Log HJT
- gameyharp
- Born
- Inscription: Oct 17, 2008
- Messages: 2
- Status: Offline
Octobre 17th, 2008, 4:09 pm
Logfile de HijackThis v1.99.1
Scan sauvé à 7:05:02 PM, le 10.17.2008
Plate-forme: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv. exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ RTHDCPL.EXE
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ Program Files \ SpyBot - Search & Destroy \ TeaTimer.exe
C: \ Fraps \ FRAPS.EXE
C: \ WINDOWS \ system32 \ PnkBstrA.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashmaisv. exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ Documents and Settings \ GameyHarp \ Desktop \ Ventrilo.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Trillian \ trillian.exe
C: \ Program Files \ Xfire \ xfire.exe
C: \ Program Files \ Mozilla Firefox 3.1 Beta 1 \ firefox.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashSimpl.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashSimpl.exe
C: \ Program Files \ HijackThis \ HijackThis. exe
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] alcmtr.exe
O4 - HKLM \ .. \ Run: [avast! ] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [PWRISOVM.EXE] C: \ Program Files \ PowerISO \ PWRISOVM.EXE
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [DAEMON Tools Lite] "C: \ Program Files \ DAEMON Tools Lite \ daemon.exe"-autorun
O4 - HKCU \ .. \ Run: [igndlm.exe] C: \ Program Files \ Download Manager \ DLM.exe / windowsstart / startifwork
O4 - HKCU \ .. \ Run: [Fraps] C: \ Fraps \ Fraps. EXE
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C: \ WINDOWS \ system32 \ ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C: \ Program Files \ Alwil Software \ Avast4 \ ashmaisv.exe "/ service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv. exe "/ service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C: \ WINDOWS \ system32 \ PnkBstrA.exe
Starup générés liste
StartupList rapport, 10.17.2008, 7:47:09 PM
StartupList version: 1.52. 2
Commencé à partir de: C: \ Program Files \ HijackThis \ HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Utiliser les options par défaut
* Liste des sections importantes rarement
==================================================
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx. exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ Documents and Settings \ GameyHarp \ Desktop \ Ventrilo.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Trillian \ trillian.exe
C: \ Program Files \ Xfire \ xfire.exe
C: \ Program Files \ Mozilla Firefox 3.1 Beta 1 \ firefox.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashSimpl. exe
C: \ WINDOWS \ system32 \ taskmgr.exe
C: \ Program Files \ HijackThis \ HijackThis.exe
--------------------------------------------------
Vérification de Windows NT Userinit:
[HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon]
Userinit = C: \ WINDOWS \ system32 \ userinit.exe,
--------------------------------------------------
Autorun entrées de registre:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
NvCplDaemon = Rundll32. EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
nwiz = nwiz.exe / install
NvMediaCenter = RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
RTHDCPL = RTHDCPL.EXE
Alcmtr = alcmtr.exe
avast! = C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
PWRISOVM.EXE = C: \ Program Files \ PowerISO \ PWRISOVM.EXE
QuickTime Task = "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
SunJavaUpdateSched = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched. exe "
WinampAgent = "C: \ Program Files \ Winamp \ winampa.exe"
--------------------------------------------------
Autorun entrées de registre:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
SpybotSD TeaTimer = C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
MSMSGS = "C: \ Program Files \ Messenger \ msmsgs.exe" / background
DAEMON Tools Lite = "C: \ Program Files \ DAEMON Tools Lite \ daemon.exe"-autorun
igndlm. exe = C: \ Program Files \ Download Manager \ DLM.exe / windowsstart / startifwork
Fraps = C: \ Fraps \ FRAPS.EXE
--------------------------------------------------
Énumération Active Setup stub paths:
HKLM \ Software \ Microsoft \ Active Setup \ Installed Components
(* = Désactivé par HKCU twin)
[> (22d6f312-b0f6-11d0-94ab-0080c74c7e95)]
Stubpath = C: \ WINDOWS \ inf \ unregmp2. exe / ShowWMP
[> (26923b43-4d38-484f-9b9e-de460746276c)] *
Stubpath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigIE
[> (881dd1c5-3dcf-431b-b061-f3f88e8be88a)] *
Stubpath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigOE
[(2C7339CF-2B09-4501-B3F3-F3508C9228ED)] *
Stubpath =% SystemRoot% \ system32 \ regsvr32.exe / s / n / i: / UserInstall% SystemRoot% \ system32 \ themeui. dll
[(44BBA840-CC51-11CF-AAFA-00AA00B6015C)] *
Stubpath = "% ProgramFiles% \ Outlook Express \ setup50.exe" / APP: OE / CALLER: WINNT / user / install
[(7790769C-0471-11d2-AF11-00C04FA35D02)] *
Stubpath = "% ProgramFiles% \ Outlook Express \ setup50.exe" / APP: WAB / CALLER: WINNT / user / install
[(89820200-ecbd-11cf-8B85-00AA005B4340)] *
Stubpath = regsvr32.exe / s / n / i: U shell32. dll
[(89820200-ecbd-11cf-8B85-00AA005B4383)] *
Stubpath =% SystemRoot% \ system32 \ ie4uinit.exe
[(89B4C1CD-B018-4511-B0A1-5476DBF70820)] *
Stubpath = C: \ WINDOWS \ system32 \ Rundll32.exe C: \ WINDOWS \ system32 \ mscories.dll, Installation
--------------------------------------------------
Shell & clé d'écran de veille à partir de C: \ WINDOWS \ SYSTEM.INI:
Shell =* INI section not found *
SCRNSAVE. EXE =* INI section not found *
drivers =* INI section not found *
Shell & screensaver clé de registre:
Shell = Explorer.exe
SCRNSAVE.EXE = C: \ WINDOWS \ System32 \ logon.scr
drivers =* Registry pas trouvé de valeur *
Policies Shell key:
HKCU \ .. \ Policies: Shell =* pas trouvé la clé de Registre *
HKLM \ .. \ Policies: Shell =* Registry pas trouvé de valeur *
--------------------------------------------------
Vérification de EXPLORER.EXE instances:
C: \ WINDOWS \ Explorer. exe: PRESENT!
C: \ Explorer.exe: pas
C: \ WINDOWS \ Explorer \ Explorer.exe: pas
C: \ WINDOWS \ System \ Explorer.exe: pas
C: \ WINDOWS \ System32 \ Explorer.exe: pas
C: \ WINDOWS \ Command \ Explorer.exe: pas
C: \ WINDOWS \ Fonts \ Explorer.exe: pas
--------------------------------------------------
Vérification de la superhidden extensions:
. lnk: HIDDEN! (arrow overlay: yes)
. pif: HIDDEN! (arrow overlay: yes)
. exe: pas caché
. com: pas caché
. bat: pas caché
. hta: pas caché
. scr: pas caché
. shs: HIDDEN!
. shb: HIDDEN!
. vbs: pas caché
. vbe: pas caché
. wsh: pas caché
. scf: HIDDEN! (arrow overlay: NO!)
