bonjour voici mon rapport de hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 15:01:48, on 14/01/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
D:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
D:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
D:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
D:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
D:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
D:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
D:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
D:\WINDOWS\system32\cmd.exe
D:\WINDOWS\System32\imode.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\imode.exe
D:\WINDOWS\System32\usbhdctl.exe
D:\WINDOWS\System32\usbhdctl.exe
D:\WINDOWS\System32\mssearchnet.exe
D:\WINDOWS\System32\nvctrl.exe
C:\PROGRA~1\wanadoo\CnxMon.exe
D:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
D:\Program Files\Wanadoo\taskbaricon.exe
D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
D:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Winamp\winampa.exe
D:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
D:\Program Files\Java\jre1.5.0\bin\jusched.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
D:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\WANADOO\SEARCH~1.DLL
O1 - Hosts: 69.31.81.22 www.google.ae
O1 - Hosts: 69.31.81.22 www.google.am
O1 - Hosts: 69.31.81.22 www.google.as
O1 - Hosts: 69.31.81.22 www.google.at
O1 - Hosts: 69.31.81.22 www.google.az
O1 - Hosts: 69.31.81.22 www.google.be
O1 - Hosts: 69.31.81.22 www.google.bi
O1 - Hosts: 69.31.81.22 www.google.ca
O1 - Hosts: 69.31.81.22 www.google.cd
O1 - Hosts: 69.31.81.22 www.google.cg
O1 - Hosts: 69.31.81.22 www.google.ch
O1 - Hosts: 69.31.81.22 www.google.ci
O1 - Hosts: 69.31.81.22 www.google.cl
O1 - Hosts: 69.31.81.22 www.google.co.cr
O1 - Hosts: 69.31.81.22 www.google.co.hu
O1 - Hosts: 69.31.81.22 www.google.co.il
O1 - Hosts: 69.31.81.22 www.google.co.in
O1 - Hosts: 69.31.81.22 www.google.co.je
O1 - Hosts: 69.31.81.22 www.google.co.jp
O1 - Hosts: 69.31.81.22 www.google.co.ke
O1 - Hosts: 69.31.81.22 www.google.co.kr
O1 - Hosts: 69.31.81.22 www.google.co.ls
O1 - Hosts: 69.31.81.22 www.google.co.nz
O1 - Hosts: 69.31.81.22 www.google.co.th
O1 - Hosts: 69.31.81.22 www.google.co.ug
O1 - Hosts: 69.31.81.22 www.google.co.uk
O1 - Hosts: 69.31.81.22 www.google.co.ve
O1 - Hosts: 69.31.81.22 www.google.com
O1 - Hosts: 69.31.81.22 www.google.com.ag
O1 - Hosts: 69.31.81.22 www.google.com.ar
O1 - Hosts: 69.31.81.22 www.google.com.au
O1 - Hosts: 69.31.81.22 www.google.com.br
O1 - Hosts: 69.31.81.22 www.google.com.co
O1 - Hosts: 69.31.81.22 www.google.com.cu
O1 - Hosts: 69.31.81.22 www.google.com.do
O1 - Hosts: 69.31.81.22 www.google.com.ec
O1 - Hosts: 69.31.81.22 www.google.com.fj
O1 - Hosts: 69.31.81.22 www.google.com.gi
O1 - Hosts: 69.31.81.22 www.google.com.gr
O1 - Hosts: 69.31.81.22 www.google.com.gt
O1 - Hosts: 69.31.81.22 www.google.com.hk
O1 - Hosts: 69.31.81.22 www.google.com.ly
O1 - Hosts: 69.31.81.22 www.google.com.mt
O1 - Hosts: 69.31.81.22 www.google.com.mx
O1 - Hosts: 69.31.81.22 www.google.com.my
O1 - Hosts: 69.31.81.22 www.google.com.na
O1 - Hosts: 69.31.81.22 www.google.com.nf
O1 - Hosts: 69.31.81.22 www.google.com.ni
O1 - Hosts: 69.31.81.22 www.google.com.np
O1 - Hosts: 69.31.81.22 www.google.com.pa
O1 - Hosts: 69.31.81.22 www.google.com.pe
O1 - Hosts: 69.31.81.22 www.google.com.ph
O1 - Hosts: 69.31.81.22 www.google.com.pk
O1 - Hosts: 69.31.81.22 www.google.com.pr
O1 - Hosts: 69.31.81.22 www.google.com.py
O1 - Hosts: 69.31.81.22 www.google.com.sa
O1 - Hosts: 69.31.81.22 www.google.com.sg
O1 - Hosts: 69.31.81.22 www.google.com.sv
O1 - Hosts: 69.31.81.22 www.google.com.tr
O1 - Hosts: 69.31.81.22 www.google.com.tw
O1 - Hosts: 69.31.81.22 www.google.com.ua
O1 - Hosts: 69.31.81.22 www.google.com.uy
O1 - Hosts: 69.31.81.22 www.google.com.vc
