Scan Hijack This à déchiffrer

joke0

02/03/2004 à 13:18

Salut,

Majesty:

Quelqu'un pourrait m'aider t-il à déchiffrer un scan de Hijack
This ?

Vas-y poste ça ici ;-)

--
joke0

Majesty

02/03/2004 à 13:31

Voilà, merci d'avance :

Logfile of HijackThis v1.97.7
Scan saved at 13:12:35, on 02/03/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINNTSystem32smss.exe
C:WINNTsystem32winlogon.exe
C:WINNTsystem32services.exe
C:WINNTsystem32lsass.exe
C:WINNTsystem32svchost.exe
C:WINNTsystem32spoolsv.exe
C:WINNTSystem32cisvc.exe
C:WINNTSystem32svchost.exe
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanMcshield.exe
C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
C:Program FilesNetOp Remote ControlHOSTNHOSTSVC.EXE
C:WINNTsystem32regsvc.exe
C:WINNTsystem32MSTask.exe
C:WINNTSystem32WBEMWinMgmt.exe
C:Program FilesorlvncfrWinVNC.exe
C:WINNTsystem32svchost.exe
C:WINNTExplorer.EXE
C:Program FilesMicrosoft HardwareMousepoint32.exe
C:Program FilesMessenger Plus! 2MsgPlus.exe
C:Program FilesNetwork AssociatesVirusScanSHSTAT.EXE
C:Program FilesNetwork AssociatesCommon FrameworkUpdaterUI.exe
C:WINNTsystem32spoolDRIVERSW32X863fppdis2a.exe
C:WINNTsystem32ezSP_Px.exe
C:WINNTsystem32ctfmon.exe
C:WINNTSystem32svchost.exe
C:Program FilesAstaseUltraBackupUltraBackup.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesMicrosoft OfficeOFFICE11OUTLOOK.EXE
C:WINNTSystem32cidaemon.exe
C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE
C:Program FilesCrazy BrowserCrazy Browser.exe
C:Program FilesPersoftSTEssenSTOFFICE.EXE
C:Program FilesMicrosoft OfficeOFFICE11WINWORD.EXE
C:Program FilesOutlook Expressmsimn.exe
C:Documents and SettingsgimenezBureauHijackThis.exe

O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program
FilesAdobeAcrobat 5.0AcrobatActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {4e851ad3-d175-415d-b734-39a4abbb73f5} -
C:DOCUME~1gimenezAPPLIC~1oolacrfrdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINNTSystem32msdxm.ocx
O4 - HKLM..Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM..Run: [LoadQM] loadqm.exe
O4 - HKLM..Run: [Watch] C:PROGRA~1MinitelWatch.exe
O4 - HKLM..Run: [POINTER] point32.exe
O4 - HKLM..Run: [MessengerPlus2] "C:Program FilesMessenger Plus!
2MsgPlus.exe"
O4 - HKLM..Run: [ShStatEXE] "C:Program FilesNetwork
AssociatesVirusScanSHSTAT.EXE" /STANDALONE
O4 - HKLM..Run: [McAfeeUpdaterUI] "C:Program FilesNetwork
AssociatesCommon FrameworkUpdaterUI.exe"
O4 - HKLM..Run: [NeroCheck] C:WINNTSystem32NeroCheck.exe
O4 - HKLM..Run: [pdfFactory Pro Dispatcher v2]
C:WINNTsystem32spoolDRIVERSW32X863fppdis2a.exe
O4 - HKLM..Run: [WinVNC] "C:Program
FilesorlvncfrWinVNC.exe" -servicehelper
O4 - HKLM..Run: [GNUB] C:WINNTGNUB.exe
O4 - HKLM..Run: [ezShieldProtector for Px] C:WINNTsystem32ezSP_Px.exe
O4 - HKLM..Run: [TrojanScanner] C:Program FilesTrojan
RemoverTrjscan.exe
O4 - HKCU..Run: [MessengerPlus2] "C:Program FilesMessenger Plus!
2MsgPlus.exe" /WinStart
O4 - HKCU..Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU..Run: [UltraBackup] "C:Program
FilesAstaseUltraBackupUltraBackup.exe" /start
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN Messengermsnmsgr.exe"
/background
O4 - Startup: OUTLOOK.lnk = C:Program FilesMicrosoft
OfficeOFFICE11OUTLOOK.EXE
O8 - Extra context menu item: Chercher avec Copernic - C:Program
FilesCopernic 2001 ProSearch Extension.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: Girafa (HKLM)
O9 - Extra button: Recherche (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) - http://active.macromedia.com/director/cabs/sw.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl
Class) - http://216.249.24.140/code/PWActiveXImgCtl.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?1050478050946
O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} (TeleTVA Control) -
https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) -
http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) -
http://www.sponsoradulto.com/es/SysWebTelecom.cab
O17 - HKLMSystemCCSServicesTcpipParameters: Domain = simbafr-dom.local
O17 - HKLMSystemCS1ServicesTcpipParameters: Domain = simbafr-dom.local
O17 - HKLMSystemCS2ServicesTcpipParameters: Domain = simbafr-dom.local
"joke0" a écrit dans le message de
news:

Salut,

Majesty:
Quelqu'un pourrait m'aider t-il à déchiffrer un scan de Hijack
This ?

Vas-y poste ça ici ;-)

--
joke0

Voilà, merci d'avance :

Logfile of HijackThis v1.97.7
Scan saved at 13:12:35, on 02/03/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINNTSystem32smss.exe
C:WINNTsystem32winlogon.exe
C:WINNTsystem32services.exe
C:WINNTsystem32lsass.exe
C:WINNTsystem32svchost.exe
C:WINNTsystem32spoolsv.exe
C:WINNTSystem32cisvc.exe
C:WINNTSystem32svchost.exe
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanMcshield.exe
C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
C:Program FilesNetOp Remote ControlHOSTNHOSTSVC.EXE
C:WINNTsystem32regsvc.exe
C:WINNTsystem32MSTask.exe
C:WINNTSystem32WBEMWinMgmt.exe
C:Program FilesorlvncfrWinVNC.exe
C:WINNTsystem32svchost.exe
C:WINNTExplorer.EXE
C:Program FilesMicrosoft HardwareMousepoint32.exe
C:Program FilesMessenger Plus! 2MsgPlus.exe
C:Program FilesNetwork AssociatesVirusScanSHSTAT.EXE
C:Program FilesNetwork AssociatesCommon FrameworkUpdaterUI.exe
C:WINNTsystem32spoolDRIVERSW32X863fppdis2a.exe
C:WINNTsystem32ezSP_Px.exe
C:WINNTsystem32ctfmon.exe
C:WINNTSystem32svchost.exe
C:Program FilesAstaseUltraBackupUltraBackup.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesMicrosoft OfficeOFFICE11OUTLOOK.EXE
C:WINNTSystem32cidaemon.exe
C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE
C:Program FilesCrazy BrowserCrazy Browser.exe
C:Program FilesPersoftSTEssenSTOFFICE.EXE
C:Program FilesMicrosoft OfficeOFFICE11WINWORD.EXE
C:Program FilesOutlook Expressmsimn.exe
C:Documents and SettingsgimenezBureauHijackThis.exe