. url: HIDDEN! (arrow overlay: yes)
. js: pas caché
. jse: pas caché
--------------------------------------------------
Énumération Browser Helper Objects:
(pas de nom) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv. dll - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)
--------------------------------------------------
Énumération des services Windows NT/2000/XP
aswFsBlk: system32 \ drivers \ aswFsBlk.sys (autostart)
avast! iAVS4 Control Service: "C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv.exe" (autostart)
Ati HotKey Poller:% SystemRoot% \ system32 \ Ati2evxx.exe (autostart)
ATI Smart: C: \ WINDOWS \ system32 \ ati2sgag.exe (autostart)
Audio Windows:% SystemRoot% \ System32 \ svchost. exe-k netsvcs (autostart)
avast! Antivirus: "C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe" (autostart)
Background Intelligent Transfer Service:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Computer Browser:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Services de cryptographie:% SystemRoot% \ system32 \ svchost. exe-k netsvcs (autostart)
DCOM Server Process Launcher:% SystemRoot% \ system32 \ svchost-k DcomLaunch (autostart)
Client DHCP:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Logical Disk Manager:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Client DNS:% SystemRoot% \ system32 \ svchost.exe-k NetworkService (autostart)
Error Reporting Service:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Journal des événements:% SystemRoot% \ system32 \ services. exe (autostart)
Aide et support:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Serveur:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Workstation:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
TCP / IP NetBIOS Helper:% SystemRoot% \ system32 \ svchost.exe-k LocalService (autostart)
NVIDIA Display Driver Service:% SystemRoot% \ system32 \ nvsvc32.exe (autostart)
Plug and Play:% SystemRoot% \ system32 \ services. exe (autostart)
PnkBstrA: C: \ WINDOWS \ system32 \ PnkBstrA.exe (autostart)
Services IPSEC:% SystemRoot% \ system32 \ lsass.exe (autostart)
Protected Storage:% SystemRoot% \ system32 \ lsass.exe (autostart)
À distance au Registre:% SystemRoot% \ system32 \ svchost.exe-k LocalService (autostart)
Remote Procedure Call (RPC):% SystemRoot% \ system32 \ svchost-k rpcss (autostart)
Gestionnaire de comptes de sécurité:% SystemRoot% \ system32 \ lsass.exe (autostart)
Planificateur de tâches:% SystemRoot% \ System32 \ svchost. exe-k netsvcs (autostart)
Secdrv: system32 \ drivers \ secdrv.sys (autostart)
Secondary Logon:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
System Event Notification:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Pare-feu Windows / Partage de connexion Internet (ICS):% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Shell Hardware Detection:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Spouleur d'impression:% SystemRoot% \ system32 \ spoolsv. exe (autostart)
Service de restauration du système:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Windows Image Acquisition (WIA):% SystemRoot% \ system32 \ svchost.exe-k imgsvc (autostart)
Thèmes:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Client de suivi de lien distribué:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Windows Time:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
WebClient:% SystemRoot% \ system32 \ svchost. exe-k LocalService (autostart)
Windows Management Instrumentation:% systemroot% \ system32 \ svchost.exe-k netsvcs (autostart)
Centre de sécurité:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Mises à jour automatiques:% systemroot% \ system32 \ svchost.exe-k netsvcs (autostart)
Wireless Zero Configuration:% SystemRoot% \ System32 \ svchost. exe-k netsvcs (autostart)
--------------------------------------------------
Énumération ShellServiceObjectDelayLoad items:
PostBootReminder: C: \ WINDOWS \ system32 \ shell32.dll
CDBurn: C: \ WINDOWS \ system32 \ shell32.dll
WebCheck: C: \ WINDOWS \ system32 \ Webcheck.dll
SysTray: C: \ WINDOWS \ system32 \ stobject.dll
--------------------------------------------------
Fin du rapport, 10098 octets
Rapport généré en 0. 047 secondes
Maintenant Im sûrs à 100% Im se connecter en raison d'un certain jeu que je joue, je sais que les infos de son passé a changé la nuit dernière. Si quelqu'un peut aider à meh, il serait grandement apprécié.
