Rapports après analyse Fermé

Question

Bonjour à tous,

J'ai depuis quelques temps de nombreuses fenêtres de publicités qui viennent s'afficher sur mon écran avec un gros ralentissement du pc.
J'ai suivis la procédure indiqué sur ce site et je vous fais parvenir aujourd'hui les rapports qu'il en ressort : 

Rapport AVG anti-spyware

ArchiveData(auto-quarantine- 2007-05-15 19-49-53.bckp)
Referencefile : SE1R170 14.05.2007
======================================================

MRU LIST
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=MRU FileReference : C:\Documents and Settings\Arnaudecent\Desktop.ini
obj[2]=MRU RegReference : software\microsoft\directdraw\mostrecentapplication name
obj[3]=MRU RegReference : S-1-5-21-1715567821-1563985344-725345543-1004\software\microsoft\internet explorer download directory
obj[4]=MRU RegReference : S-1-5-21-1715567821-1563985344-725345543-1004\software\microsoft\internet explorer	ypedurls
obj[5]=MRU RegReference : S-1-5-21-1715567821-1563985344-725345543-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru\*
obj[6]=MRU RegReference : S-1-5-21-1715567821-1563985344-725345543-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru\exe
obj[8]=MRU RegReference : S-1-5-21-1715567821-1563985344-725345543-1004\software\microsoft\windows\currentversion\explorerunmru
obj[9]=MRU RegReference : .DEFAULT\software\microsoft\windows media\wmsdk\general computername
obj[10]=MRU RegReference : S-1-5-18\software\microsoft\windows media\wmsdk\general computername

ALEXA
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[9]=Regkey : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
obj[10]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "MenuStatusBar"
obj[11]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "Script"
obj[12]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "clsid"
obj[13]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "Icon"
obj[14]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "HotIcon"
obj[15]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "ButtonText"
obj[16]=RegValue : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
obj[17]=RegValue : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
obj[18]=RegValue : S-1-5-21-1715567821-1563985344-725345543-1004\software\microsoft\internet explorer\extensions\cmdmapping "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"

TRACKING COOKIE
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[19]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@doubleclick[1].txt
obj[20]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@ehg-neuftelecom.hitbox[1].txt
obj[21]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@fastclick[1].txt
obj[22]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@hitbox[2].txt
obj[23]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@mediaplex[1].txt
obj[24]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@msnportal.112.2o7[1].txt
obj[25]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@overture[1].txt
obj[26]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@perf.overture[1].txt
obj[27]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@stats1.reliablestats[1].txt
obj[28]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@weborama[2].txt
obj[29]=IECache Entry : C:\Documents and Settings\Arnaud\Cookies\arnaud@www.smartadserver[1].txt

Helby · Answer

Rapport BitDefender :

BitDefender Online Scanner
Scan report generated at: Sat, Sep 01, 2007 - 00:56:16
Scan path: C:\;D:\;E:\;
Statistics
Time
00:42:59
Files
136287
Folders
 2817
 Boot Sectors
 2
 Archives
 2350
 Packed Files
 7346
  
Results
 Identified Viruses 
 15
 Infected Files 
 57
 Suspect Files 
 0
 Warnings
 0
 Disinfected
 0
 Deleted Files
 55
  
Engines Info
 
Virus Definitions
 750857
 
Engine build
 AVCORE v1.0 (build 2411) (i386) (Jul 9 2007 12:10:22)
 
Scan plugins
 14
 
Archive plugins
 38
 
Unpack plugins
 6
 
E-mail plugins
 6
 
System plugins
 1
  
Scan Settings
 
First Action
 Disinfect
 
Second Action
 Delete
 
Heuristics
 Yes
 
Enable Warnings
 Yes
 
Scanned Extensions
 *;
 
Exclude Extensions
  
 
Scan Emails
 Yes
 
Scan Archives
 Yes
 
Scan Packed
 Yes
 
Scan Files
 Yes
 
Scan Boot
 Yes
  
  Scanned File
  Status
 
C:\Documents and Settings\Arnaud\Local Settings\Temp	mp2F.tmp.exe
 Infected with: MemScan:Trojan.Fotomoto.A
 
C:\Documents and Settings\Arnaud\Local Settings\Temp	mp2F.tmp.exe
 Disinfection failed
 
C:\Documents and Settings\Arnaud\Local Settings\Temp	mp2F.tmp.exe
 Delete failed
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP158\A0012322.dll
 Infected with: Trojan.BHO.Agent.E
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP158\A0012322.dll
 Disinfection failed
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP158\A0012322.dll
 Deleted
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP172\A0014369.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP172\A0014369.dll
 Disinfection failed
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP172\A0014369.dll
 Deleted
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP173\A0014589.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP173\A0014589.dll
 Disinfection failed
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP173\A0014589.dll
 Deleted
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP177\A0014997.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP177\A0014997.dll
 Disinfection failed
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP177\A0014997.dll
 Deleted
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP186\A0018624.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP186\A0018624.dll
 Disinfection failed
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP186\A0018624.dll
 Deleted
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP186\A0018788.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP186\A0018788.dll
 Disinfection failed
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP186\A0018788.dll
 Deleted
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP187\A0018973.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP187\A0018973.dll
 Disinfection failed
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP187\A0018973.dll
 Deleted
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP188\A0019243.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP188\A0019243.dll
 Disinfection failed
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP188\A0019243.dll
 Deleted
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP198\A0019938.exe
 Infected with: MemScan:Trojan.Dropper.Agent.BON
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP198\A0019938.exe
 Disinfection failed
 
