Logfile of Trend Micro HijackThis v2.0.2 |
Scan saved at 18:28:23, on 06/03/2008 |
Platform: Windows XP SP2 (WinNT 5.01.2600) |
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) |
Boot mode: Normal |
Running processes: |
C:\WINDOWS\System32\smss.exe |
C:\WINDOWS\system32\winlogon.exe |
C:\WINDOWS\system32\services.exe |
C:\WINDOWS\system32\lsass.exe |
C:\WINDOWS\system32\svchost.exe |
C:\WINDOWS\System32\svchost.exe |
C:\WINDOWS\system32\spoolsv.exe |
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe |
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe |
C:\WINDOWS\Explorer.EXE |
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe |
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe |
C:\WINDOWS\system32\nvsvc32.exe |
C:\Program Files\Promise Technology, Inc\Promise Array Management\MsgSvr.exe |
C:\WINDOWS\system32\svchost.exe |
C:\Program Files\Logitech\iTouch\iTouch.exe |
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe |
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe |
C:\Program Files\ASUS\Probe\AsusProb.exe |
C:\WINDOWS\system32\RUNDLL32.EXE |
C:\Program Files\iTunes\iTunesHelper.exe |
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe |
C:\Program Files\Windows Live\Messenger\msnmsgr.exe |
C:\Program Files\CursorXP\CursorXP.exe |
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe |
C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe |
C:\Program Files\Xfire\Xfire.exe |
C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe |
C:\Program Files\iPod\bin\iPodService.exe |
C:\Program Files\Windows Live\Contacts\wlcomm.exe |
C:\Program Files\Windows Live\Messenger\usnsvc.exe |
C:\WINDOWS\system32\wisptis.exe |
C:\Program Files\Mozilla Firefox\firefox.exe |
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe |
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com |
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = |
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens |
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx |
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL |
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll |
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) |
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll |
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll |
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll |
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll |
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode |
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe |
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe |
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" |
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k |
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe |
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup |
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install |
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit |
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime |
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" |
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe |
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background |
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe |
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear |
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe |
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') |
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') |
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') |
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') |
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') |
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') |
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe |
O4 - Startup: Y'z Toolbar.lnk = ? |
O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ? |
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll |
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll |
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll |
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL |
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll |
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll |
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll |
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL |
O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\WINDOWS\system32\controlkids2.dll |
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe |
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe |
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe |
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe |
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe |
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe |
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe |
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe |
O23 - Service: Promise Array Message Server (RAIDmSvr) - Unknown owner - C:\Program Files\Promise Technology, Inc.\Promise Array Management\MsgSvr.exe |
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe |
-- |
End of file - 7709 bytes |