log Hijackthis - Logiciels - Windows & Software
Marsh Posté le 10-11-2004 à 01:27:46
qqu un peut me dire si tt va bien? Logfile of HijackThis v1.97.7 Scan saved at 01:21:26, on 10/11/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svmhost.exe C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\COMPAQ\CPQINET\CPQInet.exe C:\Compaq\EAKDRV\EAUSBKBD.EXE C:\WINDOWS\System32\usbsystem.exe C:\WINDOWS\System32\msnmsgrr.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe C:\WINDOWS\system\lsvchost.exe C:\WINDOWS\System32\realplay.exe C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\msiexec.exe C:\WINDOWS\system32\svphost.exe C:\WINDOWS\system32\bling.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\TSC.EXE C:\Documents and Settings\Gabriel\Bureau\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/script [...] lc=040c&ac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts [...] ch&ap=b204 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts [...] ch&ap=b204 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/script [...] lc=040c&ac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts [...] ch&ap=b204 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://windowsupdate.microsoft.com/ O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Microsoft Configuration - {40205287-E793-41AC-B95C-D8D064BA33CA} - C:\WINDOWS\system32\mscfg.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\Minitel\Watch.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [Microsoft Windows Update] svmhost.exe O4 - HKLM\..\Run: [WIN USB 2.0] usbsystem.exe O4 - HKLM\..\Run: [blah service] msnmsgrr.exe O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [.mscdsr] C:\WINDOWS\system\lsvchost.exe O4 - HKLM\..\Run: [Realplayer One] realplay.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\RunServices: [Microsoft Windows Update] svmhost.exe O4 - HKLM\..\RunServices: [WIN USB 2.0] usbsystem.exe O4 - HKLM\..\RunServices: [blah service] msnmsgrr.exe O4 - HKLM\..\RunServices: [Realplayer One] realplay.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Microsoft Windows Update] svmhost.exe O4 - HKCU\..\Run: [Nvidia Control Panel] ncsvc32.exe O4 - HKCU\..\Run: [Starting up] wvsvc.exe O4 - HKCU\..\Run: [WIN USB 2.0] usbsystem.exe O4 - HKCU\..\Run: [Microsoft Update Machine] winss.exe O4 - HKLM\..\RunOnce: [Microsoft Windows Update] svmhost.exe O4 - HKCU\..\RunOnce: [Microsoft Windows Update] svmhost.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ? O9 - Extra button: Sites Perso (HKLM) O9 - Extra 'Tools' menuitem: Compaq France (HKLM) O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 0035978760 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab merci
Marsh Posté le 10-11-2004 à 01:39:06
http://www.hijackthis.de/index.php
Marsh Posté le 10-11-2004 à 01:44:41
c fiable? je peux supprimer ce k il conseil? si oui comment? merci
Make sure you enter the(*)required information where indicate.HTML code is not allowed
Marsh Posté le 10-11-2004 à 01:27:46
qqu un peut me dire si tt va bien?
Logfile of HijackThis v1.97.7
Scan saved at 01:21:26, on 10/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svmhost.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\COMPAQ\CPQINET\CPQInet.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\WINDOWS\System32\usbsystem.exe
C:\WINDOWS\System32\msnmsgrr.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\WINDOWS\system\lsvchost.exe
C:\WINDOWS\System32\realplay.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\svphost.exe
C:\WINDOWS\system32\bling.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\TSC.EXE
C:\Documents and Settings\Gabriel\Bureau\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://desktop.presario.net/script [...] lc=040c&ac
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts [...] ch&ap=b204
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts [...] ch&ap=b204
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/script [...] lc=040c&ac
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.presario.net/scripts [...] ch&ap=b204
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://windowsupdate.microsoft.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Microsoft Configuration - {40205287-E793-41AC-B95C-D8D064BA33CA} - C:\WINDOWS\system32\mscfg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\Minitel\Watch.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Microsoft Windows Update] svmhost.exe
O4 - HKLM\..\Run: [WIN USB 2.0] usbsystem.exe
O4 - HKLM\..\Run: [blah service] msnmsgrr.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [.mscdsr] C:\WINDOWS\system\lsvchost.exe
O4 - HKLM\..\Run: [Realplayer One] realplay.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\RunServices: [Microsoft Windows Update] svmhost.exe
O4 - HKLM\..\RunServices: [WIN USB 2.0] usbsystem.exe
O4 - HKLM\..\RunServices: [blah service] msnmsgrr.exe
O4 - HKLM\..\RunServices: [Realplayer One] realplay.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Windows Update] svmhost.exe
O4 - HKCU\..\Run: [Nvidia Control Panel] ncsvc32.exe
O4 - HKCU\..\Run: [Starting up] wvsvc.exe
O4 - HKCU\..\Run: [WIN USB 2.0] usbsystem.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] winss.exe
O4 - HKLM\..\RunOnce: [Microsoft Windows Update] svmhost.exe
O4 - HKCU\..\RunOnce: [Microsoft Windows Update] svmhost.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O9 - Extra button: Sites Perso (HKLM)
O9 - Extra 'Tools' menuitem: Compaq France (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 0035978760
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
merci