O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program
FilesAdobeAcrobat 5.0AcrobatActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {4e851ad3-d175-415d-b734-39a4abbb73f5} -
C:DOCUME~1gimenezAPPLIC~1oolacrfrdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINNTSystem32msdxm.ocx
O4 - HKLM..Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM..Run: [LoadQM] loadqm.exe
O4 - HKLM..Run: [Watch] C:PROGRA~1MinitelWatch.exe
O4 - HKLM..Run: [POINTER] point32.exe
O4 - HKLM..Run: [MessengerPlus2] "C:Program FilesMessenger Plus!
2MsgPlus.exe"
O4 - HKLM..Run: [ShStatEXE] "C:Program FilesNetwork
AssociatesVirusScanSHSTAT.EXE" /STANDALONE
O4 - HKLM..Run: [McAfeeUpdaterUI] "C:Program FilesNetwork
AssociatesCommon FrameworkUpdaterUI.exe"
O4 - HKLM..Run: [NeroCheck] C:WINNTSystem32NeroCheck.exe
O4 - HKLM..Run: [pdfFactory Pro Dispatcher v2]
C:WINNTsystem32spoolDRIVERSW32X863fppdis2a.exe
O4 - HKLM..Run: [WinVNC] "C:Program
FilesorlvncfrWinVNC.exe" -servicehelper
O4 - HKLM..Run: [GNUB] C:WINNTGNUB.exe
O4 - HKLM..Run: [ezShieldProtector for Px] C:WINNTsystem32ezSP_Px.exe
O4 - HKLM..Run: [TrojanScanner] C:Program FilesTrojan
RemoverTrjscan.exe
O4 - HKCU..Run: [MessengerPlus2] "C:Program FilesMessenger Plus!
2MsgPlus.exe" /WinStart
O4 - HKCU..Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU..Run: [UltraBackup] "C:Program
FilesAstaseUltraBackupUltraBackup.exe" /start
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN Messengermsnmsgr.exe"
/background
O4 - Startup: OUTLOOK.lnk = C:Program FilesMicrosoft
OfficeOFFICE11OUTLOOK.EXE
O8 - Extra context menu item: Chercher avec Copernic - C:Program
FilesCopernic 2001 ProSearch Extension.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: Girafa (HKLM)
O9 - Extra button: Recherche (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) - http://active.macromedia.com/director/cabs/sw.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl
Class) - http://216.249.24.140/code/PWActiveXImgCtl.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?1050478050946
O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} (TeleTVA Control) -
https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) -
http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) -
http://www.sponsoradulto.com/es/SysWebTelecom.cab
O17 - HKLMSystemCCSServicesTcpipParameters: Domain = simbafr-dom.local
O17 - HKLMSystemCS1ServicesTcpipParameters: Domain = simbafr-dom.local
O17 - HKLMSystemCS2ServicesTcpipParameters: Domain = simbafr-dom.local
"joke0" <joke0_NOSWEN@tiscali.fr> a écrit dans le message de
news:XnF94A08779ACD98joke0@127.0.0.1...

Salut,

Majesty:

Quelqu'un pourrait m'aider t-il à déchiffrer un scan de Hijack
This ?

Vas-y poste ça ici ;-)

--
joke0

Vous avez filtré cet utilisateur ! Consultez son message

Voilà, merci d'avance :

Logfile of HijackThis v1.97.7
Scan saved at 13:12:35, on 02/03/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINNTSystem32smss.exe
C:WINNTsystem32winlogon.exe
C:WINNTsystem32services.exe
C:WINNTsystem32lsass.exe
C:WINNTsystem32svchost.exe
C:WINNTsystem32spoolsv.exe
C:WINNTSystem32cisvc.exe
C:WINNTSystem32svchost.exe
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanMcshield.exe
C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
C:Program FilesNetOp Remote ControlHOSTNHOSTSVC.EXE
C:WINNTsystem32regsvc.exe
C:WINNTsystem32MSTask.exe
C:WINNTSystem32WBEMWinMgmt.exe
C:Program FilesorlvncfrWinVNC.exe
C:WINNTsystem32svchost.exe
C:WINNTExplorer.EXE
C:Program FilesMicrosoft HardwareMousepoint32.exe
C:Program FilesMessenger Plus! 2MsgPlus.exe
C:Program FilesNetwork AssociatesVirusScanSHSTAT.EXE
C:Program FilesNetwork AssociatesCommon FrameworkUpdaterUI.exe
C:WINNTsystem32spoolDRIVERSW32X863fppdis2a.exe
C:WINNTsystem32ezSP_Px.exe
C:WINNTsystem32ctfmon.exe
C:WINNTSystem32svchost.exe
C:Program FilesAstaseUltraBackupUltraBackup.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesMicrosoft OfficeOFFICE11OUTLOOK.EXE
C:WINNTSystem32cidaemon.exe
C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE
C:Program FilesCrazy BrowserCrazy Browser.exe
C:Program FilesPersoftSTEssenSTOFFICE.EXE
C:Program FilesMicrosoft OfficeOFFICE11WINWORD.EXE
C:Program FilesOutlook Expressmsimn.exe
C:Documents and SettingsgimenezBureauHijackThis.exe

O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program
FilesAdobeAcrobat 5.0AcrobatActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {4e851ad3-d175-415d-b734-39a4abbb73f5} -
C:DOCUME~1gimenezAPPLIC~1oolacrfrdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINNTSystem32msdxm.ocx
O4 - HKLM..Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM..Run: [LoadQM] loadqm.exe
O4 - HKLM..Run: [Watch] C:PROGRA~1MinitelWatch.exe
O4 - HKLM..Run: [POINTER] point32.exe
O4 - HKLM..Run: [MessengerPlus2] "C:Program FilesMessenger Plus!
2MsgPlus.exe"
O4 - HKLM..Run: [ShStatEXE] "C:Program FilesNetwork
AssociatesVirusScanSHSTAT.EXE" /STANDALONE
O4 - HKLM..Run: [McAfeeUpdaterUI] "C:Program FilesNetwork
AssociatesCommon FrameworkUpdaterUI.exe"
O4 - HKLM..Run: [NeroCheck] C:WINNTSystem32NeroCheck.exe
O4 - HKLM..Run: [pdfFactory Pro Dispatcher v2]
C:WINNTsystem32spoolDRIVERSW32X863fppdis2a.exe
O4 - HKLM..Run: [WinVNC] "C:Program
FilesorlvncfrWinVNC.exe" -servicehelper
O4 - HKLM..Run: [GNUB] C:WINNTGNUB.exe
O4 - HKLM..Run: [ezShieldProtector for Px] C:WINNTsystem32ezSP_Px.exe
O4 - HKLM..Run: [TrojanScanner] C:Program FilesTrojan
RemoverTrjscan.exe
O4 - HKCU..Run: [MessengerPlus2] "C:Program FilesMessenger Plus!
2MsgPlus.exe" /WinStart
O4 - HKCU..Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU..Run: [UltraBackup] "C:Program
FilesAstaseUltraBackupUltraBackup.exe" /start
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN Messengermsnmsgr.exe"
/background
O4 - Startup: OUTLOOK.lnk = C:Program FilesMicrosoft
OfficeOFFICE11OUTLOOK.EXE
O8 - Extra context menu item: Chercher avec Copernic - C:Program
FilesCopernic 2001 ProSearch Extension.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: Girafa (HKLM)
O9 - Extra button: Recherche (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) - http://active.macromedia.com/director/cabs/sw.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl
Class) - http://216.249.24.140/code/PWActiveXImgCtl.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?1050478050946
O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} (TeleTVA Control) -
https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) -
http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) -
http://www.sponsoradulto.com/es/SysWebTelecom.cab
O17 - HKLMSystemCCSServicesTcpipParameters: Domain = simbafr-dom.local
O17 - HKLMSystemCS1ServicesTcpipParameters: Domain = simbafr-dom.local
O17 - HKLMSystemCS2ServicesTcpipParameters: Domain = simbafr-dom.local
"joke0" a écrit dans le message de
news:

Salut,

Majesty:
Quelqu'un pourrait m'aider t-il à déchiffrer un scan de Hijack
This ?

Vas-y poste ça ici ;-)

--
joke0

joke0

02/03/2004 à 14:04

Salut,

Majesty:

Platform: Windows 2000 SP3 (WinNT 5.00.2195)

O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} -
(no file)

cocher

O2 - BHO: (no name) - {4e851ad3-d175-415d-b734-39a4abbb73f5} -
C:DOCUME~1gimenezAPPLIC~1oolacrfrdv.dll

C'est louche. A cocher pour suppression. Fais-en une copie et
envoie-la moi que je regarde ce que c'est.

O4 - HKLM..Run: [GNUB] C:WINNTGNUB.exe

Je ne connais pas ce logiciel. Vérifie que c'est bien toi qui
l'a installé.

O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B}
(PWMediaSendControl

O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762}
(SysWebTelecomInt Class)

A cocher.

Tu cliques alors sur 'Fix'.

A priori, à part la dll, rien de suspect.

--
joke0

Majesty

02/03/2004 à 14:13

Merci Joke0.

"joke0" a écrit dans le message de
news:

Salut,

Majesty:
Platform: Windows 2000 SP3 (WinNT 5.00.2195)

O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} -
(no file)

cocher

O2 - BHO: (no name) - {4e851ad3-d175-415d-b734-39a4abbb73f5} -
C:DOCUME~1gimenezAPPLIC~1oolacrfrdv.dll

C'est louche. A cocher pour suppression. Fais-en une copie et
envoie-la moi que je regarde ce que c'est.

O4 - HKLM..Run: [GNUB] C:WINNTGNUB.exe

Je ne connais pas ce logiciel. Vérifie que c'est bien toi qui
l'a installé.

O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B}
(PWMediaSendControl

O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762}
(SysWebTelecomInt Class)

A cocher.

Tu cliques alors sur 'Fix'.

A priori, à part la dll, rien de suspect.

--
joke0

Scan Hijack This à déchiffrer

4 réponses

Veuillez sélectionner un problème