Tom's Guide > Forum > Sécurité - Virus > Que dois-je fixchecked ? HijackThis

Que dois-je fixchecked ? HijackThis

Forum Sécurité - Virus : Que dois-je fixchecked ? HijackThis

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
franckB@IDN   11-12-2005 à 01:45:54

Bonsoir,
Je poste ici un log HiJackThis pour voir si mon PC est au point.
Pouvez-vous me dire quelles lignes dois-je FixChecked ?
Merci

--
Logfile of HijackThis v1.99.1
Scan saved at 01:35:47, on 11/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\No-IP\DUC20.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\OLITEC - Moniteur réseau 802.11g\WlanUtil.exe
C:\Program Files\WebGalaxis\GalaxiShip\GalaxiShip.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\BitTorrent\btdownloadgui.exe
C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Boudraa Franck\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\BOUDRA~1\LOCALS~1\Temp\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\BOUDRA~1\LOCALS~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.msn.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.worldusa.com" ); (C:\Program Files\Netscape\Users\fb_striker\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: GalaxiShip PlugIns Loader - {5A699E3F-08EA-46E4-A9AC-E6F1570D07C2} - C:\Program Files\WebGalaxis\GalaxiShip\PlugIns.4000\GS_Loader.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)
O2 - BHO: (no name) - {D68866C4-4B2F-FBA9-68F4-FF35E46FA15D} - C:\DOCUME~1\BOUDRA~1\APPLIC~1\LESSSU~1\that surf.exe
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {d602297b-31c3-4dc2-925d-572424d41526} - (no file)
O3 - Toolbar: DeepIndex Toolbar - {5F1ABCDB-A875-46c1-8345-B72A45670056} - C:\PROGRA~1\DEEPIN~1\toolbar.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Active Shield] C:\Program Files\Security Stronghold\Active Shield\ActiveShield.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Mercora] "C:\Program Files\Mercora\MercoraClient.exe" -startup
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [poll audio mess bait] C:\Documents and Settings\All Users\Application Data\bike plus poll audio\Wipeflag.exe
O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LITE 4] C:\DOCUME~1\BOUDRA~1\APPLIC~1\FLAPJU~1\FILE ATOM.exe
O4 - Startup: Eurobarre.lnk = C:\Program Files\eurobarre\eb.exe
O4 - Startup: GalaxiShip-VirginMega.fr.lnk = C:\Program Files\WebGalaxis\GalaxiShip\GalaxiShip.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancer l'utilitaire Olitec.lnk = ?
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\justDo\IECatcher.DLL/FlashCatcher.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'c:\program files\google\google desktop search\googledesktopnetwork1.dll' missing
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://videohd.m6.fr.ipercast.net/installer-hidden.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?li [...] lcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://videomessages.wanadoo.fr/VTToolkit.ocx
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ [...] /setup.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 4087392875
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn. [...] tPkMSN.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activ [...] asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.extrafilm.fr/import/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1) -
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by10fd.bay10.hotmail.msn.co [...] Atchmt.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{64B8631C-724A-4CFF-AA09-686E12BEC222}: NameServer = 80.10.246.2,80.10.246.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B16FE42-C153-4E69-9FEB-58A2DCEB9732}: NameServer = 193.252.19.3,193.252.19.4
O18 - Protocol: bt2 - {1730B77B-F429-498F-9B15-4514D83C8294} - C:\PROGRA~1\BT2Net\BT2PLU~1.DLL (file missing)
O18 - Protocol: bw+0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D661D654-8175-4774-85E9-5E85B72B9246} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: application/x-bt2 - {6E1DDCE8-76BC-4390-9488-806E8FB1AD77} - C:\PROGRA~1\BT2Net\BT2PLU~1.DLL
O18 - Filter: text/html - {C6912109-C89B-4549-9EA8-7D9DBAB88482} - (no file)
O18 - Filter: text/plain - {C6912109-C89B-4549-9EA8-7D9DBAB88482} - (no file)
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program Files\No-IP\DUC20.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
OmaR   12-12-2005 à 09:59:14
- 0 +

Salut,

1/ Redémarrer en mode sans échec

Redémarre l'ordinateur. Après les écritures du BIOS, appuyes sur F8 (ou F5 si F8 marche pas) pour arriver à un menu avec des écritures blanches sur un fond noir.

Dans ce menu, tu dois pouvoir choisir le mode sans échec (celà se passe avec les flèches et Entrée pour valider).

Le démarrage en mode sans échec est souvent relativement long. Si tu as des écritures blanches bizarres, ne t'inquiètes pas.
Prend juste ton mal en patience. ;-)


2/ Fixer des lignes

Relances HijackThis. Choisi Do a system scan only cette fois-ci.
Puis coche les lignes suivantes, et appuie sur Fix Checked.


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {D68866C4-4B2F-FBA9-68F4-FF35E46FA15D} - C:\DOCUME~1\BOUDRA~1\APPLIC~1\LESSSU~1\that surf.exe
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {d602297b-31c3-4dc2-925d-572424d41526} - (no file)
O3 - Toolbar: DeepIndex Toolbar - {5F1ABCDB-A875-46c1-8345-B72A45670056} - C:\PROGRA~1\DEEPIN~1\toolbar.dll (file missing)

O4 - HKLM\..\Run: [poll audio mess bait] C:\Documents and Settings\All Users\Application Data\bike plus poll audio\Wipeflag.exe

O4 - HKCU\..\Run: [LITE 4] C:\DOCUME~1\BOUDRA~1\APPLIC~1\FLAPJU~1\FILE ATOM.exe

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ [...] /setup.exe

O18 - Filter: text/html - {C6912109-C89B-4549-9EA8-7D9DBAB88482} - (no file)
O18 - Filter: text/plain - {C6912109-C89B-4549-9EA8-7D9DBAB88482} - (no file)



3/ Afficher tous les fichiers

Dans l'explorateur de Windows (par ex) :
Outils -> Options des dossier -> onglet Affichage

Coche : Afficher les fichiers cachés
Décoche : Masquer les extensions des types connus
Décoche : Masquer les fichiers protégés du système d'exploitation


6/ Supprimer des fichiers

Supprime les dossiers en gras suivants :

C:\DOCUME~1\BOUDRA~1\APPLIC~1\LESSSU~1\
C:\PROGRA~1\DEEPIN~1\
C:\Documents and Settings\All Users\Application Data\bike plus poll audio\
C:\DOCUME~1\BOUDRA~1\APPLIC~1\FLAPJU~1\


Lorsqu'il y a marqué ~1, ça veut dire que tu n'as que le début du dossier d'écrit.
Exemple :
DOCUME~1 = Documents and Settings
APPLIC~1 = Application Data
etc...


7/ Redémarrer normalement

Redémarre normalement l'ordinateur.


8/ Remettre la configuration de l'affichage des fichiers comme avant

Dans l'explorateur de Windows (par ex) :
Outils -> Options des dossier -> onglet Affichage
Remet tout comme avant (si tu affichais déjà tous les fichiers, ne change rien).

Décoche : Afficher les fichiers cachés
Coche : Masquer les extensions des types connus
Coche : Masquer les fichiers protégés du système d'exploitation


9/ Nettoyer les traces avec CCleaner et Kaspersky

Fais des analyses avec CCleaner et Kaspersky.

Si tu ne sais pas utiliser Kaspersky :

Citation :

Alors, pour le scan online de Kaspersky, fais ceci :
- va ici (obligé d'utiliser IE)
- choisi Kaspersky Online Scanner
- dans la popup qui s'ouvre, choisi Accept
- là, il met à jour les définitions de virus
- il peut te demander d'accepter un ActiveX, accepte le, une fois que la mise à jour est finie
- clique sur Next
- puis clique sur My computer
- attend que le scan se réalise
- post ton log final




10/ Reposter un log

Relances HijackThis. Choisi Do a system scan and save a logfile.
Et repostes nous ton nouveau log en nous précisant les étapes que tu n'as pas réussi.

Répondre à OmaR
franckB@IDN   12-12-2005 à 23:21:03
- 0 +

Salut,
Merci de ton aide !
Je n'ai pas encore fait ceci, je vais le faire demain.
Je voulais aussi m'assurer pourquoi tu me dit de FixChecked ceci :
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ [...] /setup.exe
Car j'utilise le Client Manager de OD2 (Wanadoo Juke Box) et je ne crois pas que c'est dangereux.
Merci

Répondre à franckB@IDN
OmaR   13-12-2005 à 14:48:47
- 0 +

Salut,

Les lignes O16 représentes les ActiveX téléchargés sur Internet avec Internet Explorer.

Etant donné que je ne connais pas ce site, je préfère te dire de le supprimer plutot que de te laisser un ActiveX potentiellement dangereux.
Mais si tu connais tu peux le garder. De toute facon, si tu le supprimes, lorsque tu retourneras sur le site, il te proposera de le retélécharger.

Répondre à OmaR
Gunday   11-11-2008 à 02:02:52
- 0 +

Salut , j'ai des problèmes de redirections avec les pages de google
je ne connais pas très bien hijackthis
j'aimerais savoir ce que je dois " fix checked "

merci.




Logfile of HijackThis v1.99.1
Scan saved at 01:55:45, on 11/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\drivers\svchost.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Compaq_Propriétaire\Bureau\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vivendi-universal-inter [...] 05947.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [sclauncher] C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{102F5915-8863-4D6D-8F83-5541AB5C4D2F}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{102F5915-8863-4D6D-8F83-5541AB5C4D2F}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{102F5915-8863-4D6D-8F83-5541AB5C4D2F}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Répondre à Gunday
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Que dois-je fixchecked ? HijackThis
Aller à :

Il y a 2726 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,202 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens