Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Rapport HijackThis - Help

Hervé74

Par Hervé74
dans Analyses et éradication malwares

 Partager

Messages recommandés

Hervé74 Junior Member

Hervé74

Posté(e)
Posté(e)

Bonsoir,

 

J'ai le rapport HijackThis ci-dessous, mais je ne sais pas quoi en faire.... Si quelqu'un peut m'aider...Merci d'avance :

 

Logfile of HijackThis v1.99.1

Scan saved at 21:38:03, on 17/10/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe

C:\PROGRA~1\McAfee\MSC\mclogsrv.exe

C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe

c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

C:\PROGRA~1\McAfee\MSC\mcpromgr.exe

c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\PROGRA~1\McAfee\MSC\mctskshd.exe

C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\Program Files\Controle Parental\bin\optproxy.exe

C:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\hkcmd.exe

C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

C:\Program Files\Dell\Media Experience\PCMService.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Logitech\iTouch\iTouch.exe

C:\WINDOWS\Logi_MwX.Exe

C:\Program Files\Real\RealPlayer\RealPlay.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\DrvMon.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\McAfee\MSC\McLogCln.exe

C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe

C:\PROGRA~1\Wanadoo\ComComp.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe

C:\PROGRA~1\Wanadoo\Watch.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

C:\Program Files\McAfee\MSC\mcshell.exe

C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe

C:\PROGRA~1\mcafee\msc\mcupdui.exe

C:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe

C:\Documents and Settings\Hervé\Bureau\Scanner.exe.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/fr/fra/gen/default.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/countries/fr/fra/gen/default.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - (no file)

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: (no name) - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - (no file)

O3 - Toolbar: (no name) - {44BE0690-5429-47f0-85BB-3FFD8020233E} - (no file)

O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"

O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [VirusScan] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [0316161160674144mcinstcleanup] C:\DOCUME~1\Virginie\LOCALS~1\Temp\031616~1.EXE C:\PROGRA~1\FICHIE~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog

O4 - HKLM\..\Run: [McLogLch_exe] C:\Program Files\McAfee\MSC\McLogLch.exe

O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\AvA\Watch.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\System32\DrvMon.exe

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx

O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Picture Package Menu.lnk = ?

O4 - Global Startup: Picture Package VCD Maker.lnk = ?

O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab

O18 - Protocol: bw+0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {3CD990CF-0CD1-48EE-A6B1-BDA6612EE45F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll

O20 - AppInit_DLLs: dxclib303562752.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: IPConfTSP - C:\WINDOWS\system32\kt6ul7j91.dll (file missing)

O20 - Winlogon Notify: Setup - C:\WINDOWS\system32\surstr.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\SGVyduk\command.exe (file missing)

O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: MBackMonitor - - C:\Program Files\McAfee\MBK\MBackMonitor.exe

O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe

O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe

O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe

O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe

O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)

O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

Hervé74

Lien vers le commentaire
Partager sur d’autres sites

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut :P

 

Voilà ce que tu vas faire stp , pour mettre les infections à jour (Surfsidekick , L2M etc) =>

 

Télécharge combofix.exe de sUBs

  • Assure toi que tous les programmes sont fermés avant de lancer le fix!
  • Fait un double clique sur combofix.exe.
  • Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide !
  • Tape sur la touche Y (Yes) pour démarrer le scan.
  • Lorsque le scan est terminé, un rapport sera généré : poste en le contenu dans ton prochain message.
  • Si le rapport est trop long, poste le en deux fois.

Désinstalle un des deux antivirus présents sur ton pc stp , sinon ca risque de planter.

Avec le rapport de Combofix, poste un nouveau rapport hijackthis .

Lien vers le commentaire
Partager sur d’autres sites
Hervé74 Junior Member

Hervé74

Posté(e)
  • Auteur
Posté(e)

Voilà le rapport Combofix :

 

Herv‚ - 06-10-17 23:38:16,56 Service Pack 2

ComboFix 06.10.16 - Running from: "C:\DOCUME~1\HERV~1\MESDOC~1\HERVEL~1"

 

((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))

 

REGISTRY ENTRIES REMOVED:

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

 

 

Granting sedebugprivilege to Administrateurs ... successful

 

 

((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

C:\WINDOWS\system32\dxclib303562752.dll

C:\Documents and Settings\Herv‚\Application Data\Dxcknwrd.dll

C:\Documents and Settings\Virginie\Application Data\Dxcknwrd.dll

C:\WINDOWS\system32\bkd.exe

C:\Program Files\DeluxeCommunications\Dxc.exe

C:\Program Files\DeluxeCommunications\DxcCore.dll

 