Scan sauvé à 7:05:02 PM, le 10.17.2008
Plate-forme: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv. exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ RTHDCPL.EXE
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ Program Files \ SpyBot - Search & Destroy \ TeaTimer.exe
C: \ Fraps \ FRAPS.EXE
C: \ WINDOWS \ system32 \ PnkBstrA.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashmaisv. exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ Documents and Settings \ GameyHarp \ Desktop \ Ventrilo.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Trillian \ trillian.exe
C: \ Program Files \ Xfire \ xfire.exe
C: \ Program Files \ Mozilla Firefox 3.1 Beta 1 \ firefox.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashSimpl.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashSimpl.exe
C: \ Program Files \ HijackThis \ HijackThis. exe
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] alcmtr.exe
O4 - HKLM \ .. \ Run: [avast! ] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [PWRISOVM.EXE] C: \ Program Files \ PowerISO \ PWRISOVM.EXE
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [DAEMON Tools Lite] "C: \ Program Files \ DAEMON Tools Lite \ daemon.exe"-autorun
O4 - HKCU \ .. \ Run: [igndlm.exe] C: \ Program Files \ Download Manager \ DLM.exe / windowsstart / startifwork
O4 - HKCU \ .. \ Run: [Fraps] C: \ Fraps \ Fraps. EXE
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C: \ WINDOWS \ system32 \ ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C: \ Program Files \ Alwil Software \ Avast4 \ ashmaisv.exe "/ service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv. exe "/ service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C: \ WINDOWS \ system32 \ PnkBstrA.exe
Starup générés liste
StartupList rapport, 10.17.2008, 7:47:09 PM
StartupList version: 1.52. 2
Commencé à partir de: C: \ Program Files \ HijackThis \ HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Utiliser les options par défaut
* Liste des sections importantes rarement
==================================================
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx. exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ Documents and Settings \ GameyHarp \ Desktop \ Ventrilo.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Trillian \ trillian.exe
C: \ Program Files \ Xfire \ xfire.exe
C: \ Program Files \ Mozilla Firefox 3.1 Beta 1 \ firefox.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashSimpl. exe
C: \ WINDOWS \ system32 \ taskmgr.exe
C: \ Program Files \ HijackThis \ HijackThis.exe
--------------------------------------------------
Vérification de Windows NT Userinit:
[HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon]
Userinit = C: \ WINDOWS \ system32 \ userinit.exe,
--------------------------------------------------
Autorun entrées de registre:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
NvCplDaemon = Rundll32. EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
nwiz = nwiz.exe / install
NvMediaCenter = RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
RTHDCPL = RTHDCPL.EXE
Alcmtr = alcmtr.exe
avast! = C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
PWRISOVM.EXE = C: \ Program Files \ PowerISO \ PWRISOVM.EXE
QuickTime Task = "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
SunJavaUpdateSched = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched. exe "
WinampAgent = "C: \ Program Files \ Winamp \ winampa.exe"
--------------------------------------------------
Autorun entrées de registre:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
SpybotSD TeaTimer = C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
MSMSGS = "C: \ Program Files \ Messenger \ msmsgs.exe" / background
DAEMON Tools Lite = "C: \ Program Files \ DAEMON Tools Lite \ daemon.exe"-autorun
igndlm. exe = C: \ Program Files \ Download Manager \ DLM.exe / windowsstart / startifwork
Fraps = C: \ Fraps \ FRAPS.EXE
--------------------------------------------------
Énumération Active Setup stub paths:
HKLM \ Software \ Microsoft \ Active Setup \ Installed Components
(* = Désactivé par HKCU twin)
[> (22d6f312-b0f6-11d0-94ab-0080c74c7e95)]
Stubpath = C: \ WINDOWS \ inf \ unregmp2. exe / ShowWMP
[> (26923b43-4d38-484f-9b9e-de460746276c)] *
Stubpath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigIE
[> (881dd1c5-3dcf-431b-b061-f3f88e8be88a)] *
Stubpath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigOE
[(2C7339CF-2B09-4501-B3F3-F3508C9228ED)] *
Stubpath =% SystemRoot% \ system32 \ regsvr32.exe / s / n / i: / UserInstall% SystemRoot% \ system32 \ themeui. dll
[(44BBA840-CC51-11CF-AAFA-00AA00B6015C)] *
Stubpath = "% ProgramFiles% \ Outlook Express \ setup50.exe" / APP: OE / CALLER: WINNT / user / install
[(7790769C-0471-11d2-AF11-00C04FA35D02)] *
Stubpath = "% ProgramFiles% \ Outlook Express \ setup50.exe" / APP: WAB / CALLER: WINNT / user / install
[(89820200-ecbd-11cf-8B85-00AA005B4340)] *
Stubpath = regsvr32.exe / s / n / i: U shell32. dll
[(89820200-ecbd-11cf-8B85-00AA005B4383)] *
Stubpath =% SystemRoot% \ system32 \ ie4uinit.exe
[(89B4C1CD-B018-4511-B0A1-5476DBF70820)] *
Stubpath = C: \ WINDOWS \ system32 \ Rundll32.exe C: \ WINDOWS \ system32 \ mscories.dll, Installation
--------------------------------------------------
Shell & clé d'écran de veille à partir de C: \ WINDOWS \ SYSTEM.INI:
Shell =* INI section not found *
SCRNSAVE. EXE =* INI section not found *
drivers =* INI section not found *
Shell & screensaver clé de registre:
Shell = Explorer.exe
SCRNSAVE.EXE = C: \ WINDOWS \ System32 \ logon.scr
drivers =* Registry pas trouvé de valeur *
Policies Shell key:
HKCU \ .. \ Policies: Shell =* pas trouvé la clé de Registre *
HKLM \ .. \ Policies: Shell =* Registry pas trouvé de valeur *
--------------------------------------------------
Vérification de EXPLORER.EXE instances:
C: \ WINDOWS \ Explorer. exe: PRESENT!
C: \ Explorer.exe: pas
C: \ WINDOWS \ Explorer \ Explorer.exe: pas
C: \ WINDOWS \ System \ Explorer.exe: pas
C: \ WINDOWS \ System32 \ Explorer.exe: pas
C: \ WINDOWS \ Command \ Explorer.exe: pas
C: \ WINDOWS \ Fonts \ Explorer.exe: pas
--------------------------------------------------
Vérification de la superhidden extensions:
. lnk: HIDDEN! (arrow overlay: yes)
. pif: HIDDEN! (arrow overlay: yes)
. exe: pas caché
. com: pas caché
. bat: pas caché
. hta: pas caché
. scr: pas caché
. shs: HIDDEN!
. shb: HIDDEN!
. vbs: pas caché
. vbe: pas caché
. wsh: pas caché
. scf: HIDDEN! (arrow overlay: NO!)
. url: HIDDEN! (arrow overlay: yes)
. js: pas caché
. jse: pas caché
--------------------------------------------------
Énumération Browser Helper Objects:
(pas de nom) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv. dll - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)
--------------------------------------------------
Énumération des services Windows NT/2000/XP
aswFsBlk: system32 \ drivers \ aswFsBlk.sys (autostart)
avast! iAVS4 Control Service: "C: \ Program Files \ Alwil Software \ Avast4 \ aswupdsv.exe" (autostart)
Ati HotKey Poller:% SystemRoot% \ system32 \ Ati2evxx.exe (autostart)
ATI Smart: C: \ WINDOWS \ system32 \ ati2sgag.exe (autostart)
Audio Windows:% SystemRoot% \ System32 \ svchost. exe-k netsvcs (autostart)
avast! Antivirus: "C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe" (autostart)
Background Intelligent Transfer Service:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Computer Browser:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Services de cryptographie:% SystemRoot% \ system32 \ svchost. exe-k netsvcs (autostart)
DCOM Server Process Launcher:% SystemRoot% \ system32 \ svchost-k DcomLaunch (autostart)
Client DHCP:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Logical Disk Manager:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Client DNS:% SystemRoot% \ system32 \ svchost.exe-k NetworkService (autostart)
Error Reporting Service:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Journal des événements:% SystemRoot% \ system32 \ services. exe (autostart)
