Helper.sig - journal HijackThis
- lisando
- Novice
- Inscription: Avr 23, 2007
- Messages: 29
- Status: Offline
Mars 28th, 2010, 12:58 pm
Salut, tous. J'ai besoin d'aide avec ce problème Im avoir. Chaque fois que je redémarre mon ordinateur, un dossier s'ouvre nommé "commun". Dans ce dossier un fichier appelé helper.sig. Heres mon log HJT, je l'espère, je l'ai fait à droite. Son été un moment depuis Ive a eu à en poster un.
Logfile de Trend Micro HijackThis v2.0.2
Scan saved at 1:20:47 PM, le 3/28/2010
Plate-forme: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001. 18702)
Boot mode: Normal
processus en cours:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ AVG AVG9 \ \ avgchsvx.exe
C: \ Program Files \ AVG AVG9 \ \ avgrsx.exe
C: \ Program Files \ AVG AVG9 \ \ avgcsrvx.exe
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ system32 \ LEXBCES. EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS.EXE
C: \ Program Files \ LSI softmodem \ agrsmsvc.exe
C: \ Program Files \ Hewlett-Packard Boot \ HP \ Optimizer HPBootOp.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ Google Update \ GoogleUpdate.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ WINDOWS \ system32 \ lxblcoms.exe
C: \ Program Files \ Adobe \ Reader 9.0 \ Reader \ Reader_sl. exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ VS7Debug MDM.exe \
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
avgtray.exe C: \ PROGRA ~ 1 \ AVG \ AVG9 \
C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Windows Live Contacts \ \ wlcomm. exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer Main, Default_Page_URL = http://ie.redirect.hp . com / SVS / RDR? TYPE = 3 & TP = iehome & locale = fr_FR & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer Main, Default_Search_URL = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer barre de recherche principale, = http://ie.redirect.hp . com / SVS / RDR? Fr TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer la page principale de recherche, = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R0 - Software \ HKCU \ \ Microsoft \ Internet Explorer principale page de démarrage, = http://www.mycoupons . com / conseils / coupon-rabais échangeables à-CRS /
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer Main, Default_Page_URL = http://go.microsoft . com / fwlink /? LinkId = 69157
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer Main, Default_Search_URL = http://go.microsoft . com / fwlink /? LinkId = 54896
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer barre de recherche principale, = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer la page principale de recherche, = http://go.microsoft . com / fwlink /? LinkId = 54896
R0 - Software \ HKLM \ \ Microsoft \ Internet Explorer principale page de démarrage, = http://go.microsoft . com / fwlink /? LinkId = 69157
R0 - Software \ HKLM \ Search \ Microsoft \ Internet Explorer, SearchAssistant = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ Microsoft \ Windows Settings \ CurrentVersion \ Internet, ProxyOverride = *. local
BHO O2 -: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
BHO O2 -: WormRadar. com IESiteBlocker.NavFilter - (3CA2F312-4B53-6F6E-A66E-4E65E497C8C0) - C: \ Program Files \ AVG AVG9 \ \ avgssie.dll
BHO O2 -: Spybot-S & D Protection IE - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Program Files \ Spybot - Search & Destroy SDHelper \. dll
BHO O2 -: RoboForm - (724d43a9-0d85-11D4-9908-00400523e39a) - C: \ Program Files \ Siber Systems \ AI RoboForm \ roboform.dll
BHO O2 -: Windows Live Sign-in Helper - (9030D464-4C02-4ABF Programme-8ECC-5164760863C6) - C: \ Files \ Fichiers communs \ Microsoft Shared \ Windows Live WindowsLiveLogin.dll \
O2 - BHO: HpWebHelper - (AAAE832A-5FFF-4661-9C8F-369692D1DCB9) - C: \ WINDOWS \ PCHealth HelpCtr \ \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ US plugin \ WebHelper . dll
O2 - BHO: Java (TM) Plug-In 2 SSV Helper - (DBC80044-A445-435B-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ deploy \ JQS \ ie \ jqs_plugin.dll
O3 - Toolbar: & RoboForm - (724d43a0-0d85-11D4-9908-00400523e39a) - C: \ Program Files \ Siber Systems \ AI RoboForm \ roboform.dll
O4 - HKLM \ .. \ Run: [HPBootOp] "C: \ Program Files \ Hewlett-Packard Optimizer \ Boot HP HPBootOp.exe \" / run
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ nvcpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-OSBOOT
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run:] ISUSPM [démarrage C: \ progra ~ 1 \ ~ COMMUN 1 \ ~ INSTAL 1 \ UPDATE ~ 1 \ ISUSPM. exe-démarrage
O4 - HKLM \ .. \ Run: [Adobe] Lanceur de vitesse "C: \ Program Files \ Adobe \ Reader 9.0 \ Reader Reader_sl.exe \"
O4 - HKLM \ .. \ Run: [] Adobe ARM "C: \ Program Files \ Fichiers communs \ Adobe \ ARM \ 1.0 AdobeARM.exe \"
O4 - HKLM \ .. \ Run: [Lexmark X1100 Series] "C: \ Program Files \ Lexmark X1100 Series \ lxbkbmgr.exe"
O4 - HKLM \ .. \ Run:] iTunesHelper ["C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run:] AppleSyncNotifier [C: \ Program Files \ Fichiers communs \ Apple \ Mobile Device Support \ bin AppleSyncNotifier.exe \
avgtray.exe O4 - HKLM \ .. \ Run: [AVG9_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG9 \
O4 - HKCU \ .. \ Run:] msnmsgr ["C: \ Program Files \ Windows Live \ msnmsgr.exe \ Messenger" / background
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 -. Démarrage utilisateur par défaut: Pin.lnk = C: \ hp \ bin \ cloaker. EXE (User utilisateur par défaut)
O8 - Extra context menu item: Personnaliser le menu - file://C : \ Program Files Siber Systems \ AI RoboFormComCustomizeIEMenu.html \ RoboForm
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ Progra ~ 1 \ MICROS ~ 4 \ Office10 \ EXCEL.EXE/3000
O8 - Extra context menu item: Remplir des formulaires - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms \ RoboForm. html
O8 - Extra context menu item: RoboForm Toolbar - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O8 - Extra context menu item: Enregistrer les formes - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass.html \ RoboForm
O9 - Extra button: Remplir des formulaires - (320AF880-6646-11D3-ABEE-C5DBF3571F46) - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms \ RoboForm. html
O9 - Extra "Outils" menuitem: Remplir des formulaires - (320AF880-6646-11D3-ABEE-C5DBF3571F46) - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms.html \ RoboForm
O9 - Extra button: Enregistrer - (320AF880-6646-11D3-ABEE-C5DBF3571F49) - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass.html \ RoboForm
O9 - Extra "Outils" menuitem: Formulaires Sauvegarder - (320AF880-6646-11D3-ABEE-C5DBF3571F49) - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass \ RoboForm. html
O9 - Extra button: RoboForm - (724d43aa-0d85-11D4-9908-00400523e39a) - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O9 - Extra "Outils" menuitem: RoboForm Toolbar - (724d43aa-0d85-11D4-9908-00400523e39a) - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O9 - Extra button: Recherche - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 4 \ Office11 \ REFIEBAR. DLL
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy & Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper. dll
O9 - Extra button: connexion Internet Aide - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HelpCtr vendeurs \ \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ États-Unis IEButton \ support.htm
O9 - Extra "Outils" menuitem: Aide de connexion Internet - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HelpCtr vendeurs \ \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ US IEButton \ support. htm
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
xpsp3res.dll O9 - Extra "Outils" menuitem: @, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (03A99563-4F42-A069-4DCF-C728A71164A3) (classe VivatyCtrl) - http://apps.vivaty . com / downloads / player /% Vivaty 20Player% 20for% 20Viewing% 203D% 20Content.cab
O16 - DPF: (38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1) (SonyOnlineInstallerX) - http://www-cdn.freerealms . com/gamedata/plugins/1.0.3.93/FreeRealmsInstaller.cab? v = 1047
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (classe WUWebControl) - http://www.update.microsoft . com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab? 1254994990384
O16 - DPF: (C02226EB-A5D7-4B1F-BD7E-635E46C2288D) (Toontown Installer ActiveX Control) - http://a.download.toontown . com/sv1.0.39.14/ttinst.cab
O16 - DPF: (E2883E8F-472f-9522-4FB0-AC9BF37916A7) - http://platformdl.adobe . com/NOS/getPlusPlus/1.6/gp. cabine
O18 - Protocol: LinkScanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG AVG9 \ \ avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C: \ WINDOWS \ system32 \ avgrsstx.dll
O23 - Service: Agere Modem appelons le progrès Audio (AgereModemAudio) - LSI Corporation - C: \ Program Files \ LSI softmodem \ agrsmsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc - C: \ Program Files \ Google \ Update \ GoogleUpdate. exe
Macrovision Corporation Service O23 -: Gestionnaire d'InstallDriver (IDriverT) - - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES. EXE
Service O23 -: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: lxbl_device - - C: \ WINDOWS \ system32 \ lxblcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
-
End of file - 10716 bytes
Toute aide serait grandement appréciée. gif "alt = =":)" titre" Smile ">
Lisa
Logfile de Trend Micro HijackThis v2.0.2
Scan saved at 1:20:47 PM, le 3/28/2010
Plate-forme: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001. 18702)
Boot mode: Normal
processus en cours:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ AVG AVG9 \ \ avgchsvx.exe