 

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

 

 

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

C:\WINDOWS\drsmartload2.dat

C:\WINDOWS\teller2.chk

C:\deskbar.exe

C:\deskbar_e26.exe

C:\WINDOWS\system32\aaa00000.sys

C:\WINDOWS\system32\bszip.dll

C:\WINDOWS\system32\cmd.com

C:\WINDOWS\system32\netstat.com

C:\WINDOWS\system32\ping.com

C:\WINDOWS\system32\regedit.com

C:\WINDOWS\system32\taskkill.com

C:\WINDOWS\system32\tasklist.com

C:\WINDOWS\system32\tracert.com

C:\WINDOWS\uninstall_nmon.vbs

C:\WINDOWS\system32\atmtd.dll

C:\WINDOWS\system32\atmtd.dll._

C:\Documents and Settings\LocalService\Application Data\NetMon

C:\Program Files\network monitor

C:\Program Files\outlook

C:\Program Files\winupdates

C:\Program Files\Fichiers communs\{44917476-0A1F-1036-1202-030512200021}

C:\WINDOWS\SGVyduk

 

 

((((((((((((((((((((((((((((((( Files Created from 2006-09-17 to 2006-10-17 ))))))))))))))))))))))))))))))))))

 

 

2006-10-15 20:55 221,184 --a------ C:\WINDOWS\SYSTEM32\wmpns.dll

2006-10-12 19:31 37,832 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mfesmfk.sys

2006-10-12 19:31 33,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mfebopk.sys

2006-10-12 19:31 31,752 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mferkdk.sys

2006-10-12 19:30 84,744 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mfeavfk.sys

2006-10-12 19:30 162,504 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mfehidk.sys

2006-10-12 19:30 104,536 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\Mpfp.sys

2006-10-12 19:05 32,768 --a------ C:\DXC9.exe

2006-10-12 19:03 3,050 --a------ C:\Documents and Settings\Herv‚\setup9x.exe

2006-10-11 20:51 1,233 --a------ C:\WINDOWS\SYSTEM32\tvuaebfc.sys

 

 

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

2006-10-17 23:43 -------- d-------- C:\Program Files\Fichiers communs

2006-10-17 23:38 -------- d-------- C:\Program Files\Wanadoo

2006-10-17 22:37 -------- d-------- C:\Program Files\Windows Media Player

2006-10-16 23:05 -------- d-------- C:\Documents and Settings\Herv‚\Application Data\SiteAdvisor

2006-10-16 22:20 -------- d---s---- C:\Documents and Settings\Herv‚\Application Data\Microsoft

2006-10-16 21:35 -------- d-------- C:\Program Files\Messenger

2006-10-15 23:29 -------- d-------- C:\Program Files\Internet Explorer

2006-10-15 23:22 -------- d-------- C:\Program Files\Outlook Express

2006-10-15 23:22 -------- d-------- C:\Program Files\Fichiers communs\System

2006-10-15 20:45 -------- d-------- C:\Program Files\Movie Maker

2006-10-15 20:40 -------- d-------- C:\Program Files\Windows NT

2006-10-15 20:40 -------- d-------- C:\Program Files\NetMeeting

2006-10-15 19:55 -------- d-------- C:\Program Files\Fichiers communs\Ciel

2006-10-15 19:55 -------- d-------- C:\Documents and Settings\Herv‚\Application Data\McAfee

2006-10-15 19:54 -------- d-------- C:\Program Files\SiteAdvisor

2006-10-15 19:54 -------- d-------- C:\Program Files\McAfee

2006-10-15 19:52 -------- d-------- C:\Program Files\AvA

2006-10-12 23:06 -------- d--h----- C:\Program Files\InstallShield Installation Information

2006-10-12 22:23 -------- d-------- C:\Program Files\Ciel

2006-10-12 19:44 -------- d-------- C:\Program Files\McAfee.com

2006-10-12 19:30 -------- d-------- C:\Program Files\Fichiers communs\McAfee

2006-10-12 19:09 517 --a------ C:\Program Files\Fichiers communs\mewo

2006-10-10 22:52 -------- d-------- C:\Program Files\Microsoft Games

2006-10-10 21:44 -------- d-------- C:\Program Files\Fichiers communs\Intuit

2006-09-24 17:01 -------- d-------- C:\Program Files\iPod

2006-09-24 16:34 -------- d-------- C:\Program Files\iTunes

2006-09-24 16:26 -------- d-------- C:\Program Files\QuickTime

2006-09-24 16:15 -------- d-------- C:\Program Files\Apple Software Update

2006-09-23 15:27 -------- d-------- C:\Documents and Settings\Herv‚\Application Data\Help

