HijackThis

[Seraphita]

Bonjour à tout les membres de Zebulon

 

Juste un post pour savoir ce que je pourrais supprimer, bien que les analyse spybot et ad aware ne trouve rien. Merci ^^

 

Logfile of HijackThis v1.97.7

Scan saved at 21:12:33, on 27/06/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe

C:\WINDOWS\System32\dllhost.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\Program Files\Microsoft IntelliPoint\point32.exe

C:\Program Files\Tweak-XP Pro 3\transtask.exe

C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Download\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.free.fr/search/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKCU\..\Run: [TransTask] "C:\Program Files\Tweak-XP Pro 3\transtask.exe"

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe

O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html

O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html

O9 - Extra button: Packard Bell (HKLM)

O9 - Extra button: Real.com (HKLM)

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/fr/big/1.1....g/GoogleNav.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{A3A07B9C-4811-4195-AA74-D54FA521CD24}: NameServer = 213.228.0.23 212.27.32.176

[neos]

salut ça a l'air correcte va voir la http://www.zebulon.fr/articles/HijackThis.php pour une p'tite formation hijackthis

[ipl_001]

Bonsoir Seraphita, neos, bonsoir à tous,

 

Je te souhaite la bienvenue sur Zebulon !

 

Je ne suis pas encore formé mais il ne me semble pas qu'il y ait des problèmes (je me demande ce que fait cette ligne O14 inhabituelle mais comme elle parle de free.fr... bof) !

Certains n'aimeraient pas Real Player et la barre de recherche Google mais çà n epose pas de problème !

[Seraphita]

Merci bien cela me rassure

Mais si il y a des choses inutiles que l'on peut enlever sans risque, et bien je vous en serez trés reconnaissant

[ipl_001]

Bonsoir Seraphita, bonsoir à tous,

 

Je continue à propos de la barre de recherche Google : elle est considérée comme un spyware par beaucoup sur Zebulon !

Elle ne l'est pas sur des sites / forums US spécialistes des spywares !

 

La vérité est qu'elle peut être considérée comme un spyware selon notre propre "sensibilité" aux spywares (paranoïa) et le paramétrage retenu !

 

Voici une discussion "Is the Google Bar spyware?" avec pros et antis ( http://www.bullguard.com/forum/12/Is-the-G...pyware_150.html ) :

MrC   Posted 2/29/2004 11:48 PM (GMT +2)    

When you install the Google Bar and deselect the advanced features. Then the Google Bar won't send info to Google Inc.

 

It is up to you if it should be Spyware or not.

Vorlin   Posted 4/5/2004 10:18 AM (GMT +2)    

Well, everyone's entitled to their opinion and I definitely have mine, but there are a few things that these zealots (hehe) are forgetting.

 

1) We're all using Windows, which has been caught red-handed more times than I can count on sending back information to their servers. For how long and how much, who really knows? But everyone *expects* that to be done by MS but you don't see them saying anything about it. And we're not even getting into the whole conversation about what other programs have done this.

 

2) Trust online is a very rare thing, no doubt, but at the same time, look at Google's installation. It specifically asks you to make a choice about what kind of toolbar you want, one with advanced features or one that's plain-jane. Assuming you get the full-featured one, they blatantly state that they do NOT gather user information about the page requested but that the page requested page rank. There is a gaping difference between what some are saying and what Google's doing. For those of you who are so paranoid, crank up a network sniffer and check outgoing packets and payload. See if they're telling the truth.

 

And how can I even forget about quite possibly the worst company to ever do this? Anyone remember GAIN? It's STILL out there. If I could burn down a business, it'd be this one and I put it on the top of the hit list for getting this information gathering going on a hardcore level. But, I could be wrong.

 

In the end, you have to put your faith somewhere. For browsers, I put my faith in Opera. In spyware detection, I put my faith in Ad-Aware. In IM clients, I've donated over 80 USD to Cerulean Studios for their Trillian concept. For my clan voice capabilities, we've all donated at least 20 USD to Teamspeak.org. For OSes, I go with my own job trade; unix and linux (minus one legit XP machine for gaming until Winex gets everything done). I'd rather put my faith in the Google toolbar than any other company's version, especially MS.

 

Where do you put your faith?

[Seraphita]

Merci j'enleve ça de suite ^^