Utilisation hijackthis, otmoveit,combofix....
rootzy
-
rootzy -
rootzy -
Bonjour,
je suis en train de faire le ménage sur mon PC ( suppression des logiciel plus utilisés, nettoyage disque, défrage, mise à jour de msconfig, etc) .
En revanche je sais qu'il y a sur mon poste des logiciel nuisibles , malveillants ou tout simplement inutile qui se stocks avec le temps et qui ne sont pas detecté par mon antivirus.
Je sais aussi qu'il existe des logiciels comme hijackthis, OTmoveit, combo fix, etc , qui pourraient résoudre mon problème.
Mais je ne sais absolument pas comment utiliser ces logiciels, et ne veux surtout pas faire d'erreur.
Est ce que quelqu'un pourrait m'assister svp ??
Par avance merci
Yannick
<config>Windows XP / internet explorer 8
je suis en train de faire le ménage sur mon PC ( suppression des logiciel plus utilisés, nettoyage disque, défrage, mise à jour de msconfig, etc) .
En revanche je sais qu'il y a sur mon poste des logiciel nuisibles , malveillants ou tout simplement inutile qui se stocks avec le temps et qui ne sont pas detecté par mon antivirus.
Je sais aussi qu'il existe des logiciels comme hijackthis, OTmoveit, combo fix, etc , qui pourraient résoudre mon problème.
Mais je ne sais absolument pas comment utiliser ces logiciels, et ne veux surtout pas faire d'erreur.
Est ce que quelqu'un pourrait m'assister svp ??
Par avance merci
Yannick
<config>Windows XP / internet explorer 8
A voir également:
- Utilisation hijackthis, otmoveit,combofix....
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Utilisation chromecast - Guide
- Télécharger gratuitement notice d'utilisation - Guide
- La ressource demandée est en cours d'utilisation - Forum Téléphones & tablettes Android
- Logiciel en Cours d'utilisation ? ✓ - Forum Logiciels
10 réponses
Salut
Pour voir cela:
Télécharge RSIT (de random/random) sur le bureau :
- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur "Continue" dans la fenêtre
- RSIT téléchargera HijackThis si il n'est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenu de log.txt plus info.txt (réduit ds la barre de taches) à la fin de l'analyse .
Les rapports sont dans le dossier ici C:\rsit
a+
Pour voir cela:
Télécharge RSIT (de random/random) sur le bureau :
- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur "Continue" dans la fenêtre
- RSIT téléchargera HijackThis si il n'est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenu de log.txt plus info.txt (réduit ds la barre de taches) à la fin de l'analyse .
Les rapports sont dans le dossier ici C:\rsit
a+
Salut,
J'ai bien suivi la procédure, mais pour le moment je n'arrive pas à poster les 2 rapports.... je vais essayer un peu plus tard.
En tout cas merci
@+ Yannick
J'ai bien suivi la procédure, mais pour le moment je n'arrive pas à poster les 2 rapports.... je vais essayer un peu plus tard.
En tout cas merci
@+ Yannick
Poste un rapport par réponse....
sinon utilise http://www.cijoint.fr/ et colle moi le lien généré .
a+
sinon utilise http://www.cijoint.fr/ et colle moi le lien généré .
a+
Rappel: https://forums.commentcamarche.net/forum/affich-17327418-utilisation-hijackthis-otmoveit-combofix#2
Je regarde tes rapports....
a+
Je regarde tes rapports....
a+
ok je vais utiliser le lien que tu m'as conseillé. dsl je ne l'avais pas vu avant....
Donc voici le lien pour le rapport info.txt:
http://www.cijoint.fr/cjlink.php?file=cj201004/cijqNcMUuA.txt
et voici le lien pour log.txt:
http://www.cijoint.fr/cjlink.php?file=cj201004/cij3Elrnlv.txt
je supprime les 2 posts précédent pour plus de clareté.
Donc voici le lien pour le rapport info.txt:
http://www.cijoint.fr/cjlink.php?file=cj201004/cijqNcMUuA.txt
et voici le lien pour log.txt:
http://www.cijoint.fr/cjlink.php?file=cj201004/cij3Elrnlv.txt
je supprime les 2 posts précédent pour plus de clareté.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Re,
Vas dans "démarrer" --> "rechercher" et tape ou copie/colle :
C:\Program Files\trend micro\Yannick.exe
==> Clic sur Yannick.exe ,cela va ouvrir Hijackthis.
==> Au menu principal, choisis "Do a system scan only"
et coches les lignes suivantes:
Tuto si problème : http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] F:\HP deskjet 6900\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O18 - Protocol: bw+0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: oqedrh.dll
==> Fermes toutes tes applications et appuies sur "FIX CHECKED</gra
<gras>Redémarres ensuite le pc afin de valider ces modifs....
*******************************************************
Puis:
Fais un scan avec cet antispyware :
Malwarebytes + tutoriel
Tu l'installes; mets le a jour...(onglet mise a jour)
Click maintenant sur l'onglet recherche et coche la case :
"Executer un examen rapide".
Puis click sur "rechercher".
Laisses le scanner le pc...
A la fin du scan, clique sur Afficher les résultats
Si des elements on ete trouvés :
> click sur supprimer la selection.
si il t'es demandé de redemarrer > click sur "oui".
A la fin un rapport va s'ouvrir;
sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
Copies et colles le rapport stp.
a+
........
Vas dans "démarrer" --> "rechercher" et tape ou copie/colle :
C:\Program Files\trend micro\Yannick.exe
==> Clic sur Yannick.exe ,cela va ouvrir Hijackthis.
==> Au menu principal, choisis "Do a system scan only"
et coches les lignes suivantes:
Tuto si problème : http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] F:\HP deskjet 6900\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O18 - Protocol: bw+0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {7F776B0D-AFAC-4B5C-830C-1AFAA0C3D0AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: oqedrh.dll
==> Fermes toutes tes applications et appuies sur "FIX CHECKED</gra
<gras>Redémarres ensuite le pc afin de valider ces modifs....
*******************************************************
Puis:
Fais un scan avec cet antispyware :
Malwarebytes + tutoriel
Tu l'installes; mets le a jour...(onglet mise a jour)
Click maintenant sur l'onglet recherche et coche la case :
"Executer un examen rapide".
Puis click sur "rechercher".
Laisses le scanner le pc...
A la fin du scan, clique sur Afficher les résultats
Si des elements on ete trouvés :
> click sur supprimer la selection.
si il t'es demandé de redemarrer > click sur "oui".
A la fin un rapport va s'ouvrir;
sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
Copies et colles le rapport stp.
a+
........
ok voila le rapport.
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Version de la base de données: 3976
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
11/04/2010 13:15:15
mbam-log-2010-04-11 (13-15-15).txt
Type d'examen: Examen complet (C:\|F:\|G:\|)
Elément(s) analysé(s): 161687
Temps écoulé: 29 minute(s), 42 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Version de la base de données: 3976
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
11/04/2010 13:15:15
mbam-log-2010-04-11 (13-15-15).txt
Type d'examen: Examen complet (C:\|F:\|G:\|)
Elément(s) analysé(s): 161687
Temps écoulé: 29 minute(s), 42 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Pour l'instant, il me semble qu'il n'y ai plus de ralentissement, comme avant.
Je vais regarder comment il fonctionne au courant cette semaine pour voir si ces résultats sont définitfs. Auquel cas je me permetrais de relaisser un message.
En tout cas je te remercie vraiment pour ton aide.
@+
Yannick
Je vais regarder comment il fonctionne au courant cette semaine pour voir si ces résultats sont définitfs. Auquel cas je me permetrais de relaisser un message.
En tout cas je te remercie vraiment pour ton aide.
@+
Yannick