2006-09-13 07:03 1084416 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll

2006-08-25 17:51 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll

2006-08-21 14:26 16896 --a------ C:\WINDOWS\SYSTEM32\fltlib.dll

2006-08-21 11:14 23040 --a------ C:\WINDOWS\SYSTEM32\fltmc.exe

2006-08-21 11:14 128896 --------- C:\WINDOWS\SYSTEM32\DRIVERS\fltmgr.sys

2006-08-20 15:08 21840 --a----t- C:\WINDOWS\SYSTEM32\SIntfNT.dll

2006-08-20 15:08 17212 --a----t- C:\WINDOWS\SYSTEM32\SIntf32.dll

2006-08-20 15:08 12067 --a----t- C:\WINDOWS\SYSTEM32\SIntf16.dll

2006-08-16 13:59 100352 --a------ C:\WINDOWS\SYSTEM32\6to4svc.dll

2006-07-27 15:26 679424 --a------ C:\WINDOWS\SYSTEM32\inetcomm.dll

2006-07-21 10:32 72704 --a------ C:\WINDOWS\SYSTEM32\hlink.dll

 

 

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

 

*Note* empty entries are not shown

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"

"DrvMon.exe"="C:\\WINDOWS\\System32\\DrvMon.exe"

"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"

"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

"WOOKIT"="C:\\Program Files\\Wanadoo\\Shell.exe appLaunchClientZone.shl|PARAM= cnx"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe"

"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"

"SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe"

"PCMService"="\"C:\\Program Files\\Dell\\Media Experience\\PCMService.exe\""

"IntelMeM"="C:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe"

"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"

"UpdateManager"="\"C:\\Program Files\\Fichiers communs\\Sonic\\Update Manager\\sgtray.exe\" /r"

"VirusScan"="c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe"

"zBrowser Launcher"="C:\\Program Files\\Logitech\\iTouch\\iTouch.exe"

"Logitech Utility"="Logi_MwX.Exe"

"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"

"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"

"WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"

"WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\GestMaj.exe TaskBarIcon.exe"

"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

"0316161160674144mcinstcleanup"="C:\\DOCUME~1\\Virginie\\LOCALS~1\\Temp\\031616~1.EXE C:\\PROGRA~1\\FICHIE~1\\McAfee\\INSTAL~1\\cleanup.ini -cleanup -nolog"

"McLogLch_exe"="C:\\Program Files\\McAfee\\MSC\\McLogLch.exe"

"Watch"="C:\\PROGRA~1\\AvA\\Watch.exe"

"McAfee Backup"="C:\\Program Files\\McAfee\\MBK\\McAfeeDataBackup.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]

"Installed"="1"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]

"Installed"="1"

"NoChange"="1"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]

"Installed"="1"

 

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]

"DeskHtmlVersion"=dword:00000110

"DeskHtmlMinorVersion"=dword:00000005

"Settings"=dword:00000001

"GeneralFlags"=dword:00000001

 

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Ma page d'accueil"

"Flags"=dword:00000002

"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,de,03,00,00,00,\

00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00

"CurrentState"=hex:04,00,00,40

"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\

ff,ff,04,00,00,00

"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\

00,00,01,00,00,00

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

"NoDrives"=dword:00000000

"NoViewOnDrive"=dword:00000000

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]

"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"

"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"

"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"

"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

 

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS

 

Contents of the 'Scheduled Tasks' folder

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\McDefragTask.job

C:\WINDOWS\tasks\McQcTask.job

C:\WINDOWS\tasks\Rappel d'abonnement 1 auprŠs de l'ISP.job

 

Completion time: 06-10-17 23:49:59.64

C:\ComboFix.txt ... 06-10-17 23:49

 

 

Pour ce qui est du nouveau rapport HijackThis, comme je ne suis pas sûr de comprendre coment ça fonctionne... Est-ce que je dois renommer HijackThis (comme je l'ai fait la première fois: je l'ai renommé Scanner.exe avant de le lancer)

 

Autrement je n'ai plus les ouvertures intempestives de fenêtres !

 

Hervé74

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...