Aide et support:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Serveur:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Workstation:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
TCP / IP NetBIOS Helper:% SystemRoot% \ system32 \ svchost.exe-k LocalService (autostart)
NVIDIA Display Driver Service:% SystemRoot% \ system32 \ nvsvc32.exe (autostart)
Plug and Play:% SystemRoot% \ system32 \ services. exe (autostart)
PnkBstrA: C: \ WINDOWS \ system32 \ PnkBstrA.exe (autostart)
Services IPSEC:% SystemRoot% \ system32 \ lsass.exe (autostart)
Protected Storage:% SystemRoot% \ system32 \ lsass.exe (autostart)
À distance au Registre:% SystemRoot% \ system32 \ svchost.exe-k LocalService (autostart)
Remote Procedure Call (RPC):% SystemRoot% \ system32 \ svchost-k rpcss (autostart)
Gestionnaire de comptes de sécurité:% SystemRoot% \ system32 \ lsass.exe (autostart)
Planificateur de tâches:% SystemRoot% \ System32 \ svchost. exe-k netsvcs (autostart)
Secdrv: system32 \ drivers \ secdrv.sys (autostart)
Secondary Logon:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
System Event Notification:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Pare-feu Windows / Partage de connexion Internet (ICS):% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Shell Hardware Detection:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Spouleur d'impression:% SystemRoot% \ system32 \ spoolsv. exe (autostart)
Service de restauration du système:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Windows Image Acquisition (WIA):% SystemRoot% \ system32 \ svchost.exe-k imgsvc (autostart)
Thèmes:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Client de suivi de lien distribué:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (autostart)
Windows Time:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
WebClient:% SystemRoot% \ system32 \ svchost. exe-k LocalService (autostart)
Windows Management Instrumentation:% systemroot% \ system32 \ svchost.exe-k netsvcs (autostart)
Centre de sécurité:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (autostart)
Mises à jour automatiques:% systemroot% \ system32 \ svchost.exe-k netsvcs (autostart)
Wireless Zero Configuration:% SystemRoot% \ System32 \ svchost. exe-k netsvcs (autostart)
--------------------------------------------------
Énumération ShellServiceObjectDelayLoad items:
PostBootReminder: C: \ WINDOWS \ system32 \ shell32.dll
CDBurn: C: \ WINDOWS \ system32 \ shell32.dll
WebCheck: C: \ WINDOWS \ system32 \ Webcheck.dll
SysTray: C: \ WINDOWS \ system32 \ stobject.dll
--------------------------------------------------
Fin du rapport, 10098 octets
Rapport généré en 0. 047 secondes
Maintenant Im sûrs à 100% Im se connecter en raison d'un certain jeu que je joue, je sais que les infos de son passé a changé la nuit dernière. Si quelqu'un peut aider à meh, il serait grandement apprécié.
- Anonymous
- Bot
- Inscription: 25 Feb 2008
- Messages: ?
- Loc: Ozzuland
- Status: Online
Octobre 17th, 2008, 4:09 pm
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Octobre 17th, 2008, 7:33 pm
[> (26923b43-4d38-484f-9b9e-de460746276c)] *
Stubpath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigIE
[> (881dd1c5-3dcf-431b-b061-f3f88e8be88a)] *
Stubpath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigOE
Voilà le seul cheval de Troie je vois.
Stubpath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigIE
[> (881dd1c5-3dcf-431b-b061-f3f88e8be88a)] *
Stubpath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigOE
Voilà le seul cheval de Troie je vois.
How do you know when a politician is lying? His mouth is moving.
Page 1 sur 1
Pour répondre à ce sujet, vous devez vous connecter ou vous enregistrer. Il est gratuit.
Afficher de l'information
- Total des messages de ce sujet: 2 messages
- Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 102 invités
- Vous ne pouvez pas poster de nouveaux sujets
- Vous ne pouvez pas répondre aux sujets
- Vous ne pouvez pas éditer vos messages
- Vous ne pouvez pas supprimer vos messages
- Vous ne pouvez pas joindre des fichiers
