Comment interpréter un rapport de désinfection HijackThis ?

[qwer]

bonjour j'ai un backorifice et un trojan et je m'en sors pas on m'a conseille un hijackthis .. mais la moi qui suis d'un naturel gai ca me donne envie de pleurer

 

si vous pouviez me dire ce que je dois cocher pour le virer ?

 

merci mille fois d'avance

 

 

 

Logfile of HijackThis v1.97.7

Scan saved at 22:51:00, on 12/11/2004

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\carpserv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd.exe

C:\PROGRA~1\WANADOO\CnxMon.exe

C:\PROGRA~1\MESSAG~1\Demon.exe

C:\PROGRA~1\WANADOO\TaskbarIcon.exe

C:\Program Files\HP\Digital Imaging\Promotions\HPpromo.exe

C:\Program Files\Messenger Plus! 3\MsgPlus.exe

C:\Program Files\Windows AdTools\WinAdTools.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINDOWS\System32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Windows AdTools\WinRatchet.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Soft4Ever\looknstop\_looknstop.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

C:\Program Files\a2\a2guard.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE

C:\Program Files\modem ADSL USB\modem ADSL USB\dslmon.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\WINDOWS\System32\HPZipm12.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\messenger\recu\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.olidata.it

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll

O3 - Toolbar: (no name) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [CARPService] carpserv.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"

O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe

O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe

O4 - HKLM\..\Run: [HPpromo psc 1300 series] "C:\Program Files\HP\Digital Imaging\Promotions\HPpromo.exe" /N "psc 1300 series" -r

O4 - HKLM\..\Run: [adiras] adiras.exe

O4 - HKLM\..\Run: [Windows Registry Scan] timeupdate.exe

O4 - HKLM\..\Run: [microsoft-software] hifr.exe

O4 - HKLM\..\Run: [[Ephemeral 2.4] by TreeHugger, ] C:\DOCUME~1\CÉLINE~1\LOCALS~1\Temp\5.tmp.exe

O4 - HKLM\..\Run: [MSChoExE] suge.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [qkrgtvwsxux] C:\WINDOWS\System32\blegji.exe

O4 - HKLM\..\Run: [tjstartup] C:\WINDOWS\System\svchost.exe

O4 - HKLM\..\Run: [Windows AdTools] C:\Program Files\Windows AdTools\WinAdTools.exe

O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [scanInicio] "C:\Program Files\Panda Software\Panda Antivirus 6.0\Inicio.exe"

O4 - HKLM\..\Run: [ErrorGuard] C:\Program Files\ErrorGuard\ErrorGuard.Exe

O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize

O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto

O4 - HKLM\..\RunServices: [Windows Registry Scan] timeupdate.exe

O4 - HKLM\..\RunServices: [microsoft-software] hifr.exe

O4 - HKLM\..\RunServices: [MSChoExE] suge.exe

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [microsoft-software] hifr.exe

O4 - HKCU\..\Run: [MSChoExE] suge.exe

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe"

O4 - HKCU\..\RunServices: [microsoft-software] hifr.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE

O4 - Global Startup: DSLMON.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk142XXFR

O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: SideFind (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)

O9 - Extra button: Wanadoo (HKCU)

O14 - IERESET.INF: START_PAGE_URL=http://www.olidata.it

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php...2b333818ccf4f56

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab

O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4...006_regular.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{935C97CA-0571-4738-BD16-7D4922605309}: NameServer = 80.118.192.111 80.118.196.36

[megataupe]

Pour t'éviter la migraine, tu colles ton log ici :

 

http://hijackthis.de/index.php?langselect=french

 

et tu nettoies ce qui est en rouge (X en rouge).

[qwer]

genial merci

[zefilou]

Merci du tuyau Megataupe, ça va rendre bien des services à de nombreuses personnes ton petit lien.

[Laubean]

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\carpserv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd.exe  <---- sert a rien

C:\PROGRA~1\WANADOO\CnxMon.exe

C:\PROGRA~1\MESSAG~1\Demon.exe    <---- sert a rien

C:\PROGRA~1\WANADOO\TaskbarIcon.exe  <---- sert a rien

C:\Program Files\HP\Digital Imaging\Promotions\HPpromo.exe    <---- sert a rien

C:\Program Files\Messenger Plus! 3\MsgPlus.exe

C:\Program Files\Windows AdTools\WinAdTools.exe

C:\Program Files\QuickTime\qttask.exe    <---- sert a rien

C:\WINDOWS\System32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Windows AdTools\WinRatchet.exe  <---- A VIRER

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Soft4Ever\looknstop\_looknstop.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe 

C:\Program Files\a2\a2guard.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE    <---- sert a rien

C:\Program Files\modem ADSL USB\modem ADSL USB\dslmon.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\WINDOWS\System32\HPZipm12.exe    <---- sert a rien

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\messenger\recu\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr  <---- a toi de voir si tu veux www.neuf.fr en page de demarrage

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.olidata.it  <---- sert a rien [/b]

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo    <---- sert a rien

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank  <---- sert a rien

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens  <---- sert a rien

O2 - BHO: (no name) - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll  <---- a virer

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll  <---- a virer

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll  <---- a virer

O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll  <---- a virer

O3 - Toolbar: (no name) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [CARPService] carpserv.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe  <---- a virer

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"  <---- sert a rien

O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe

O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe

O4 - HKLM\..\Run: [HPpromo psc 1300 series] "C:\Program Files\HP\Digital Imaging\Promotions\HPpromo.exe" /N "psc 1300 series" -r  <---- sert a rien

O4 - HKLM\..\Run: [adiras] adiras.exe

O4 - HKLM\..\Run: [Windows Registry Scan] timeupdate.exe  <---- a virer

O4 - HKLM\..\Run: [microsoft-software] hifr.exe  <---- a virer

O4 - HKLM\..\Run: [[Ephemeral 2.4] by TreeHugger, ] C:\DOCUME~1\CÉLINE~1\LOCALS~1\Temp\5.tmp.exe  <---- A VIRER!!!!!!!!!!

O4 - HKLM\..\Run: [MSChoExE] suge.exe  <---- A VIRER

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [qkrgtvwsxux] C:\WINDOWS\System32\blegji.exe    <---- A VIRER

O4 - HKLM\..\Run: [tjstartup] C:\WINDOWS\System\svchost.exe

O4 - HKLM\..\Run: [Windows AdTools] C:\Program Files\Windows AdTools\WinAdTools.exe

O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe  <---- A VIRER

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime  <---- A VIRER

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE  <---- A VIRER

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [scanInicio] "C:\Program Files\Panda Software\Panda Antivirus 6.0\Inicio.exe"

O4 - HKLM\..\Run: [ErrorGuard] C:\Program Files\ErrorGuard\ErrorGuard.Exe  <----  [/b]

O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize

O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto

O4 - HKLM\..\RunServices: [Windows Registry Scan] timeupdate.exe  <---- A VIRER

O4 - HKLM\..\RunServices: [microsoft-software] hifr.exe  <---- A VIRER

O4 - HKLM\..\RunServices: [MSChoExE] suge.exe  <---- A VIRER

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit  <---- A VIRER

O4 - HKCU\..\Run: [microsoft-software] hifr.exe  <---- A VIRER

O4 - HKCU\..\Run: [MSChoExE] suge.exe  <---- A VIRER

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe  <---- A VIRER

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe  <---- A VIRER

O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe"

O4 - HKCU\..\RunServices: [microsoft-software] hifr.exe  <---- A VIRER

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE  <---- sert a rien

O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE  <---- sert a rien

O4 - Global Startup: DSLMON.lnk = ?

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html  <---- A VIRER

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk142XXFR  <---- A VIRER

O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html  <---- A VIRER

O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html  <---- A VIRER

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html  <---- A VIRER

O9 - Extra button: SideFind (HKLM)  <---- A VIRER

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)

O9 - Extra button: Wanadoo (HKCU)

O14 - IERESET.INF: START_PAGE_URL=http://www.olidata.it  <---- A VIRER

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php...2b333818ccf4f56  <---- A VIRER

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab  <---- A VIRER

O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4...006_regular.cab  <---- A VIRER

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab  <---- A VIRER

O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab  <---- A VIRER

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab  <---- sert a rien

O17 - HKLM\System\CCS\Services\Tcpip\..\{935C97CA-0571-4738-BD16-7D4922605309}: NameServer = 80.118.192.111 80.118.196.36

 

bon nettoyage!!

[qwer]

merci !!! le test en ligne lui il trouve rien d'anormal !

 

merci bcp

[qwer]

mais tu fais comment pour virer les

 

C:\Program Files\HP\HP Software Update\HPWuSchd.exe <---- sert a rien

C:\PROGRA~1\MESSAG~1\Demon.exe <---- sert a rien

 

il y a pas de cases a cocher dans HiJackThis ?!

 

sous XP c ou ?

 

merci

[JCGL]

Bonjour,

 

Tu coches ceux que tu veux supprimer et tu cliques sur "Fixed"

 

A+

 

421157[/snapback]

[Laubean]

Tu vas dans démarrer, executer, et tapes ceci :

msconfig

 

Tu les trouveras là.

[qwer]

c les memes que dans spybot > outils > demarrage du systeme ?

 

merci encore