[Résolu] Rapport d'hijack bizare

Accélérer son PC et résoudre les problèmes de lenteur PC et Windows

Modérateur : Mods Windows

Darkwell23

[Résolu] Rapport d'hijack bizare

par Darkwell23 »

Bonjour a tous

Voila, ma mère s'étant plein que son pc ramé, j'ai pris l'initiative de le nettoyer avec une batterie de programme qui sont dans les tuto fait par Skytech, j'ai commencé par hijacthis seulement quand j'ai fais un rapport hijackthis heu ben il est apparu des choses que je n'avais jamais vu, c'est la première fois que je vois autant de ligne du même genre apparaitre dans un rapport d'hijack


je vous poste le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:25:19, on 27/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS4\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS5\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS6\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS7\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS8\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS9\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS10\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS11\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS12\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS13\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS14\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS15\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS16\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS17\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS18\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS19\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS20\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS21\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS22\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS23\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS24\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS25\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS26\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS27\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS28\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS29\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS30\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS31\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS32\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS33\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS34\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS35\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS36\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS37\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS38\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS39\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS40\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS41\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS42\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10285 bytes

En espérant que vous pourriez m'aider PDT_012

Cordialement
SkyTech

Re: Rapport d'hijack bizare

par SkyTech »

Salut,

C'est toi qui mets toutes ces DNS ?
O17 - HKLM\System\CCS\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS4\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS5\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS6\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS7\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS8\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS9\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS10\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS11\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS12\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS13\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS14\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS15\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS16\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS17\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS18\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS19\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS20\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS21\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS22\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS23\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS24\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS25\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS26\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS27\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS28\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS29\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS30\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS31\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS32\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS33\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS34\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS35\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS36\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS37\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS38\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS39\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS40\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS41\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS42\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
Car à chaque fois que tu poste le nombre s'agrandit. PDT_030
Darkwell23

Re: Rapport d'hijack bizare

par Darkwell23 »

Et non c'est ça le probléme, ça ma trop surpris quand j'ai vu tout ça

C'est pas des ports ouvert ça, parce que j'ai vu marqué TCP ? sur internet ou sur ma box ?

Moi je n'ai rien fait, et ma mére non plus d'ailleur c'est pas mon pc celui la, je suis chez neuf donc le serveur et bon mais en théorie je suis cencé n'avoir qu'une ligne comme ça et pas 40 mille, je voulais ton avis parce que je ne sais pas si c'est un beug ou si c'est une infection qui les ouvres PDT_033
Darkwell23

Re: Rapport d'hijack bizare

par Darkwell23 »

SkyTech a écrit :Salut,

C'est toi qui mets toutes ces DNS ?

Car à chaque fois que tu poste le nombre s'agrandit. PDT_030

Sérieu ? bon ben je suis bon pour combofix
SkyTech

Re: Rapport d'hijack bizare

par SkyTech »

Re,

Fais ça :
  • Menu Démarrer, dans la barre blanche "Rechercher"
  • Tape cmd, clic droit sur cmd.exe, Exécuter en tant qu'administrateur
  • Dans l'invite qui s'ouvre, copie et colle :

    Code : Tout sélectionner

    ipconfig /flushdns
  • Entrée
  • Laisse faire
Redémarre et poste un nouveau rapport HijackThis.
Darkwell23

Re: Rapport d'hijack bizare

par Darkwell23 »

Impossible de vider le cache DNS voila ce qu'il ma répondu
SkyTech

Re: Rapport d'hijack bizare

par SkyTech »

Re,

Vérifie que le service Client DNS est bien démarré.

Menu démarrer, exécuter, tape services.msc...
Darkwell23

Re: Rapport d'hijack bizare

par Darkwell23 »

Non il étais désactivé, je l'ai mis en manuel, et je l'ai démarrer, je vais refaire la manip que tu m'avais dit PDT_019
Darkwell23

Re: Rapport d'hijack bizare

par Darkwell23 »

y a pas une grande différence PDT_033

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:22:05, on 27/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS4\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS5\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS6\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS7\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS8\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS9\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS10\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS11\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS12\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS13\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS14\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS15\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS16\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS17\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS18\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS19\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS20\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS21\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS22\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS23\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS24\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS25\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS26\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS27\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS28\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS29\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS30\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS31\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS32\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS33\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS34\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS35\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS36\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS37\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS38\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS39\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS40\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS41\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS42\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10143 bytes
pourtant la cash dns a était vider
SkyTech

Re: Rapport d'hijack bizare

par SkyTech »

Re,


Remet Client DNS en désactivé.

Fais un Reset de ta box.

Puis :

Relance HijackThis (clic droit dessus, Exécuter en tant qu'administrateur), coche ces lignes et clic sur Fix checked.

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS4\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS5\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS6\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS7\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS8\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS9\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS10\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS11\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS12\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS13\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS14\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS15\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS16\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS17\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS18\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS19\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS20\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS21\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS22\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS23\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS24\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS25\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS26\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS27\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS28\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS29\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS30\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS31\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS32\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS33\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS34\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS35\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS36\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS37\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS38\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS39\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS40\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS41\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS42\Services\Tcpip\..\{37EA39CF-84FF-413E-93CC-74CD6F1FEA0C}: NameServer = 192.168.1.1
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)


---

Désinstalle Windows Live Toolbar en passant par Installation Windows Live.

Redémarre et poste un nouveau rapport HijackThis.
Darkwell23

Re: Rapport d'hijack bizare

par Darkwell23 »

Comment on fait un reset ?

je vois pas ce que tu veux dire par reset PDT_033
SkyTech

Re: Rapport d'hijack bizare

par SkyTech »

Re,

En gros tu réinitialise la box.

Tu dois avoir un bouton dessus.
Darkwell23

Re: Rapport d'hijack bizare

par Darkwell23 »

C'est bon j'ai fais reset, et j'ai fixé les ligne

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:37:33, on 27/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O13 - Gopher Prefix:
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5095 bytes

Voila le nouveau rapport
Par contr j'ai un petit souci, je n'ai plus internet sur le pc de ma mére, alors qu'il m'indique que je suis connecté a ma neuf
SkyTech

Re: Rapport d'hijack bizare

par SkyTech »

Re,

Tu as bien fais un Reset de la box ?

Tu as bien redémarré après avoir fixé les lignes ?

Dans l'Invite de commande tape :

Code : Tout sélectionner

netsh winsock reset catalog
Puis Entrée.

Redémarre.
Darkwell23

Re: Rapport d'hijack bizare

par Darkwell23 »

J'ai réglé le probléme, c'étais juste l'adresse IP du pc de ma mére qui étais en conflit avec l'adresse IP de mon pc PDT_019
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Accélérer Windows et problème de lenteur PC »