C: \ Program Files \ AVG AVG9 \ \ avgrsx.exe
C: \ Program Files \ AVG AVG9 \ \ avgcsrvx.exe
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ system32 \ LEXBCES. EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS.EXE
C: \ Program Files \ LSI softmodem \ agrsmsvc.exe
C: \ Program Files \ Hewlett-Packard Boot \ HP \ Optimizer HPBootOp.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ Google Update \ GoogleUpdate.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ WINDOWS \ system32 \ lxblcoms.exe
C: \ Program Files \ Adobe \ Reader 9.0 \ Reader \ Reader_sl. exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ VS7Debug MDM.exe \
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
avgtray.exe C: \ PROGRA ~ 1 \ AVG \ AVG9 \
C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Windows Live Contacts \ \ wlcomm. exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer Main, Default_Page_URL = http://ie.redirect.hp . com / SVS / RDR? TYPE = 3 & TP = iehome & locale = fr_FR & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer Main, Default_Search_URL = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer barre de recherche principale, = http://ie.redirect.hp . com / SVS / RDR? Fr TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer la page principale de recherche, = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R0 - Software \ HKCU \ \ Microsoft \ Internet Explorer principale page de démarrage, = http://www.mycoupons . com / conseils / coupon-rabais échangeables à-CRS /
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer Main, Default_Page_URL = http://go.microsoft . com / fwlink /? LinkId = 69157
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer Main, Default_Search_URL = http://go.microsoft . com / fwlink /? LinkId = 54896
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer barre de recherche principale, = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer la page principale de recherche, = http://go.microsoft . com / fwlink /? LinkId = 54896
R0 - Software \ HKLM \ \ Microsoft \ Internet Explorer principale page de démarrage, = http://go.microsoft . com / fwlink /? LinkId = 69157
R0 - Software \ HKLM \ Search \ Microsoft \ Internet Explorer, SearchAssistant = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ Microsoft \ Windows Settings \ CurrentVersion \ Internet, ProxyOverride = *. local
BHO O2 -: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
BHO O2 -: WormRadar. com IESiteBlocker.NavFilter - (3CA2F312-4B53-6F6E-A66E-4E65E497C8C0) - C: \ Program Files \ AVG AVG9 \ \ avgssie.dll
BHO O2 -: Spybot-S & D Protection IE - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Program Files \ Spybot - Search & Destroy SDHelper \. dll
BHO O2 -: RoboForm - (724d43a9-0d85-11D4-9908-00400523e39a) - C: \ Program Files \ Siber Systems \ AI RoboForm \ roboform.dll
BHO O2 -: Windows Live Sign-in Helper - (9030D464-4C02-4ABF Programme-8ECC-5164760863C6) - C: \ Files \ Fichiers communs \ Microsoft Shared \ Windows Live WindowsLiveLogin.dll \
O2 - BHO: HpWebHelper - (AAAE832A-5FFF-4661-9C8F-369692D1DCB9) - C: \ WINDOWS \ PCHealth HelpCtr \ \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ US plugin \ WebHelper . dll
O2 - BHO: Java (TM) Plug-In 2 SSV Helper - (DBC80044-A445-435B-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ deploy \ JQS \ ie \ jqs_plugin.dll
O3 - Toolbar: & RoboForm - (724d43a0-0d85-11D4-9908-00400523e39a) - C: \ Program Files \ Siber Systems \ AI RoboForm \ roboform.dll
O4 - HKLM \ .. \ Run: [HPBootOp] "C: \ Program Files \ Hewlett-Packard Optimizer \ Boot HP HPBootOp.exe \" / run
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ nvcpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-OSBOOT
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run:] ISUSPM [démarrage C: \ progra ~ 1 \ ~ COMMUN 1 \ ~ INSTAL 1 \ UPDATE ~ 1 \ ISUSPM. exe-démarrage
O4 - HKLM \ .. \ Run: [Adobe] Lanceur de vitesse "C: \ Program Files \ Adobe \ Reader 9.0 \ Reader Reader_sl.exe \"
O4 - HKLM \ .. \ Run: [] Adobe ARM "C: \ Program Files \ Fichiers communs \ Adobe \ ARM \ 1.0 AdobeARM.exe \"
O4 - HKLM \ .. \ Run: [Lexmark X1100 Series] "C: \ Program Files \ Lexmark X1100 Series \ lxbkbmgr.exe"
O4 - HKLM \ .. \ Run:] iTunesHelper ["C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run:] AppleSyncNotifier [C: \ Program Files \ Fichiers communs \ Apple \ Mobile Device Support \ bin AppleSyncNotifier.exe \
avgtray.exe O4 - HKLM \ .. \ Run: [AVG9_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG9 \
O4 - HKCU \ .. \ Run:] msnmsgr ["C: \ Program Files \ Windows Live \ msnmsgr.exe \ Messenger" / background
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 -. Démarrage utilisateur par défaut: Pin.lnk = C: \ hp \ bin \ cloaker. EXE (User utilisateur par défaut)
O8 - Extra context menu item: Personnaliser le menu - file://C : \ Program Files Siber Systems \ AI RoboFormComCustomizeIEMenu.html \ RoboForm
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ Progra ~ 1 \ MICROS ~ 4 \ Office10 \ EXCEL.EXE/3000
O8 - Extra context menu item: Remplir des formulaires - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms \ RoboForm. html
O8 - Extra context menu item: RoboForm Toolbar - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O8 - Extra context menu item: Enregistrer les formes - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass.html \ RoboForm
O9 - Extra button: Remplir des formulaires - (320AF880-6646-11D3-ABEE-C5DBF3571F46) - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms \ RoboForm. html
O9 - Extra "Outils" menuitem: Remplir des formulaires - (320AF880-6646-11D3-ABEE-C5DBF3571F46) - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms.html \ RoboForm
O9 - Extra button: Enregistrer - (320AF880-6646-11D3-ABEE-C5DBF3571F49) - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass.html \ RoboForm
O9 - Extra "Outils" menuitem: Formulaires Sauvegarder - (320AF880-6646-11D3-ABEE-C5DBF3571F49) - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass \ RoboForm. html
O9 - Extra button: RoboForm - (724d43aa-0d85-11D4-9908-00400523e39a) - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O9 - Extra "Outils" menuitem: RoboForm Toolbar - (724d43aa-0d85-11D4-9908-00400523e39a) - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O9 - Extra button: Recherche - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 4 \ Office11 \ REFIEBAR. DLL
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy & Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper. dll
O9 - Extra button: connexion Internet Aide - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HelpCtr vendeurs \ \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ États-Unis IEButton \ support.htm
O9 - Extra "Outils" menuitem: Aide de connexion Internet - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HelpCtr vendeurs \ \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ US IEButton \ support. htm
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
xpsp3res.dll O9 - Extra "Outils" menuitem: @, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (03A99563-4F42-A069-4DCF-C728A71164A3) (classe VivatyCtrl) - http://apps.vivaty . com / downloads / player /% Vivaty 20Player% 20for% 20Viewing% 203D% 20Content.cab
O16 - DPF: (38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1) (SonyOnlineInstallerX) - http://www-cdn.freerealms . com/gamedata/plugins/1.0.3.93/FreeRealmsInstaller.cab? v = 1047
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (classe WUWebControl) - http://www.update.microsoft . com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab? 1254994990384
O16 - DPF: (C02226EB-A5D7-4B1F-BD7E-635E46C2288D) (Toontown Installer ActiveX Control) - http://a.download.toontown . com/sv1.0.39.14/ttinst.cab
O16 - DPF: (E2883E8F-472f-9522-4FB0-AC9BF37916A7) - http://platformdl.adobe . com/NOS/getPlusPlus/1.6/gp. cabine
O18 - Protocol: LinkScanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG AVG9 \ \ avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C: \ WINDOWS \ system32 \ avgrsstx.dll
O23 - Service: Agere Modem appelons le progrès Audio (AgereModemAudio) - LSI Corporation - C: \ Program Files \ LSI softmodem \ agrsmsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc - C: \ Program Files \ Google \ Update \ GoogleUpdate. exe
Macrovision Corporation Service O23 -: Gestionnaire d'InstallDriver (IDriverT) - - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES. EXE
Service O23 -: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: lxbl_device - - C: \ WINDOWS \ system32 \ lxblcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
-
End of file - 10716 bytes
Toute aide serait grandement appréciée. gif "alt = =":)" titre" Smile ">
Lisa
- Anonymous
- Bot
- Inscription: 25 Feb 2008
- Messages: ?
- Loc: Ozzuland
- Status: Online
Mars 28th, 2010, 12:58 pm
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Mars 28th, 2010, 2:38 pm
C: \ WINDOWS \ system32 \ lxblcoms.exe
O23 - Service: lxbl_device - - C: \ WINDOWS \ system32 \ lxblcoms.exe
O23 - Service: lxbl_device - - C: \ WINDOWS \ system32 \ lxblcoms.exe
How do you know when a politician is lying? His mouth is moving.
- lisando
- Novice
- Inscription: Avr 23, 2007
- Messages: 29
- Status: Offline
Mars 28th, 2010, 2:47 pm
Je pensais que c'était pour mon imprimante Lexmark (j'ai 2).
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Mars 28th, 2010, 3:05 pm
ProcessLibrary.com n'avait pas de trace. Laissez pour l'instant. Téléchargement, mises à jour et exécuter anti malware de malwarebytes.org
How do you know when a politician is lying? His mouth is moving.
