Analyse log d'HijackThis
lnc
Messages postés
20
Statut
Membre
-
lnc Messages postés 20 Statut Membre -
lnc Messages postés 20 Statut Membre -
bonjour tous
qu'un peut il m'aider a resoudre quelques problemes de suppression de winsock hijacker 010Je suis allée sur le site http://hijackthis.de/fr qui me dit qu'il faut les supprimer avec spybot S&D mais ils sont toujours là que puis je faire
merci de votre aide
Voici le log d'HijackThis.
Logfile of HijackThis v1.98.2
Scan saved at 12:12:31, on 06/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\ANTI VIRUS\antivir1\decompression\AVGUARD.EXE
D:\ANTI VIRUS\antivir1\decompression\AVWUPSRV.EXE
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\MSN MESSENGER\MsgPlus.exe
D:\ANTI VIRUS\antivir1\decompression\AVGNT.EXE
D:\ANTI VIRUS\antivir1\decompression\AVSched32.EXE
C:\WINDOWS\System32\rundll32.exe
F:\framxpro\Nouveau dossier\framxpro\FreeRAM XP Pro 1.40.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\wuauclt.exe
D:\Hijackthis\Nouveau dossier\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bxbiypfrcegizcdzxjuavew.com/1ln1QskYt_H3lOmYxQO_/KBl/7YkLUD_iNNExvwKMSqz_Dsp05x7uEdnutovguJq.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "D:\MSN MESSENGER\MsgPlus.exe"
O4 - HKLM\..\Run: [AVGCtrl] D:\ANTI VIRUS\antivir1\decompression\AVGNT.EXE /min
O4 - HKLM\..\Run: [AVSCHED32] D:\ANTI VIRUS\antivir1\decompression\AVSched32.EXE /min
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKCU\..\Run: [MessengerPlus3] "D:\MSN MESSENGER\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [FreeRAM XP] "F:\framxpro\Nouveau dossier\framxpro\FreeRAM XP Pro 1.40.exe" -win
O4 - HKCU\..\Run: [Deadphone] C:\DOCUME~1\ln\APPLIC~1\GRIM01~1\Bike close.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101165374578
O18 - Filter: text/html - {22A11FEC-95B6-44F4-BABC-B83F5C175FBB} - C:\Documents and Settings\ln\Local Settings\Application Data\microsoft\internet explorer\V0.26.dat
encore merci
qu'un peut il m'aider a resoudre quelques problemes de suppression de winsock hijacker 010Je suis allée sur le site http://hijackthis.de/fr qui me dit qu'il faut les supprimer avec spybot S&D mais ils sont toujours là que puis je faire
merci de votre aide
Voici le log d'HijackThis.
Logfile of HijackThis v1.98.2
Scan saved at 12:12:31, on 06/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\ANTI VIRUS\antivir1\decompression\AVGUARD.EXE
D:\ANTI VIRUS\antivir1\decompression\AVWUPSRV.EXE
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\MSN MESSENGER\MsgPlus.exe
D:\ANTI VIRUS\antivir1\decompression\AVGNT.EXE
D:\ANTI VIRUS\antivir1\decompression\AVSched32.EXE
C:\WINDOWS\System32\rundll32.exe
F:\framxpro\Nouveau dossier\framxpro\FreeRAM XP Pro 1.40.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\wuauclt.exe
D:\Hijackthis\Nouveau dossier\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bxbiypfrcegizcdzxjuavew.com/1ln1QskYt_H3lOmYxQO_/KBl/7YkLUD_iNNExvwKMSqz_Dsp05x7uEdnutovguJq.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "D:\MSN MESSENGER\MsgPlus.exe"
O4 - HKLM\..\Run: [AVGCtrl] D:\ANTI VIRUS\antivir1\decompression\AVGNT.EXE /min
O4 - HKLM\..\Run: [AVSCHED32] D:\ANTI VIRUS\antivir1\decompression\AVSched32.EXE /min
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKCU\..\Run: [MessengerPlus3] "D:\MSN MESSENGER\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [FreeRAM XP] "F:\framxpro\Nouveau dossier\framxpro\FreeRAM XP Pro 1.40.exe" -win
O4 - HKCU\..\Run: [Deadphone] C:\DOCUME~1\ln\APPLIC~1\GRIM01~1\Bike close.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101165374578
O18 - Filter: text/html - {22A11FEC-95B6-44F4-BABC-B83F5C175FBB} - C:\Documents and Settings\ln\Local Settings\Application Data\microsoft\internet explorer\V0.26.dat
encore merci
A voir également:
- Analyse log d'HijackThis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Analyse composant pc - Guide
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Analyse performance pc - Guide
- Nouveau tag analysé - Forum Huawei
4 réponses
Salut
cocher et fixer
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bxbiypfrcegizcdzxjuavew.com/1ln1QskYt_H3lOmYxQO_/KBl/7YkLUD_iNNExvwKMSqz_Dsp05x7uEdnutovguJq.html
O4 - HKCU\..\Run: [MessengerPlus3] "D:\MSN MESSENGER\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Deadphone] C:\DOCUME~1\ln\APPLIC~1\GRIM01~1\Bike close.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
cocher et fixer
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bxbiypfrcegizcdzxjuavew.com/1ln1QskYt_H3lOmYxQO_/KBl/7YkLUD_iNNExvwKMSqz_Dsp05x7uEdnutovguJq.html
O4 - HKCU\..\Run: [MessengerPlus3] "D:\MSN MESSENGER\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Deadphone] C:\DOCUME~1\ln\APPLIC~1\GRIM01~1\Bike close.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
