manifestengine .exe" boot
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [IE Privacy Keeper] "C:\Program Files\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok] C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\fiegiok.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Tok-Cirrhatus-9318] "C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\Local Settings\Application Data\br19659on.exe"
O4 - HKCU\..\Policies\Explorer\Run: [Manager Task] C:\RECYCLER\S-1-5-21-1202660629-412668190-725345543-500\smss.exe
O4 - HKUS\S-1-5-19\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [LClock] C:\Program Files\LClock\lclock.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files\ClickPotatoLite\bin\10.0.530.0\ClickPotatoLiteSABHO.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.497.0\ShopperReports.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.497.0\ShopperReports.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_...
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://bronochrona.net.autocom.pl/activex/AxisCamContro...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: QueryExplorer Service - Unknown owner - C:\Documents and Settings\All Users.WINDOWS\Application Data\QueryExplorer\queryexplorer117.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe
--
End of file - 17940 bytes
Scan saved at 00:10:04, on 10/02/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\Local Settings\Application Data\ListenArabic\listenarabic.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
D:\mes documents\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.ma/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\KesenjanganSosial.exe"
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: ShopperReports - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.497.0\ShopperReports.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [listenarabic] C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\Local Settings\Application Data\ListenArabic\listenarabic.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [Z810PNP] C:\Program Files\Modem Samsung SCH-U209\SamsungPnPServiceManager.exe
O4 - HKCU\..\Run: [Z810SysStart] C:\Program Files\Modem Samsung SCH-U209\sysctrlU.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [weaxa] C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\weaxa.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [UpdateMyDrivers] C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe -t
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\manifestengine .exe" boot
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [IE Privacy Keeper] "C:\Program Files\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok ] c:\documents and settings\administrateur.36fa4cae7d014d8\fiegiok .exe
O4 - HKCU\..\Run: [fiegiok] C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\fiegiok.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Tok-Cirrhatus-9318] "C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\Local Settings\Application Data\br19659on.exe"
O4 - HKCU\..\Policies\Explorer\Run: [Manager Task] C:\RECYCLER\S-1-5-21-1202660629-412668190-725345543-500\smss.exe
O4 - HKUS\S-1-5-19\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [LClock] C:\Program Files\LClock\lclock.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Administrateur.36FA4CAE7D014D8\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files\ClickPotatoLite\bin\10.0.530.0\ClickPotatoLiteSABHO.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.497.0\ShopperReports.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.497.0\ShopperReports.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_...
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://bronochrona.net.autocom.pl/activex/AxisCamContro...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: QueryExplorer Service - Unknown owner - C:\Documents and Settings\All Users.WINDOWS\Application Data\QueryExplorer\queryexplorer117.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe
--
End of file - 17940 bytes
Autres pages sur : kesenjangan
Lassé par la pub ? Créez un compte
Bonjour,
Commence par suivre cette procédure :
http://www.malekal.com/2010/11/12/tutorial-malwarebyte-...
N'oublie pas de poster le rapport![;)]( ";)")
http://www.malekal.com/2010/11/12/tutorial-malwarebyte-...
N'oublie pas de poster le rapport
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumVirus antivirus - windows internet explorer
- ForumPb connexion internet virus a desinfecter
- ForumGoogle-windows internet explorer
- ForumVirtumonde probleme mise a jour windows
- ForumFaire un ralenti sur windows movie maker
- ForumBloquer internet explorer windows xp
- ForumAvertissement de sécurité internet explorer
- ForumInternet lent et rapport hijack
- ForumWindows internet explorer ne repond pas resolu
- ForumAnalyser internet explorer 8
- Voir plus
