Jump to content

[LOGICIEL] rapport HijackThis et problème avec netsh.exe


barmy666

Recommended Posts

merci de me dire ce qu'il faut faire... j'arrête pas d'avoir une fenêtre d'erreur Netsh.exe au démarrage d'XP...

Logfile of HijackThis v1.99.1

Scan saved at 22:00:52, on 31.01.2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE

C:\Programfiler\Securitoo\av_fw\Anti-Virus\fsgk32st.exe

C:\Programfiler\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe

C:\Programfiler\Securitoo\av_fw\Anti-Virus\FSGK32.EXE

C:\Programfiler\Securitoo\av_fw\Anti-Virus\fssm32.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe

C:\Programfiler\Fellesfiler\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Programfiler\Securitoo\av_fw\Common\FSMA32.EXE

C:\Programfiler\Securitoo\av_fw\Common\FSMB32.EXE

C:\Programfiler\Securitoo\av_fw\Common\FAMEH32.EXE

C:\Programfiler\Securitoo\av_fw\DFW\Program\fsdfwd.exe

C:\Programfiler\Securitoo\av_fw\Anti-Virus\fsav32.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\AGRSMMSG.exe>C:\Programfiler\Java\j2re1.4.2_03\bin\jusched.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\System32\hphmon05.exe

C:\Programfiler\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Programfiler\iTunes\iTunesHelper.exe

C:\Programfiler\QuickTime\qttask.exe

C:\Programfiler\Securitoo\av_fw\Common\FSM32.EXE

C:\Programfiler\iPod\bin\iPodService.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

C:\Programfiler\Softwin\BitDefender8\bdnagent.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Programfiler\Messenger\msmsgs.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Programfiler\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\PROGRA~1\Wanadoo\ComComp.exe

c:\windows\system32\rlvknlg.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\Programfiler\Securitoo\av_fw\backweb\1044199\Program\BackWeb-1044199.exe

C:\PROGRA~1\Wanadoo\Watch.exe

C:\Programfiler\Fellesfiler\Softwin\BitDefender Scan Server\bdss.exe

c:\programfiler\softwin\bitdefender8\bdmcon.exe

C:\Programfiler\Securitoo\av_fw\Common\FCH32.EXE

C:\Programfiler\Internet Explorer\iexplore.exe

C:\WINDOWS\System32\cmd.exe

C:\WINDOWS\System32\NOTEPAD.EXE

C:\WINDOWS\regedit.exe

C:\Programfiler\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\Carina\Mine dokumenter\Mix&match\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://www.hp.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

http://as.starware.com/dp/search? x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcD3RW7BXlKjvf0DtH119REEauMvk+pp+0IUg9suz3wjgZHUA

8C44MyBoBsCwceKiaFSJ2ZnvVDyzvhoUKPkbSkIBNc+4IssVbEPmQT4tD/M6khWEKb7EOSwIvzLHb+6a8KEoBAl1QyjDjH35kkAVkF/ PmsSlt8A7FhV0bGgvsD2kJGcYvje5ZaGihN42nDSV3wMLydXVV0mI0hI2RyaqLtbKwhDGS0msRS4QflU

Auto=

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

http://www.hp.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =>R3 - Default URLSearchHook is missing

2 - BHO: MyWebSearch Search Assistant BHO -

{00A6FAF1-072E-44cf-8957-5838F569A31D} -

C:\Programfiler\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} -

C:\Programfiler\MyWebSearch\bar\1.bin\MWSBAR.DLL

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -

C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN

Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -

C:\Programfiler\MSN Apps\MSN Toolbar\01.02.4000.1001\no\msntb.dll

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} -

C:\Programfiler\TEXTware\QUICKfind\PlugIns\IEHelp.dll

O2 - BHO: Starware - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} -

C:\Programfiler\Starware\bin\Starware.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -

C:\Programfiler\MSN Apps\MSN Toolbar\01.02.4000.1001\no\msntb.dll

O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} -

C:\Programfiler\Starware\bin\Starware.dll

O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -

C:\Programfiler\MyWebSearch\bar\1.bin\MWSBAR.DLL

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [Cpqset] C:\Programfiler\HPQ\Default Settings\cpqset.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched]

C:\Programfiler\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control

Panel\atiptaxx.exe

O4 - HKLM\..\Run: [updateManager] "C:\Programfiler\Fellesfiler\Sonic\Update

Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [HPHUPD05]

c:\Programfiler\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Programfiler\Hewlett-Packard\HP

Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [iTunesHelper] C:\Programfiler\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe"

-atboottime

O4 - HKLM\..\Run: [F-Secure Manager]

"C:\Programfiler\Securitoo\av_fw\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB]

"C:\Programfiler\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe

TaskBarIcon.exe

O4 - HKLM\..\Run: [MyWebSearch Email Plugin]

C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - HKLM\..\Run: [bDMCon]

"C:\Programfiler\Softwin\BitDefender8\bdmcon.exe"

O4 - HKLM\..\Run: [bDNewsAgent]

"C:\Programfiler\Softwin\BitDefender8\bdnagent.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe"

/background

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe"

/background

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe

appLaunchClientZone.shl|DEFAULT=cnx|PARAM=

O4 - HKCU\..\Run: [MyWebSearch Email Plugin]

C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - Startup: MyWebSearch Email Plugin.lnk =

C:\Programfiler\MyWebSearch\bar\1.bin\MWSOEMON.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk =

C:\Programfiler\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: MyWebSearch Email Plugin.lnk =

C:\Programfiler\MyWebSearch\bar\1.bin\MWSOEMON.EXE

O8 - Extra context menu item: &Search -

http://edits.mywebsearch.com/toolbaredits/...?p=ZNxdm119YYFR

O8 - Extra context menu item: E&ksporter til Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Programfiler\Java\j2re1.4.2_03\bin\npjpi142_03.dll

O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Programfiler\Java\j2re1.4.2_03\bin\npjpi142_03.dll

O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -

C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links -

{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programfiler\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programfiler\Messenger\MSMSGS.EXE

O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -

http://www.wanadoo.fr (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -

http://ak.imgfarm.com/images/nocache/funwe...tup1.0.0.15.cab

O16 - DPF: {3BB4FE3B-7A37-11D3-A41E-0060080C03B3} (Entire Screen Builder

Web Viewer) - http://vblu.uni-bocconi.it/vblu/NWWClientFull.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -

http://housecall.trendmicro-europe.com/housecall/Xscan53.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer

Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}

(MsnMessengerSetupDownloadControl Class) -

http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -

"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: Ati HotKey Poller - Unknown owner -

C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: Securitoo AntiVirus Firewall (BackWeb Client - 1044199) -

Unknown owner -

C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner -

C:\Programfiler\Fellesfiler\Softwin\BitDefender Scan Server\bdss.exe"

/service (file missing)

O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. -

C:\Programfiler\Securitoo\av_fw\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner -

C:\Programfiler\Securitoo\av_fw\Common\FSAA.EXE (file missing)

O23 - Service: fsbwsys - F-Secure Corp. -

C:\Programfiler\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe

O23 - Service: F-Secure Distributed Firewall Daemon (FSDFWD) - F-Secure

Corporation - C:\Programfiler\Securitoo\av_fw\DFW\Program\fsdfwd.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation -

C:\Programfiler\Securitoo\av_fw\Common\FSMA32.EXE

O23 - Service: F-Secure Windows Security Center Legacy Detection Service

(Fswsclds) - F-Secure Corporation -

C:\Programfiler\Securitoo\av_fw\fswsclds.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France

Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: iPod-tjeneste (iPodService) - Apple Computer, Inc. -

C:\Programfiler\iPod\bin\iPodService.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) -

Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner -

C:\Programfiler\Fellesfiler\Softwin\BitDefender Communicator\xcommsvr.exe"

/service (file missing)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...