Logfile of HijackThis v1.98.0
Scan saved at 12:39:00 , on 12/08/2004
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\PROGRAM FILES\RAMBOOST XP\RAMBXPFR.EXE
C:\PROGRAM FILES\FREE HISTORY ERASER\HISTORYERASER.EXE
C:\PROGRAM FILES\TRAYIT\TRAYIT!.EXE
C:\PROGRAM FILES\PROXOMITRON NAOKO V4.4\PROXOMITRON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\LOGITHèQ\SéCURITé\HIJACKTHIS\HIJACKTHIS_LAST.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Mes%20documents/bookmark.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.altavista.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Le Web j'adore
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = macromedia.com ;
http://windowsupdate.microsoft.com ;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\FDCATCH.DLL
O2 - BHO: (no name) - {8EDAB5C0-B061-11D1-801D-204C4F4F5021} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {BBE59AF5-EE22-4A3A-AB26-3F774D1B4216} - C:\PROGRA~1\FOLDER~1\FOLDER~1.DLL
O2 - BHO: (no name) - {FC4C5EAE-66EE-11D4-BC67-0000E8E582D2} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKLM\..\RunServicesOnce: [Flags]
O4 - HKCU\..\Run: [RamBoostXp] "C:\PROGRAM FILES\RAMBOOST XP\RAMBXPFR.EXE"
O4 - HKCU\..\Run: [SPSTEALT] "C:\PROGRAM FILES\FREE HISTORY ERASER\HISTORYERASER.EXE" /stealt
O4 - Startup: TrayIt!.lnk = C:\Program Files\TrayIt\trayit!.exe
O4 - Startup: Proxomitron v4.4.lnk = C:\Program Files\Proxomitron Naoko v4.4\Proxomitron.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Vérifier la date de dernière mise à jour - C:\windows\modifpage.htm
O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\cookie.html
O8 - Extra context menu item: Download with &FD - file://C:\PROGRAM FILES\FRESHDEVICES\FRESHDOWNLOAD\fdiectx.htm
O8 - Extra context menu item: Download &All by FD - file://C:\PROGRAM FILES\FRESHDEVICES\FRESHDOWNLOAD\fdiectx2.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\PROGRA~1\INTERN~1\Toolbar\toolbar.hta
O9 - Extra 'Tools' menuitem: &Toolbar Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\PROGRA~1\INTERN~1\Toolbar\toolbar.hta
O9 - Extra button: Edition - {FD4DF9E0-E3DE-11CE-BFCF-ABCD1DE12345} - C:\WINDOWS\notepad.exe
O9 - Extra 'Tools' menuitem: Bloc-Notes - {FD4DF9E0-E3DE-11CE-BFCF-ABCD1DE12345} - C:\WINDOWS\notepad.exe
O9 - Extra button: (no name) - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - (no file) (HKCU)
Merci