Virus inconnue
Eric
-
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
Bonsoir à tt le monde,
J'ai mon pc qui rame comme il n'est pas permis.
J'ai désactivé tous les programmes au démarrage sauf AVG et AVG anti-spyware.
Je rapporte ci-dessous les logs de AVG anti spyware et Hijackthis.
Je vous remercie de m'aider à identifier si une infection dû à un spy-ware où un virus est responsable de la lenteur du PC.
Logfile of HijackThis v1.99.1
Scan saved at 19:20:56, on 24/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\csrss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
I:\PROGRA~1\Grisoft\AVG7\avgcc.exe
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
I:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
I:\PROGRA~1\Grisoft\AVG7\avgwb.dat
I:\PROGRA~1\Grisoft\AVG7\avgemc.exe
I:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
I:\Program Files\Spyware Doctor\svcntaux.exe
I:\Program Files\Spyware Doctor\swdsvc.exe
I:\WINDOWS\system32\svchost.exe
I:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\WINDOWS\system32\wbem\wmiapsrv.exe
I:\WINDOWS\System32\alg.exe
I:\PROGRA~1\Mozilla Firefox\firefox.exe
I:\Program Files\iPod\bin\iPodService.exe
I:\PROGRA~1\MOZILL~2\THUNDE~1.EXE
I:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
I:\WINDOWS\system32\wbem\wmiprvse.exe
I:\Program Files\Alwil Software\Avast4\setup\avast.setup
I:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - I:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - I:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - I:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - I:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - I:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - I:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - I:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - I:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - I:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - I:\Program Files\Multi_Media_France\tbMult.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] I:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O8 - Extra context menu item: &Windows Live Search - res://I:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://I:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://I:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?760fdaabb2554d82b72edc274e0de837
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://I:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?760fdaabb2554d82b72edc274e0de837
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: i:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\avgfwafu.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - I:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - I:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - I:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - I:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - I:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - I:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - I:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - I:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - I:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Diskeeper - Diskeeper Corporation - I:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - I:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - I:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - I:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:10:40 24/06/2007
+ Résultat de l'analyse:
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP116\A0032995.exe -> Adware.Casino : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP98\A0027082.exe -> Adware.Casino : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP130\A0035235.dll -> Adware.Lop : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP26\A0005013.exe -> Adware.Trymedia : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP26\A0006051.exe -> Adware.Trymedia : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP26\A0006052.exe -> Adware.Trymedia : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP35\A0009775.exe -> Adware.Trymedia : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP36\A0014937.exe -> Adware.Trymedia : Nettoyé.
:mozilla.27:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.28:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.75:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.76:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.77:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.78:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.31:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.51:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.30:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.21:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.22:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.23:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.24:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.89:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.36:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.48:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
I:\Documents and Settings\Ricou\Cookies\ricou@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.18:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.58:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.59:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP154\A0051836.exe -> Trojan.Obfuscated.en : Nettoyé et sauvegardé (mise en quarantaine).
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP154\A0051838.exe -> Trojan.Obfuscated.en : Nettoyé et sauvegardé (mise en quarantaine).
Fin du rapport
Merci pour votre aide.
ecco31
J'ai mon pc qui rame comme il n'est pas permis.
J'ai désactivé tous les programmes au démarrage sauf AVG et AVG anti-spyware.
Je rapporte ci-dessous les logs de AVG anti spyware et Hijackthis.
Je vous remercie de m'aider à identifier si une infection dû à un spy-ware où un virus est responsable de la lenteur du PC.
Logfile of HijackThis v1.99.1
Scan saved at 19:20:56, on 24/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\csrss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
I:\PROGRA~1\Grisoft\AVG7\avgcc.exe
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
I:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
I:\PROGRA~1\Grisoft\AVG7\avgwb.dat
I:\PROGRA~1\Grisoft\AVG7\avgemc.exe
I:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
I:\Program Files\Spyware Doctor\svcntaux.exe
I:\Program Files\Spyware Doctor\swdsvc.exe
I:\WINDOWS\system32\svchost.exe
I:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\WINDOWS\system32\wbem\wmiapsrv.exe
I:\WINDOWS\System32\alg.exe
I:\PROGRA~1\Mozilla Firefox\firefox.exe
I:\Program Files\iPod\bin\iPodService.exe
I:\PROGRA~1\MOZILL~2\THUNDE~1.EXE
I:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
I:\WINDOWS\system32\wbem\wmiprvse.exe
I:\Program Files\Alwil Software\Avast4\setup\avast.setup
I:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - I:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - I:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - I:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - I:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - I:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - I:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - I:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - I:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - I:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Multi_Media_France toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - I:\Program Files\Multi_Media_France\tbMult.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] I:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O8 - Extra context menu item: &Windows Live Search - res://I:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://I:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://I:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?760fdaabb2554d82b72edc274e0de837
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://I:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?760fdaabb2554d82b72edc274e0de837
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: i:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: i:\windows\system32\avgfwafu.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - I:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - I:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - I:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - I:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - I:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - I:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - I:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - I:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - I:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Diskeeper - Diskeeper Corporation - I:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - I:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - I:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - I:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:10:40 24/06/2007
+ Résultat de l'analyse:
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP116\A0032995.exe -> Adware.Casino : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP98\A0027082.exe -> Adware.Casino : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP130\A0035235.dll -> Adware.Lop : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP26\A0005013.exe -> Adware.Trymedia : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP26\A0006051.exe -> Adware.Trymedia : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP26\A0006052.exe -> Adware.Trymedia : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP35\A0009775.exe -> Adware.Trymedia : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP36\A0014937.exe -> Adware.Trymedia : Nettoyé.
:mozilla.27:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.28:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.75:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.76:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.77:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.78:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.31:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.51:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.30:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.21:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.22:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.23:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.24:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.89:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.36:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.48:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
I:\Documents and Settings\Ricou\Cookies\ricou@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.18:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.58:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.59:I:\Documents and Settings\Ricou\Application Data\Mozilla\Firefox\Profiles\tb2kodqw.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP154\A0051836.exe -> Trojan.Obfuscated.en : Nettoyé et sauvegardé (mise en quarantaine).
I:\System Volume Information\_restore{E70FC323-3C47-4857-8D24-3ED5E2D8E08B}\RP154\A0051838.exe -> Trojan.Obfuscated.en : Nettoyé et sauvegardé (mise en quarantaine).
Fin du rapport
Merci pour votre aide.
ecco31
A voir également:
- Virus inconnue
- Virus mcafee - Accueil - Piratage
- Appeler en inconnue - Guide
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
