analyse hijackthis

analyse hijackthis - Sécurité - Windows & Software

Marsh Posté le 26-11-2005 à 15:49:13    

salut,  
je vous joins une analyse hijackthis.  
 
je l'ai déjà fait évaluer en ligne sur hijackthis, et on me précise que dans les "023", le fichier "idriverT.exe" peut être mauvais.  
 
le pb, c'est qu'il s'accroche, le bougre.  
qu'en pensez-vous?  
merci de vos réponses  
 
Logfile of HijackThis v1.99.1  
Scan saved at 14:16:14, on 26/11/2005  
Platform: Windows XP SP2 (WinNT 5.01.2600)  
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)  
 
Running processes:  
C:\WINDOWS\System32\smss.exe  
C:\WINDOWS\system32\winlogon.exe  
C:\WINDOWS\system32\services.exe  
C:\WINDOWS\system32\lsass.exe  
C:\WINDOWS\system32\Ati2evxx.exe  
C:\WINDOWS\system32\svchost.exe  
C:\WINDOWS\System32\svchost.exe  
C:\Program Files\Sygate\SPF\smc.exe  
C:\WINDOWS\system32\spoolsv.exe  
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe  
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe  
C:\WINDOWS\system32\Ati2evxx.exe  
C:\WINDOWS\Explorer.EXE  
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe  
C:\WINDOWS\system32\keyhook.exe  
C:\windows\system\hpsysdrv.exe  
C:\WINDOWS\system32\hphmon06.exe  
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe  
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe  
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe  
C:\WINDOWS\AGRSMMSG.exe  
C:\HP\KBD\KBD.EXE  
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe  
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe  
C:\Program Files\Internet Explorer\iexplore.exe  
C:\Documents and Settings\HP_Propriétaire\Mes documents\HijackThis.exe  
 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop  
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop  
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens  
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll  
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll  
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll  
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe  
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe  
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe  
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe  
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe  
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"  
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe  
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP  
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe  
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE  
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe  
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui  
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"  
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll  
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll  
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab  
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204  
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 0438571646  
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 1286859281  
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/ [...] DASAct.cab  
O17 - HKLM\System\CCS\Services\Tcpip\..\{1AA9BD27-F16C-45B5-B774-14372A770199}: NameServer = 192.168.1.1  
O17 - HKLM\System\CCS\Services\Tcpip\..\{6103F1BF-5C7B-4CDD-9597-D7DB880AB7C8}: NameServer = 192.168.1.1  
O17 - HKLM\System\CCS\Services\Tcpip\..\{956895CB-B6D6-4C05-ADB1-8245119FBBA6}: NameServer = 80.118.192.100 80.118.196.36  
O17 - HKLM\System\CS1\Services\Tcpip\..\{1AA9BD27-F16C-45B5-B774-14372A770199}: NameServer = 192.168.1.1  
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)  
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll  
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe  
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe  
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe  
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe  
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)  
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe  
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe  
 
 

Reply

Marsh Posté le 26-11-2005 à 15:49:13   

Reply

Marsh Posté le 26-11-2005 à 16:44:57    

Reply

Marsh Posté le 26-11-2005 à 16:56:15    

ok vu
merci

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed