Analyse hijack
coon
Messages postés
11
Statut
Membre
-
coon Messages postés 11 Statut Membre -
coon Messages postés 11 Statut Membre -
bonjour,
j'ai un pote qui a des petits soucis avec son pc, j'ai regardé vite fait et a priori il y a des bebetes dedans...
voici un rapport Hijack et un rapport d'AVG as:
HIJACK:
Logfile of HijackThis v1.99.1
Scan saved at 18:13:49, on 03/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\protection PC\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: (no name) - {479fd0cf-5be9-4c63-8cda-b6d371c67bd5} - (no file)
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O15 - Trusted Zone: *.coolwebsearch.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{F709DB82-5DFD-4AEF-B045-2027C362CE7D}: NameServer = 84.103.237.146 86.64.145.146
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: fairydom - {5839511e-ec1b-4f91-ace3-fb88e52f5239} - (no file)
O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - (no file)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SC Test Branding Service 1 - Unknown owner - C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (file missing)
AVGas:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 18:10:33 03/04/2007
+ Résultat de l'analyse:
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP601\A0618549.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP601\A0618550.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP609\A0618765.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP610\A0618866.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP610\A0618876.exe -> Adware.Casino : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{016859C2-97B6-45FC-816B-A3B91BA10A0F} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{03713ADE-819C-43D9-B138-67828D4C0405} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{0BDF8F38-347C-4810-BDA6-2F85C1050B26} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{18A1A6BB-8AE3-47E3-B9D4-75ABFE0CAC03} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{2D1254A1-4A1A-4339-9DE5-D05CADD5C44C} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{2F34C08C-E0AF-4EB2-AFCF-3A13DC489FA6} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{49D486E8-1932-492D-B1BD-B4D638BEBD84} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{49E2EB9D-A5E6-450E-9708-251876BF3E7F} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{68C625EA-B8E3-4FC1-9F6E-8A1B50AA9C8C} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{6F821290-E277-4F87-B4BD-AE48564EF21D} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{9BA6B541-EB04-44C9-9156-9573DB5345A5} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{A8718256-70C8-4914-8F64-B8B9C1A64AAA} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{C3A42538-303B-4541-915D-C79AD9C75EB8} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{C48AE974-0D27-47D6-A3E9-881CF3301F72} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{DA02B168-8841-4248-BF22-67E2EC5958C3} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{E505FB9B-6CB3-44C5-9F0E-B01121076CC9} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\TypeLib\{00B3D2B1-1EAD-4611-A348-9ECBC4C565A7} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{479fd0cf-5be9-4c63-8cda-b6d371c67bd5} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{202A961F-23AE-42B1-9505-FFE3C818D717} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{479FD0CF-5BE9-4C63-8CDA-B6D371C67BD5} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BF5B8FC-11CB-409F-8C91-4D4CA04A1B6D} -> Adware.Generic : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP586\A0617157.exe -> Adware.SpywareQuake : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP585\A0617060.exe -> Adware.SystemDoctor : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP585\A0617059.exe -> Adware.WinFixer : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7507739F-BC2E-4DC3-B233-816783C25DC9} -> Downloader.Delf : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{826B2228-BC09-49F2-B5F8-42CE26B1B712} -> Downloader.Delf : Ignoré.
C:\WINDOWS\system32\1024 -> Trojan.Small : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\kernel32.dll -> Trojan.Small : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} -> Trojan.Zapchast : Ignoré.
Fin du rapport
qu'en pensez vous?
ca grouille ou pas??
merci d'avance
j'ai un pote qui a des petits soucis avec son pc, j'ai regardé vite fait et a priori il y a des bebetes dedans...
voici un rapport Hijack et un rapport d'AVG as:
HIJACK:
Logfile of HijackThis v1.99.1
Scan saved at 18:13:49, on 03/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\protection PC\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: (no name) - {479fd0cf-5be9-4c63-8cda-b6d371c67bd5} - (no file)
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O15 - Trusted Zone: *.coolwebsearch.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{F709DB82-5DFD-4AEF-B045-2027C362CE7D}: NameServer = 84.103.237.146 86.64.145.146
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: fairydom - {5839511e-ec1b-4f91-ace3-fb88e52f5239} - (no file)
O21 - SSODL: ferrateen - {27321538-5739-4aa1-b84c-7d18e4383f1f} - (no file)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SC Test Branding Service 1 - Unknown owner - C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (file missing)
AVGas:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 18:10:33 03/04/2007
+ Résultat de l'analyse:
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP601\A0618549.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP601\A0618550.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP609\A0618765.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP610\A0618866.exe -> Adware.Casino : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP610\A0618876.exe -> Adware.Casino : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{016859C2-97B6-45FC-816B-A3B91BA10A0F} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{03713ADE-819C-43D9-B138-67828D4C0405} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{0BDF8F38-347C-4810-BDA6-2F85C1050B26} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{18A1A6BB-8AE3-47E3-B9D4-75ABFE0CAC03} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{2D1254A1-4A1A-4339-9DE5-D05CADD5C44C} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{2F34C08C-E0AF-4EB2-AFCF-3A13DC489FA6} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{49D486E8-1932-492D-B1BD-B4D638BEBD84} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{49E2EB9D-A5E6-450E-9708-251876BF3E7F} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{68C625EA-B8E3-4FC1-9F6E-8A1B50AA9C8C} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{6F821290-E277-4F87-B4BD-AE48564EF21D} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{9BA6B541-EB04-44C9-9156-9573DB5345A5} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{A8718256-70C8-4914-8F64-B8B9C1A64AAA} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{C3A42538-303B-4541-915D-C79AD9C75EB8} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{C48AE974-0D27-47D6-A3E9-881CF3301F72} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{DA02B168-8841-4248-BF22-67E2EC5958C3} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\Interface\{E505FB9B-6CB3-44C5-9F0E-B01121076CC9} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Classes\TypeLib\{00B3D2B1-1EAD-4611-A348-9ECBC4C565A7} -> Adware.Generic : Ignoré.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{479fd0cf-5be9-4c63-8cda-b6d371c67bd5} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{202A961F-23AE-42B1-9505-FFE3C818D717} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{479FD0CF-5BE9-4C63-8CDA-B6D371C67BD5} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BF5B8FC-11CB-409F-8C91-4D4CA04A1B6D} -> Adware.Generic : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP586\A0617157.exe -> Adware.SpywareQuake : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP585\A0617060.exe -> Adware.SystemDoctor : Ignoré.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP585\A0617059.exe -> Adware.WinFixer : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7507739F-BC2E-4DC3-B233-816783C25DC9} -> Downloader.Delf : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{826B2228-BC09-49F2-B5F8-42CE26B1B712} -> Downloader.Delf : Ignoré.
C:\WINDOWS\system32\1024 -> Trojan.Small : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\kernel32.dll -> Trojan.Small : Ignoré.
HKU\S-1-5-21-3703371365-2820305782-1947112851-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} -> Trojan.Zapchast : Ignoré.
Fin du rapport
qu'en pensez vous?
ca grouille ou pas??
merci d'avance
A voir également:
- Analyse hijack
- Analyse composant pc - Guide
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Analyse performance pc - Guide
- Échec de l'analyse antivirus. ✓ - Forum Antivirus
- Hijack this - Télécharger - Antivirus & Antimalwares
4 réponses
La prochaine fois, lance une analyse en ligne du log de hijack sur :
http://www.hijackthis.de/fr
à effacer (cf le site), 03 - toolbar ; 015- trustedzone ; les deux 021 - fairydom et ferrateen
Ensuite, met à jour avast! et fais-le tourner puis installe aussi spybot (dans télécharger de ce site), met le à jour et lance-le.
Ca devrait suffire.
http://www.hijackthis.de/fr
à effacer (cf le site), 03 - toolbar ; 015- trustedzone ; les deux 021 - fairydom et ferrateen
Ensuite, met à jour avast! et fais-le tourner puis installe aussi spybot (dans télécharger de ce site), met le à jour et lance-le.
Ca devrait suffire.
