je pense avoir mon pc infecté, voici le rapport . pouvez vous m'aider dans son analyse.
merci par avanceLogfile of HijackThis v1.99.1
Scan saved at 20:14:44, on 15/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
D:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
D:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
D:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
D:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
D:\WINDOWS\System32\FTRTSVC.exe
D:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
D:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
D:\Program Files\AntivirusFirewall\Common\FCH32.EXE
D:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
D:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
D:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
D:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
D:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\AntivirusFirewall\Common\FSM32.EXE
D:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
D:\PROGRA~1\Wanadoo\TaskBarIcon.exe
D:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
D:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
D:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
D:\PROGRA~1\Wanadoo\ComComp.exe
D:\PROGRA~1\Wanadoo\Toaster.exe
D:\PROGRA~1\Wanadoo\Inactivity.exe
D:\PROGRA~1\Wanadoo\PollingModule.exe
D:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
D:\PROGRA~1\Wanadoo\Watch.exe
D:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
D:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "D:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "D:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] D:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - Global Startup: Antivirus Firewall.lnk = D:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - D:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - D:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - D:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - D:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - D:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - D:\WINDOWS\System32\FTRTSVC.exe
Afficher la suite
