bonjour,
je suis nouvelle sur le site alors je ne sais pas trop si je poste mon message au bon endroit...j'aimerai avoir un avis sur cette analyse et savoir quoi supprimer ou pas car mon pc devient assez lent ces temps-ci...
Logfile of HijackThis v1.99.1
Scan saved at 22:02:18, on 2007-01-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32wltrysvc.exe
C:WINDOWSSystem32cmwltry.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:WINDOWSsystem32Atievxx.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:PROGRA~1GrisoftAVG7avgamsvr.exe
C:PROGRA~1GrisoftAVG7avgupsvc.exe
C:PROGRA~1GrisoftAVG7avgemc.exe
C:Program FilesFichiers communsMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:PROGRA~1GrisoftAVG7avgcc.exe
C:WINDOWSsystem32wltray.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesQuickTimeqttask.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesiPodiniPodService.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesGoogleGoogleToolbarNotifier1.2.908.5008GoogleToolbarNotifier.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4ashSimpl.exe
C:Documents and SettingsDANNY_VENUSLocal SettingsTemporary Internet FilesContent.IE5IB9WN9SGHijackThis[1].exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:Program FilesWindows Desktop SearchdsWebAllow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_09inssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVG7avgcc.exe /STARTUP
O4 - HKLM..Run: [wltray.exe] C:WINDOWSsystem32wltray.exe
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN Messengermsnmsgr.exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:PROGRA~1MSNMES~1MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:PROGRA~1MSNMES~1MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgemc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:WINDOWSSystem32wltrysvc.exe
voici ce que l'analyse en ligne m'a transmit:
Actions Inscription Genre Visitor's assessment Information
Logfile of HijackThis v1.99.1
Votre version semble être actuelle.
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Votre version semble être actuelle.
C:WINDOWSSystem32smss.exe
Very safe
This entry was classified from our visitors as good.
C:WINDOWSsystem32winlogon.exe
Very safe
This entry was classified from our visitors as good.
C:WINDOWSsystem32services.exe
Safe
This entry was classified from our visitors as good.
C:WINDOWSsystem32lsass.exe
Very safe
This entry was classified from our visitors as good.
C:WINDOWSsystem32svchost.exe
Safe
This entry was classified from our visitors as good.
C:WINDOWSSystem32svchost.exe
Very safe
This entry was classified from our visitors as good.
C:WINDOWSSystem32wltrysvc.exe
Very safe
Broadcom Corporation Wireless Network Tray Applet
C:WINDOWSSystem32cmwltry.exe
Safe
This entry was classified from our visitors as good.
C:WINDOWSsystem32spoolsv.exe
Safe
This entry was classified from our visitors as good.
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
Very safe
C:WINDOWSsystem32Atievxx.exe
Nasty
Grafikkartensoftware
C:Program FilesAlwil SoftwareAvast4ashServ.exe
Very safe
This entry was classified from our visitors as good.
C:PROGRA~1GrisoftAVG7avgamsvr.exe
Safe
This entry was classified from our visitors as good.
C:PROGRA~1GrisoftAVG7avgupsvc.exe
Very safe
This entry was classified from our visitors as good.
C:PROGRA~1GrisoftAVG7avgemc.exe
Very safe
This entry was classified from our visitors as good.
C:Program FilesFichiers communsMicrosoft SharedVS7Debugmdm.exe
Eventuellement méchant! Selon notre base de données, ce processus s'exécute normalement dans c:programmegemeinsame dateienmicrosoft sharedvs7debug! Vérifiez si vous connaissez ce processus et arrangez un contrôle antivirus si nécessaire.Machine Debug Manager. Used by developers.
C:WINDOWSsystem32svchost.exe
Safe
This entry was classified from our visitors as good.
C:WINDOWSExplorer.EXE
Very safe
This entry was classified from our visitors as good.
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
Very safe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
Safe
This entry was classified from our visitors as good.
C:PROGRA~1GrisoftAVG7avgcc.exe
Very safe
This entry was classified from our visitors as good.
C:WINDOWSsystem32wltray.exe
Safe
This entry was classified from our visitors as good.
C:Program FilesiTunesiTunesHelper.exe
Safe Non dangereux, mais tout de même superflu.
Apple iTunes
C:Program FilesQuickTimeqttask.exe
Neutral
Part of QuickTime
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
Very safe
This entry was classified from our visitors as good.
