Ordinateuur qui rame
Utilisateur anonyme
-
chaita Messages postés 3398 Statut Contributeur -
chaita Messages postés 3398 Statut Contributeur -
Bonjour,
Comme mon ordinateur rame beaucoup, et ouvre des fenêtres "set up" quand j'ouvre MSN ou Internet (une seule fois souvent 5 minutes après le démarrages), j'ai tenté de suivre le programme de désinfection sur le site.
Est ce quelqu'un pourrait me dire si je dois encore faire quelque chose suite à tous ces rapports???
merci d'avance!
Avec AVG
L'Analyse "Analyse complète" est terminée.
Infections;"1";"1";"0"
Dossiers sélectionnés pour l'analyse :;"Analyse complète"
Analyse démarrée :;"jeudi 26 mars 2009, 15:47:06"
Analyse terminée :;"jeudi 26 mars 2009, 20:00:43 (4 heure(s) 13 minute(s) 36 seconde(s))"
Total des objets analysés :;"970949"
Utilisateur ayant exécuté l'analyse :;"JIMMY"
Infections
Fichier;"Infection";"Résultat"
H:\Documents and Settings\JIMMY\Local Settings\Temp\UnDSS.exe;"Cheval de Troie : Generic7.QFC";"Placé en quarantaine"
Avertissements
Fichier;"Infection";"Résultat"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt;"Détection de : Tracking cookie.Webtrendslive ";"Réparé"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\2o7.net.1a96d4f1;"Détection de : Tracking cookie.2o7 ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\adtech.de.a9245469;"Détection de : Tracking cookie.Adtech ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\adtech.de.d551775e;"Détection de : Tracking cookie.Adtech ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\advertising.com.203aa218;"Détection de : Tracking cookie.Advertising ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\2o7.net.281e40b9;"Détection de : Tracking cookie.2o7 ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\atdmt.com.b3e33b5f;"Détection de : Tracking cookie.Atdmt ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\bluestreak.com.bf396750;"Détection de : Tracking cookie.Bluestreak ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\doubleclick.net.bf396750;"Détection de : Tracking cookie.Doubleclick ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\estat.com.efda7a5a;"Détection de : Tracking cookie.Estat ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\hitbox.com.2b95f8a3;"Détection de : Tracking cookie.Hitbox ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\mediaplex.com.323e9a10;"Détection de : Tracking cookie.Mediaplex ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\mediaplex.com.f652b123;"Détection de : Tracking cookie.Mediaplex ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\tradedoubler.com.35b38fe4;"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\perf.overture.com.610ef18d;"Détection de : Tracking cookie.Overture ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\serving-sys.com.2abb82a;"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\serving-sys.com.538be892;"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\serving-sys.com.e9c62e97;"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\statse.webtrendslive.com.5b3d1473;"Détection de : Tracking cookie.Webtrendslive ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\statse.webtrendslive.com.b4ca7df0;"Détection de : Tracking cookie.Webtrendslive ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\statse.webtrendslive.com.b4ca7df0;"Détection de : Tracking cookie.Webtrendslive ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\tradedoubler.com.904d6e71;"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\tradedoubler.com.eab0972e;"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\serving-sys.com.edf95199;"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\tradedoubler.com.f4648305;"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\weborama.fr.30104bcb;"Détection de : Tracking cookie.Weborama ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\zedo.com.775ee79c;"Détection de : Tracking cookie.Zedo ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\zedo.com.a5b6a132;"Détection de : Tracking cookie.Zedo ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\zedo.com.c1dd09f2;"Détection de : Tracking cookie.Zedo ";"Placé en quarantaine"
Avec Bit denfender:
BitDefender Online Scanner
Scan report generated at: Sun, Mar 29, 2009 - 04:21:33
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;
Statistics
Time
05:55:06
Files
693764
Folders
12428
Boot Sectors
0
Archives
9202
Packed Files
46255
Results
Identified Viruses
14
Infected Files
16
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
16
Engines Info
Virus Definitions
2815893
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
17
Archive plugins
45
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006
Detected with: Adware.Navipromo.AO
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006
Deleted
C:\WINDOWS\pack.epk=>(NSIS 2g)
Update failed
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0009
Infected with: Backdoor.Skinymes.Agent.A
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0009
Deleted
C:\WINDOWS\pack.epk=>(NSIS 2g)
Update failed
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0028=>(NSIS g)=>lzma_solid_nsis0005
Detected with: Adware.Navipromo.AO
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0028=>(NSIS g)=>lzma_solid_nsis0005
Deleted
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0028=>(NSIS g)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\ICD1.tmp\f3Setup1.exe
Infected with: Trojan.Funweb.A
H:\Documents and Settings\JIMMY\Local Settings\Temp\ICD1.tmp\f3Setup1.exe
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 6)
Infected with: Trojan.Dropper.Safeerr.A
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 6)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 7)
Detected with: Adware.Winfixer.N
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 7)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 8)
Infected with: Trojan.Ntrootkit.47
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 8)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 9)
Detected with: Adware.Errorsafe.D
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 9)
Disinfection failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 9)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 10)
Detected with: Application.Generic.8743
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 10)
Disinfection failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 10)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 11)
Detected with: Application.Generic.20767
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 11)
Disinfection failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 11)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 12)
Detected with: Application.Generic.27769
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 12)
Disinfection failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 12)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 13)
Detected with: Application.Generic.9810
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 13)
Disinfection failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 13)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 17)
Detected with: Adware.Errorsafe.N
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 17)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 19)
Detected with: Spyware.Winfixer.M
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 19)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 24)
Detected with: Adware.Errorsafe.B
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 24)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\System Volume Information\_restore{8F529B55-F531-4D55-8EB6-7FEAC614DE82}\RP15\A0004172.exe
Infected with: Trojan.Funweb.A
H:\System Volume Information\_restore{8F529B55-F531-4D55-8EB6-7FEAC614DE82}\RP15\A0004172.exe
Deleted
et avec HijackThis (je ne suis pas sûre del'avoir fait correctement car je ne comprend pas l'anglais)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:29, on 29/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\AVG\AVG8\aAvgApi.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - http://upload.wikimedia.org/wikipedia/commons/c/cd/Psi-logo.png
Comme mon ordinateur rame beaucoup, et ouvre des fenêtres "set up" quand j'ouvre MSN ou Internet (une seule fois souvent 5 minutes après le démarrages), j'ai tenté de suivre le programme de désinfection sur le site.
Est ce quelqu'un pourrait me dire si je dois encore faire quelque chose suite à tous ces rapports???
merci d'avance!
Avec AVG
L'Analyse "Analyse complète" est terminée.
Infections;"1";"1";"0"
Dossiers sélectionnés pour l'analyse :;"Analyse complète"
Analyse démarrée :;"jeudi 26 mars 2009, 15:47:06"
Analyse terminée :;"jeudi 26 mars 2009, 20:00:43 (4 heure(s) 13 minute(s) 36 seconde(s))"
Total des objets analysés :;"970949"
Utilisateur ayant exécuté l'analyse :;"JIMMY"
Infections
Fichier;"Infection";"Résultat"
H:\Documents and Settings\JIMMY\Local Settings\Temp\UnDSS.exe;"Cheval de Troie : Generic7.QFC";"Placé en quarantaine"
Avertissements
Fichier;"Infection";"Résultat"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt;"Détection de : Tracking cookie.Webtrendslive ";"Réparé"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\2o7.net.1a96d4f1;"Détection de : Tracking cookie.2o7 ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\adtech.de.a9245469;"Détection de : Tracking cookie.Adtech ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\adtech.de.d551775e;"Détection de : Tracking cookie.Adtech ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\advertising.com.203aa218;"Détection de : Tracking cookie.Advertising ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\2o7.net.281e40b9;"Détection de : Tracking cookie.2o7 ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\atdmt.com.b3e33b5f;"Détection de : Tracking cookie.Atdmt ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\bluestreak.com.bf396750;"Détection de : Tracking cookie.Bluestreak ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\doubleclick.net.bf396750;"Détection de : Tracking cookie.Doubleclick ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\estat.com.efda7a5a;"Détection de : Tracking cookie.Estat ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\hitbox.com.2b95f8a3;"Détection de : Tracking cookie.Hitbox ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\mediaplex.com.323e9a10;"Détection de : Tracking cookie.Mediaplex ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\mediaplex.com.f652b123;"Détection de : Tracking cookie.Mediaplex ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\tradedoubler.com.35b38fe4;"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\perf.overture.com.610ef18d;"Détection de : Tracking cookie.Overture ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\serving-sys.com.2abb82a;"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\serving-sys.com.538be892;"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\serving-sys.com.e9c62e97;"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\statse.webtrendslive.com.5b3d1473;"Détection de : Tracking cookie.Webtrendslive ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\statse.webtrendslive.com.b4ca7df0;"Détection de : Tracking cookie.Webtrendslive ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\statse.webtrendslive.com.b4ca7df0;"Détection de : Tracking cookie.Webtrendslive ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\tradedoubler.com.904d6e71;"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\tradedoubler.com.eab0972e;"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\serving-sys.com.edf95199;"Détection de : Tracking cookie.Serving-sys ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\tradedoubler.com.f4648305;"Détection de : Tracking cookie.Tradedoubler ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\weborama.fr.30104bcb;"Détection de : Tracking cookie.Weborama ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\zedo.com.775ee79c;"Détection de : Tracking cookie.Zedo ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\zedo.com.a5b6a132;"Détection de : Tracking cookie.Zedo ";"Placé en quarantaine"
H:\Documents and Settings\JIMMY\Application Data\Mozilla\Firefox\Profiles\w4gb5896.default\cookies.txt:\zedo.com.c1dd09f2;"Détection de : Tracking cookie.Zedo ";"Placé en quarantaine"
Avec Bit denfender:
BitDefender Online Scanner
Scan report generated at: Sun, Mar 29, 2009 - 04:21:33
Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;
Statistics
Time
05:55:06
Files
693764
Folders
12428
Boot Sectors
0
Archives
9202
Packed Files
46255
Results
Identified Viruses
14
Infected Files
16
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
16
Engines Info
Virus Definitions
2815893
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
17
Archive plugins
45
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006
Detected with: Adware.Navipromo.AO
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006
Deleted
C:\WINDOWS\pack.epk=>(NSIS 2g)
Update failed
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0009
Infected with: Backdoor.Skinymes.Agent.A
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0009
Deleted
C:\WINDOWS\pack.epk=>(NSIS 2g)
Update failed
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0028=>(NSIS g)=>lzma_solid_nsis0005
Detected with: Adware.Navipromo.AO
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0028=>(NSIS g)=>lzma_solid_nsis0005
Deleted
C:\WINDOWS\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0028=>(NSIS g)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\ICD1.tmp\f3Setup1.exe
Infected with: Trojan.Funweb.A
H:\Documents and Settings\JIMMY\Local Settings\Temp\ICD1.tmp\f3Setup1.exe
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 6)
Infected with: Trojan.Dropper.Safeerr.A
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 6)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 7)
Detected with: Adware.Winfixer.N
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 7)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 8)
Infected with: Trojan.Ntrootkit.47
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 8)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 9)
Detected with: Adware.Errorsafe.D
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 9)
Disinfection failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 9)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 10)
Detected with: Application.Generic.8743
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 10)
Disinfection failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 10)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 11)
Detected with: Application.Generic.20767
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 11)
Disinfection failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 11)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 12)
Detected with: Application.Generic.27769
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 12)
Disinfection failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 12)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 13)
Detected with: Application.Generic.9810
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 13)
Disinfection failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 13)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 17)
Detected with: Adware.Errorsafe.N
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 17)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 19)
Detected with: Spyware.Winfixer.M
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 19)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 24)
Detected with: Adware.Errorsafe.B
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)=>(Instyler Module 24)
Deleted
H:\Documents and Settings\JIMMY\Local Settings\Temp\~ErrorSafeScannerSetup.exe=>(Instyler o)
Update failed
H:\System Volume Information\_restore{8F529B55-F531-4D55-8EB6-7FEAC614DE82}\RP15\A0004172.exe
Infected with: Trojan.Funweb.A
H:\System Volume Information\_restore{8F529B55-F531-4D55-8EB6-7FEAC614DE82}\RP15\A0004172.exe
Deleted
et avec HijackThis (je ne suis pas sûre del'avoir fait correctement car je ne comprend pas l'anglais)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:29, on 29/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\AVG\AVG8\aAvgApi.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - http://upload.wikimedia.org/wikipedia/commons/c/cd/Psi-logo.png
A voir également:
- Ordinateuur qui rame
- Pc qui rame - Guide
- Comment nettoyer un mac qui rame - Guide
- Facebook rame ✓ - Forum Facebook
- Pc lenovo neuf qui rame - Forum PC portable
- Chrome rame pour Facebook ✓ - Forum Google Chrome
