Tech Support banner
Status
Not open for further replies.
1 - 1 of 1 Posts

·
Registered
Joined
·
1 Posts
Discussion Starter · #1 ·
Hello everybody,

I know the title of my post sounds "very general" but here are my problems :
- I cannot access the properties of "my computer" (stuck rundll32.exe)
- I cannot access the "connection" tab in IE (I'm about to try to reinstall it... because it looks like other programs cannot do internet updates because of this)
and other problems with processes hanging randomly... :|
I don't know if this is window or malware related but I hope someone can give me new ideas to fix this ! :)

Here is the Hijackthis log :
-------------------------
Logfile of HijackThis v1.99.1
Scan saved at 10:09:58, on 19/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dev\OpenLDAP\slapd.exe
C:\oracle\ora92\bin\omtsreco.exe
C:\PROGRA~1\KONICA~1\PAGESC~2\PSMain.exe
C:\Program Files\KONICA MINOLTA\PageScope Job Spooler\jre\bin\javaw.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
c:\wamp\mysql\bin\mysqld-nt.exe
C:\Program Files\Dev\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\system32\taskswitch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\e-Carte Bleue\Banque Populaire\ECB-BP.exe
C:\Program Files\Tools\SuperCopier\SuperCopier.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Tools\ATnotes\ATnotes.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\System\WALLPA~1\WALLPA~1.EXE
C:\Program Files\System\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Web\pageant.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Tools\UberIcon\UberIcon Manager.exe
C:\Program Files\Web\Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\luszack\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxyconf.inrp.fr/autoconf.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Tools\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: URL Monitor1 - {7DAFD8A1-A6F8-11D3-9B51-0000E85300BA} - C:\PROGRA~1\Web\GetIt\IEHlpObj.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\Web\FlashGet\jccatch.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - (no file)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Web\Xi\NetTransport 2\NTIEHelper.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\Program Files\Dev\ZendStudioClient-4.0.2\bin\ZendIEToolbar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\Web\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Tools\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [eCarteBleue-BP] "C:\Program Files\e-Carte Bleue\Banque Populaire\ECB-BP.exe" /dontopenmycards
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\Tools\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\Tools\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WallPaper] C:\PROGRA~1\System\WALLPA~1\WALLPA~1.EXE /h
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\System\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [Pageant] "C:\Program Files\Web\pageant.exe" "C:\Program Files\Web\maclepublique.ppk"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\System\ERUNT\AUTOBACK.EXE
O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Web\Firefox\firefox.exe
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampserver.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: UberIcon.LNK = C:\Program Files\Tools\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Web\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Browster Prefetch On/Off - res://C:\PROGRA~1\Web\Browster\Browster.dll/CustomPrefetchMenu.htm
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\Web\HiDownload\HDGetAll.htm
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\Web\HiDownload\HDGet.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Web\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\Web\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\Web\FlashGet\jc_all.htm
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Dev\ZendStudioClient-4.0.2\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Dev\ZendStudioClient-4.0.2\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\Web\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\Web\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Flash Movie Extractor Scout LITE - {711E7684-E08F-4AB7-AAD1-9F0B63316613} - C:\Program Files\Web\Flash Movie Extractor Scout LITE\flashextract.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\Web\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\Web\FlashGet\flashget.exe
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\Web\HiDownload\hidownload.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\gapsp.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3484B03D-11AC-4884-A960-FAD6E62C4B49}: Domain = inrp.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{3484B03D-11AC-4884-A960-FAD6E62C4B49}: NameServer = 195.83.134.201,194.57.182.65
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\system32\catsrvut.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - Unknown owner - C:\Program Files\System\ewido anti-malware\ewidoctrl.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpenLDAP Directory Service (OpenLDAP-slapd) - Unknown owner - C:\Program Files\Dev\OpenLDAP\slapd.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - C:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: PageScope Job Spooler (PSJS) - ZeroG Software - C:\PROGRA~1\KONICA~1\PAGESC~2\PSMain.exe
O23 - Service: Intranet Server Client (SicltNT) - Apsynet - C:\WINDOWS\System32\Siclt32.exe
O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: wampapache - Unknown owner - c:\wamp\apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
 
1 - 1 of 1 Posts
Status
Not open for further replies.
Top