C:Program FilesiPodiniPodService.exe
Very safe
C:Program FilesMSN Messengermsnmsgr.exe
Very safe
This entry was classified from our visitors as good.
C:WINDOWSsystem32ctfmon.exe
Very safe
This entry was classified from our visitors as good.
C:WINDOWSsystem32wuauclt.exe
Neutral
Windows Update AutoUpdate Client
C:Program FilesInternet ExplorerIEXPLORE.EXE
Very safe
This entry was classified from our visitors as good.
C:Program FilesGoogleGoogleToolbarNotifier1.2.908.5008GoogleToolbarNotifier.exe
Associated with GoogleToolbarNotifier from Google Inc.
C:WINDOWSsystem32svchost.exe
Safe
This entry was classified from our visitors as good.
C:Program FilesAlwil SoftwareAvast4ashSimpl.exe
Neutral
Avast-Scanner
C:Documents and SettingsDANNY_VENUSLocal SettingsTemporary Internet FilesContent.IE5IB9WN9SGHijackThis[1].exe
HijackThis
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
Ce site a été identifié comme étant non dangereux
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
Cette inscription a été identifiée comme étant non dangereuse.
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:Program FilesWindows Desktop SearchdsWebAllow.dll
dsWebAllow.dll - Windows Desktop Search,
http://www.microsoft.com/windows/desktop search/enterprise/default.mspx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
Safe This entry was classified from our visitors as good.
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_09inssv.dll
Java von SUN jre1.5.0 update 6
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
WindowsLiveLogin.dll - Microsoft Windows_Live,
http://ideas.live.com/
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll
googletoolbar.dll, googletoolbar*.dll (* = number), googletoolbar_en_*.**-big.dll, Googletoolbar_en_*.*.**-deleon.dll. - Google toolbar,
http://toolbar.google.com/
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll
googletoolbar.dll, googletoolbar*.dll (* = digit), googlenav.dll, googlenav*.dll, googletoolbar_en_*.**-big.dll, googletoolbar_en_*.*.**-deleon.dll - Google Toolbar
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVG7avgcc.exe /STARTUP
AVG Anti-Virus 7.0 Control Center. Allows you to manage and control all AVG Anti-Virus components, settings and updates
O4 - HKLM..Run: [wltray.exe] C:WINDOWSsystem32wltray.exe
Il semble que le nom de ce programme est le même que le nom du fichier. Dans la plupart des cas, ceci est le résultat d'un troyen. Pour être certain, vous devriez contrôler ce fichier.
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
Non dangereux, mais tout de même superflu.
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
Non dangereux, mais tout de même superflu.QuickTime
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
Part of Avast! anti-virus software
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN Messengermsnmsgr.exe" /background
Microsoft s MSN Messenger 6
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
Office related
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
Cette inscription E&xporter vers Microsoft Excel a été identifiée comme étant non dangereuse.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
Cette inscription a été identifiée comme étant non dangereuse.
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005 ... /housecall /xscan53.cab
Cette inscription a été identifiée comme étant non dangereuse.
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:PROGRA~1MSNMES~1MSGRAP~1.DLL
Cette inscription a été identifiée comme étant non dangereuse.
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:PROGRA~1MSNMES~1MSGRAP~1.DLL
Cette inscription a été identifiée comme étant non dangereuse.
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
Ce service (aswUpdSv.exe) a été identifié comme étant légitime.
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
Ce service (ashServ.exe) a été identifié comme étant légitime.
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
Ce service (ashMaiSv.exe) a été identifié comme étant légitime.
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
Ce service (ashWebSv.exe) a été identifié comme étant légitime.
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe
Ce service (avgamsvr.exe) a été identifié comme étant légitime.
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe
Ce service (avgupsvc.exe) a été identifié comme étant légitime.
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgemc.exe
Ce service (avgemc.exe) a été identifié comme étant légitime.
O23 - Service: iPod Service - Apple Computer, Inc. - C:Program FilesiPodiniPodService.exe
Ce service (iPodService.exe) a été identifié comme étant légitime.
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
Ce service (HPZipm12.exe) a été identifié comme étant légitime.
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:WINDOWSSystem32wltrysvc.exe
Ce service (wltrysvc.exe) a été identifié comme étant légitime.
Merci de m'aider.