O1 - Hosts: 69.31.81.22 www.google.com.vn
O1 - Hosts: 69.31.81.22 www.google.de
O1 - Hosts: 69.31.81.22 www.google.dj
O1 - Hosts: 69.31.81.22 www.google.dk
O1 - Hosts: 69.31.81.22 www.google.es
O1 - Hosts: 69.31.81.22 www.google.fi
O1 - Hosts: 69.31.81.22 www.google.fm
O1 - Hosts: 69.31.81.22 www.google.fr
O1 - Hosts: 69.31.81.22 www.google.gg
O1 - Hosts: 69.31.81.22 www.google.gl
O1 - Hosts: 69.31.81.22 www.google.gm
O1 - Hosts: 69.31.81.22 www.google.hn
O1 - Hosts: 69.31.81.22 www.google.ie
O1 - Hosts: 69.31.81.22 www.google.it
O1 - Hosts: 69.31.81.22 www.google.kz
O1 - Hosts: 69.31.81.22 www.google.li
O1 - Hosts: 69.31.81.22 www.google.lt
O1 - Hosts: 69.31.81.22 www.google.lu
O1 - Hosts: 69.31.81.22 www.google.lv
O1 - Hosts: 69.31.81.22 www.google.mn
O1 - Hosts: 69.31.81.22 www.google.ms
O1 - Hosts: 69.31.81.22 www.google.mu
O1 - Hosts: 69.31.81.22 www.google.mw
O1 - Hosts: 69.31.81.22 www.google.nl
O1 - Hosts: 69.31.81.22 www.google.no
O1 - Hosts: 69.31.81.22 www.google.off.ai
O1 - Hosts: 69.31.81.22 www.google.pl
O1 - Hosts: 69.31.81.22 www.google.pn
O1 - Hosts: 69.31.81.22 www.google.pt
O1 - Hosts: 69.31.81.22 www.google.ro
O1 - Hosts: 69.31.81.22 www.google.ru
O1 - Hosts: 69.31.81.22 www.google.rw
O1 - Hosts: 69.31.81.22 www.google.se
O1 - Hosts: 69.31.81.22 www.google.sh
O1 - Hosts: 69.31.81.22 www.google.sk
O1 - Hosts: 69.31.81.22 www.google.sm
O1 - Hosts: 69.31.81.22 www.google.td
O1 - Hosts: 69.31.81.22 www.google.tm
O2 - BHO: International - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - D:\WINDOWS\System32\hpD476.tmp
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Date Bar - {A833AB67-7368-457E-B8BF-249CCD8DDD14} - D:\DOCUME~1\souche\LOCALS~1\Temp\dbar.dll
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - D:\WINDOWS\System32\WinNB57.dll (file missing)
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "D:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] D:\Program Files\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [EM_EXEC] D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [LDM] D:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe
O4 - HKLM\..\Run: [MMTray] D:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [siSUSBRG] D:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [msnmsgsgsfa] D:\WINDOWS\msnmsgsgsaf.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [sunJavaUpdateSched] D:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [sp] rundll32 D:\DOCUME~1\souche\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKLM\..\Run: [MSConfig] D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] D:\Program Files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: >>> FREE PORN GALLERIES <<< - javascript:{document.location='http://sexmaxx.com/freegalleries.htm';}
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: (no name) - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - D:\WINDOWS\System32\shdocvw.dll (HKCU)
O12 - Plugin for .mpeg: D:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mpg: D:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
O16 - DPF: {43331111-1111-1111-1111-611111195622} - file://c:\ex.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f003.mail.caramail.lycos.fr/app/upl...ileUploader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {350B96FC-D402-4E6D-8532-805CFE025910} - D:\WINDOWS\System32\ahfg.dll
O18 - Filter: text/plain - {350B96FC-D402-4E6D-8532-805CFE025910} - D:\WINDOWS\System32\ahfg.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34546} - D:\WINDOWS\System32\vbsys2.dll (file missing)
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - D:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - D:\Program Files\Securitoo\av_fw\Common\FSAA.EXE (file missing)
O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: InstallShield Licensing Service - Macrovision - D:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