- lisando
- Novice
- Inscription: Avr 23, 2007
- Messages: 29
- Status: Offline
Mars 28th, 2010, 3:19 pm
Ok, j'ai fait la chose malwarebytes et il a trouvé 32 problèmes que j'ai eu l'enlever. Quand j'ai redémarré, le dossier commun encore ouvert mais il n'est plus le fichier dans helper.sig il. Heres un nouveau log HJT:
Logfile de Trend Micro HijackThis v2.0.2
Scan saved at 5:44:19 PM, le 3/28/2010
Plate-forme: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
processus en cours:
C: \ WINDOWS \ System32 SMS \. exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ AVG AVG9 \ \ avgchsvx.exe
C: \ Program Files \ AVG AVG9 \ \ avgrsx.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ AVG AVG9 \ \ avgcsrvx.exe
C: \ WINDOWS \ system32 \ LEXBCES.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS. EXE
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ LSI softmodem \ agrsmsvc.exe
C: \ Program Files \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe
avgtray.exe C: \ PROGRA ~ 1 \ AVG \ AVG9 \
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ Program Files \ Google Update \ GoogleUpdate.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ WINDOWS \ system32 \ lxblcoms.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ VS7Debug MDM.exe \
C: \ WINDOWS \ system32 \ nvsvc32. exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Windows Live Contacts \ \ wlcomm.exe
c: \ windows \ system \ hpsysdrv.exe
C: \ Program Files \ Java \ jre1.5.0_05 \ bin \ jusched.exe
C: \ Program Files \ Fichiers communs \ InstallShield \ de Mise à jour \ issch.exe
C: \ Program Files \ Trend \ Micro HijackThis HijackThis \. exe
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer Main, Default_Page_URL = http://ie.redirect.hp . com / SVS / RDR? TYPE = 3 & TP = iehome & locale = fr_FR & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer Main, Default_Search_URL = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer barre de recherche principale, = http://ie.redirect.hp . com / SVS / RDR? Fr TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer la page principale de recherche, = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R0 - Software \ HKCU \ \ Microsoft \ Internet Explorer principale page de démarrage, = http://www.mycoupons . com / conseils / coupon-rabais échangeables à-CRS /
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer Main, Default_Page_URL = http://go.microsoft . com / fwlink /? LinkId = 69157
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer Main, Default_Search_URL = http://go.microsoft . com / fwlink /? LinkId = 54896
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer barre de recherche principale, = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer la page principale de recherche, = http://go.microsoft . com / fwlink /? LinkId = 54896
R0 - Software \ HKLM \ \ Microsoft \ Internet Explorer principale page de démarrage, = http://go.microsoft . com / fwlink /? LinkId = 69157
R0 - Software \ HKLM \ Search \ Microsoft \ Internet Explorer, SearchAssistant = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ Microsoft \ Windows Settings \ CurrentVersion \ Internet, ProxyOverride = *. local
BHO O2 -: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
BHO O2 -: WormRadar. com IESiteBlocker.NavFilter - (3CA2F312-4B53-6F6E-A66E-4E65E497C8C0) - C: \ Program Files \ AVG AVG9 \ \ avgssie.dll
BHO O2 -: Spybot-S & D Protection IE - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Program Files \ Spybot - Search & Destroy SDHelper \. dll
BHO O2 -: RoboForm - (724d43a9-0d85-11D4-9908-00400523e39a) - C: \ Program Files \ Siber Systems \ AI RoboForm \ roboform.dll
BHO O2 -: Windows Live Sign-in Helper - (9030D464-4C02-4ABF Programme-8ECC-5164760863C6) - C: \ Files \ Fichiers communs \ Microsoft Shared \ Windows Live WindowsLiveLogin.dll \
O2 - BHO: HpWebHelper - (AAAE832A-5FFF-4661-9C8F-369692D1DCB9) - C: \ WINDOWS \ PCHealth HelpCtr \ \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ US plugin \ WebHelper . dll
O2 - BHO: Java (TM) Plug-In 2 SSV Helper - (DBC80044-A445-435B-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ deploy \ JQS \ ie \ jqs_plugin.dll
O3 - Toolbar: & RoboForm - (724d43a0-0d85-11D4-9908-00400523e39a) - C: \ Program Files \ Siber Systems \ AI RoboForm \ roboform.dll
O4 - HKLM \ .. \ Run: [HPBootOp] "C: \ Program Files \ Hewlett-Packard Optimizer \ Boot HP HPBootOp.exe \" / run
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ nvcpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-OSBOOT
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run:] ISUSPM [démarrage C: \ progra ~ 1 \ ~ COMMUN 1 \ ~ INSTAL 1 \ UPDATE ~ 1 \ ISUSPM. exe-démarrage
O4 - HKLM \ .. \ Run: [Adobe] Lanceur de vitesse "C: \ Program Files \ Adobe \ Reader 9.0 \ Reader Reader_sl.exe \"
O4 - HKLM \ .. \ Run: [] Adobe ARM "C: \ Program Files \ Fichiers communs \ Adobe \ ARM \ 1.0 AdobeARM.exe \"
O4 - HKLM \ .. \ Run: [Lexmark X1100 Series] "C: \ Program Files \ Lexmark X1100 Series \ lxbkbmgr.exe"
O4 - HKLM \ .. \ Run:] iTunesHelper ["C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run:] AppleSyncNotifier [C: \ Program Files \ Fichiers communs \ Apple \ Mobile Device Support \ bin AppleSyncNotifier.exe \
avgtray.exe O4 - HKLM \ .. \ Run: [AVG9_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG9 \
O4 - HKCU \ .. \ Run:] msnmsgr ["C: \ Program Files \ Windows Live \ msnmsgr.exe \ Messenger" / background
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 -. Démarrage utilisateur par défaut: Pin.lnk = C: \ hp \ bin \ cloaker. EXE (User utilisateur par défaut)
O8 - Extra context menu item: Personnaliser le menu - file://C : \ Program Files Siber Systems \ AI RoboFormComCustomizeIEMenu.html \ RoboForm
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ Progra ~ 1 \ MICROS ~ 4 \ Office10 \ EXCEL.EXE/3000
O8 - Extra context menu item: Remplir des formulaires - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms \ RoboForm. html
O8 - Extra context menu item: RoboForm Toolbar - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O8 - Extra context menu item: Enregistrer les formes - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass.html \ RoboForm
O9 - Extra button: Remplir des formulaires - (320AF880-6646-11D3-ABEE-C5DBF3571F46) - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms \ RoboForm. html
O9 - Extra "Outils" menuitem: Remplir des formulaires - (320AF880-6646-11D3-ABEE-C5DBF3571F46) - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms.html \ RoboForm
O9 - Extra button: Enregistrer - (320AF880-6646-11D3-ABEE-C5DBF3571F49) - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass.html \ RoboForm
O9 - Extra "Outils" menuitem: Formulaires Sauvegarder - (320AF880-6646-11D3-ABEE-C5DBF3571F49) - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass \ RoboForm. html
O9 - Extra button: RoboForm - (724d43aa-0d85-11D4-9908-00400523e39a) - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O9 - Extra "Outils" menuitem: RoboForm Toolbar - (724d43aa-0d85-11D4-9908-00400523e39a) - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O9 - Extra button: Recherche - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 4 \ Office11 \ REFIEBAR. DLL
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy & Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper. dll
O9 - Extra button: connexion Internet Aide - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HelpCtr vendeurs \ \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ États-Unis IEButton \ support.htm
O9 - Extra "Outils" menuitem: Aide de connexion Internet - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HelpCtr vendeurs \ \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ US IEButton \ support. htm
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
xpsp3res.dll O9 - Extra "Outils" menuitem: @, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (03A99563-4F42-A069-4DCF-C728A71164A3) (classe VivatyCtrl) - http://apps.vivaty . com / downloads / player /% Vivaty 20Player% 20for% 20Viewing% 203D% 20Content.cab
O16 - DPF: (38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1) (SonyOnlineInstallerX) - http://www-cdn.freerealms . com/gamedata/plugins/1.0.3.93/FreeRealmsInstaller.cab? v = 1047
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (classe WUWebControl) - http://www.update.microsoft . com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab? 1254994990384
O16 - DPF: (C02226EB-A5D7-4B1F-BD7E-635E46C2288D) (Toontown Installer ActiveX Control) - http://a.download.toontown . com/sv1.0.39.14/ttinst.cab
O16 - DPF: (E2883E8F-472f-9522-4FB0-AC9BF37916A7) - http://platformdl.adobe . com/NOS/getPlusPlus/1.6/gp. cabine
O18 - Protocol: LinkScanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG AVG9 \ \ avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C: \ WINDOWS \ system32 \ avgrsstx.dll
O23 - Service: Agere Modem appelons le progrès Audio (AgereModemAudio) - LSI Corporation - C: \ Program Files \ LSI softmodem \ agrsmsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc - C: \ Program Files \ Google \ Update \ GoogleUpdate. exe
Macrovision Corporation Service O23 -: Gestionnaire d'InstallDriver (IDriverT) - - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES. EXE
Service O23 -: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: lxbl_device - - C: \ WINDOWS \ system32 \ lxblcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
-
End of file - 10558 bytes
Logfile de Trend Micro HijackThis v2.0.2
Scan saved at 5:44:19 PM, le 3/28/2010
Plate-forme: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
processus en cours:
C: \ WINDOWS \ System32 SMS \. exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ AVG AVG9 \ \ avgchsvx.exe
C: \ Program Files \ AVG AVG9 \ \ avgrsx.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ AVG AVG9 \ \ avgcsrvx.exe
C: \ WINDOWS \ system32 \ LEXBCES.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS. EXE
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ LSI softmodem \ agrsmsvc.exe
C: \ Program Files \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe
avgtray.exe C: \ PROGRA ~ 1 \ AVG \ AVG9 \
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ Program Files \ Google Update \ GoogleUpdate.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ WINDOWS \ system32 \ lxblcoms.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ VS7Debug MDM.exe \
C: \ WINDOWS \ system32 \ nvsvc32. exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Windows Live Contacts \ \ wlcomm.exe
c: \ windows \ system \ hpsysdrv.exe
C: \ Program Files \ Java \ jre1.5.0_05 \ bin \ jusched.exe
C: \ Program Files \ Fichiers communs \ InstallShield \ de Mise à jour \ issch.exe
C: \ Program Files \ Trend \ Micro HijackThis HijackThis \. exe
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer Main, Default_Page_URL = http://ie.redirect.hp . com / SVS / RDR? TYPE = 3 & TP = iehome & locale = fr_FR & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer Main, Default_Search_URL = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer barre de recherche principale, = http://ie.redirect.hp . com / SVS / RDR? Fr TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer la page principale de recherche, = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R0 - Software \ HKCU \ \ Microsoft \ Internet Explorer principale page de démarrage, = http://www.mycoupons . com / conseils / coupon-rabais échangeables à-CRS /
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer Main, Default_Page_URL = http://go.microsoft . com / fwlink /? LinkId = 69157
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer Main, Default_Search_URL = http://go.microsoft . com / fwlink /? LinkId = 54896
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer barre de recherche principale, = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKLM \ \ Microsoft \ Internet Explorer la page principale de recherche, = http://go.microsoft . com / fwlink /? LinkId = 54896
R0 - Software \ HKLM \ \ Microsoft \ Internet Explorer principale page de démarrage, = http://go.microsoft . com / fwlink /? LinkId = 69157
R0 - Software \ HKLM \ Search \ Microsoft \ Internet Explorer, SearchAssistant = http://ie.redirect.hp . Fr fr / SVS / RDR? TYPE = 3 & TP iesearch = & locale = & c = Q106 & BD = bureau Presario & PF =
R1 - Software \ HKCU \ Microsoft \ Windows Settings \ CurrentVersion \ Internet, ProxyOverride = *. local
BHO O2 -: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
BHO O2 -: WormRadar. com IESiteBlocker.NavFilter - (3CA2F312-4B53-6F6E-A66E-4E65E497C8C0) - C: \ Program Files \ AVG AVG9 \ \ avgssie.dll
BHO O2 -: Spybot-S & D Protection IE - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Program Files \ Spybot - Search & Destroy SDHelper \. dll
BHO O2 -: RoboForm - (724d43a9-0d85-11D4-9908-00400523e39a) - C: \ Program Files \ Siber Systems \ AI RoboForm \ roboform.dll
BHO O2 -: Windows Live Sign-in Helper - (9030D464-4C02-4ABF Programme-8ECC-5164760863C6) - C: \ Files \ Fichiers communs \ Microsoft Shared \ Windows Live WindowsLiveLogin.dll \
O2 - BHO: HpWebHelper - (AAAE832A-5FFF-4661-9C8F-369692D1DCB9) - C: \ WINDOWS \ PCHealth HelpCtr \ \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ US plugin \ WebHelper . dll
O2 - BHO: Java (TM) Plug-In 2 SSV Helper - (DBC80044-A445-435B-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ deploy \ JQS \ ie \ jqs_plugin.dll
O3 - Toolbar: & RoboForm - (724d43a0-0d85-11D4-9908-00400523e39a) - C: \ Program Files \ Siber Systems \ AI RoboForm \ roboform.dll
O4 - HKLM \ .. \ Run: [HPBootOp] "C: \ Program Files \ Hewlett-Packard Optimizer \ Boot HP HPBootOp.exe \" / run
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ nvcpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-OSBOOT
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run:] ISUSPM [démarrage C: \ progra ~ 1 \ ~ COMMUN 1 \ ~ INSTAL 1 \ UPDATE ~ 1 \ ISUSPM. exe-démarrage
O4 - HKLM \ .. \ Run: [Adobe] Lanceur de vitesse "C: \ Program Files \ Adobe \ Reader 9.0 \ Reader Reader_sl.exe \"
O4 - HKLM \ .. \ Run: [] Adobe ARM "C: \ Program Files \ Fichiers communs \ Adobe \ ARM \ 1.0 AdobeARM.exe \"
O4 - HKLM \ .. \ Run: [Lexmark X1100 Series] "C: \ Program Files \ Lexmark X1100 Series \ lxbkbmgr.exe"
O4 - HKLM \ .. \ Run:] iTunesHelper ["C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run:] AppleSyncNotifier [C: \ Program Files \ Fichiers communs \ Apple \ Mobile Device Support \ bin AppleSyncNotifier.exe \
avgtray.exe O4 - HKLM \ .. \ Run: [AVG9_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG9 \
O4 - HKCU \ .. \ Run:] msnmsgr ["C: \ Program Files \ Windows Live \ msnmsgr.exe \ Messenger" / background
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 -. Démarrage utilisateur par défaut: Pin.lnk = C: \ hp \ bin \ cloaker. EXE (User utilisateur par défaut)
O8 - Extra context menu item: Personnaliser le menu - file://C : \ Program Files Siber Systems \ AI RoboFormComCustomizeIEMenu.html \ RoboForm
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ Progra ~ 1 \ MICROS ~ 4 \ Office10 \ EXCEL.EXE/3000
O8 - Extra context menu item: Remplir des formulaires - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms \ RoboForm. html
O8 - Extra context menu item: RoboForm Toolbar - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O8 - Extra context menu item: Enregistrer les formes - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass.html \ RoboForm
O9 - Extra button: Remplir des formulaires - (320AF880-6646-11D3-ABEE-C5DBF3571F46) - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms \ RoboForm. html
O9 - Extra "Outils" menuitem: Remplir des formulaires - (320AF880-6646-11D3-ABEE-C5DBF3571F46) - file://C : \ Program Files Siber Systems \ AI RoboFormComFillForms.html \ RoboForm
O9 - Extra button: Enregistrer - (320AF880-6646-11D3-ABEE-C5DBF3571F49) - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass.html \ RoboForm
O9 - Extra "Outils" menuitem: Formulaires Sauvegarder - (320AF880-6646-11D3-ABEE-C5DBF3571F49) - file://C : \ Program Files Siber Systems \ AI RoboFormComSavePass \ RoboForm. html
O9 - Extra button: RoboForm - (724d43aa-0d85-11D4-9908-00400523e39a) - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O9 - Extra "Outils" menuitem: RoboForm Toolbar - (724d43aa-0d85-11D4-9908-00400523e39a) - file://C : \ Program Files Siber Systems \ AI RoboFormComShowToolbar.html \ RoboForm
O9 - Extra button: Recherche - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 4 \ Office11 \ REFIEBAR. DLL
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy & Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper. dll
O9 - Extra button: connexion Internet Aide - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HelpCtr vendeurs \ \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ États-Unis IEButton \ support.htm
O9 - Extra "Outils" menuitem: Aide de connexion Internet - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HelpCtr vendeurs \ \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = \ US IEButton \ support. htm
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
xpsp3res.dll O9 - Extra "Outils" menuitem: @, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (03A99563-4F42-A069-4DCF-C728A71164A3) (classe VivatyCtrl) - http://apps.vivaty . com / downloads / player /% Vivaty 20Player% 20for% 20Viewing% 203D% 20Content.cab
O16 - DPF: (38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1) (SonyOnlineInstallerX) - http://www-cdn.freerealms . com/gamedata/plugins/1.0.3.93/FreeRealmsInstaller.cab? v = 1047
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (classe WUWebControl) - http://www.update.microsoft . com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab? 1254994990384
O16 - DPF: (C02226EB-A5D7-4B1F-BD7E-635E46C2288D) (Toontown Installer ActiveX Control) - http://a.download.toontown . com/sv1.0.39.14/ttinst.cab
O16 - DPF: (E2883E8F-472f-9522-4FB0-AC9BF37916A7) - http://platformdl.adobe . com/NOS/getPlusPlus/1.6/gp. cabine
O18 - Protocol: LinkScanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG AVG9 \ \ avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C: \ WINDOWS \ system32 \ avgrsstx.dll
O23 - Service: Agere Modem appelons le progrès Audio (AgereModemAudio) - LSI Corporation - C: \ Program Files \ LSI softmodem \ agrsmsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc - C: \ Program Files \ Google \ Update \ GoogleUpdate. exe
Macrovision Corporation Service O23 -: Gestionnaire d'InstallDriver (IDriverT) - - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES. EXE
Service O23 -: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: lxbl_device - - C: \ WINDOWS \ system32 \ lxblcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
-
End of file - 10558 bytes
Page 1 sur 1
Pour répondre à ce sujet, vous devez vous connecter ou vous enregistrer. Il est gratuit.
Afficher de l'information
- Total des messages de ce sujet: 5 messages
- Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 111 invités
- Vous ne pouvez pas poster de nouveaux sujets
- Vous ne pouvez pas répondre aux sujets
- Vous ne pouvez pas éditer vos messages
- Vous ne pouvez pas supprimer vos messages
- Vous ne pouvez pas joindre des fichiers