C:\System Volume Information\_restore{28DADBA1-3FAE-4C5C-9FF2-59A109E52AF4}\RP198\A0019938.exe
 Deleted
 
C:\WINDOWS\awusqq.dll
 Infected with: Trojan.Virtumod.JE
 
C:\WINDOWS\awusqq.dll
 Disinfection failed
 
C:\WINDOWS\awusqq.dll
 Deleted
 
C:\WINDOWS\jkkhhe.dll
 Infected with: Trojan.Vundo.DMO
 
C:\WINDOWS\jkkhhe.dll
 Deleted
 
C:\WINDOWS\mlkjhi.dll
 Infected with: Trojan.Vundo.DMK
 
C:\WINDOWS\mlkjhi.dll
 Disinfection failed
 
C:\WINDOWS\mlkjhi.dll
 Deleted
 
C:\WINDOWS\system32\dspdit.dll
 Infected with: Trojan.Downloader.ConHook.AI
 
C:\WINDOWS\system32\dspdit.dll
 Disinfection failed
 
C:\WINDOWS\system32\dspdit.dll
 Delete failed
 
C:\WINDOWS\system32\sstqr.exe
 Infected with: MemScan:Trojan.Downloader.ConHook.AJ
 
C:\WINDOWS\system32\sstqr.exe
 Disinfection failed
 
C:\WINDOWS\system32\sstqr.exe
 Deleted
 
C:\WINDOWS\system32	mp120.tmp.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\WINDOWS\system32	mp120.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp120.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp1D.tmp.dll
 Infected with: MemScan:Trojan.Agent.AADI
 
C:\WINDOWS\system32	mp1D.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp1D.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp1E.tmp.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\WINDOWS\system32	mp1E.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp1E.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp2.tmp.dll
 Infected with: Trojan.BHO.BQ
 
C:\WINDOWS\system32	mp2.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp2.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp20.tmp.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\WINDOWS\system32	mp20.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp20.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp22.tmp.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\WINDOWS\system32	mp22.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp22.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp24.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp24.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp27.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp27.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp2B.tmp.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\WINDOWS\system32	mp2B.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp2B.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp31.tmp.dll
 Infected with: Trojan.BHO.BQ
 
C:\WINDOWS\system32	mp31.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp31.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp34.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mp34.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp34.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp35.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mp35.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp35.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp36.tmp.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\WINDOWS\system32	mp36.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp36.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp37.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp37.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp37.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp3B.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp3B.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp42.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mp42.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp42.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp43.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp43.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp46.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp46.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp4E.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mp4E.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp4E.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp4F.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mp4F.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp4F.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp51.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp51.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp52.tmp.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\WINDOWS\system32	mp52.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp52.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp53.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mp53.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp53.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp5D.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp5D.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp60.tmp.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\WINDOWS\system32	mp60.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp60.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp61.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mp61.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp61.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp63.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mp63.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp63.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp65.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp65.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp68.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mp68.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp68.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp6D.tmp.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\WINDOWS\system32	mp6D.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp6D.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp70.tmp.dll
 Infected with: MemScan:Trojan.Agent.AADI
 
C:\WINDOWS\system32	mp70.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp70.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp71.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp71.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp74.tmp.dll
 Infected with: MemScan:Trojan.Agent.AADI
 
C:\WINDOWS\system32	mp74.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp74.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp78.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp78.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp7A.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mp7A.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp7A.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mp7C.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mp7C.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mp7C.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mpB.tmp.dll
 Infected with: MemScan:Trojan.Juan.G
 
C:\WINDOWS\system32	mpB.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mpB.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mpB5.tmp.dll
 Infected with: Trojan.BHO.BQ
 
C:\WINDOWS\system32	mpB5.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mpB5.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mpC.tmp.dll
 Infected with: MemScan:Trojan.BHO.BX
 
C:\WINDOWS\system32	mpC.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mpC.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mpC0.tmp.dll
 Infected with: MemScan:Trojan.Juan.V
 
C:\WINDOWS\system32	mpC0.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mpC1.tmp.dll
 Infected with: Trojan.Juan.U
 
C:\WINDOWS\system32	mpC1.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mpC1.tmp.dll
 Deleted
 
C:\WINDOWS\system32	mpC6.tmp.dll
 Infected with: MemScan:Trojan.Virtumod.AMD
 
C:\WINDOWS\system32	mpC6.tmp.dll
 Disinfection failed
 
C:\WINDOWS\system32	mpC6.tmp.dll
 Deleted

Helby · Answer

Rapport HijackThis :

Logfile of HijackThis v1.99.1
Scan saved at 08:36:55, on 01/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\DOCUME~1\Arnaud\LOCALS~1\Temp	mp2F.tmp.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {19851254-b0b7-42c2-a36d-d2c188dee67d} - C:\WINDOWS\system32\dspdit.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {E2EE5C44-C66D-499d-BEAE-A2A79189A63A} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE PLEOMAX Web Camera
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Readereader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{855A2041-735A-4247-9F04-29DF95572D07}: NameServer = 208.67.222.222,208.67.222.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0F4B043-5AAA-4520-B1A4-50E441CA92B3}: NameServer = 208.67.222.222,208.67.222.220
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dspdit - C:\WINDOWS\SYSTEM32\dspdit.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - Unknown owner - C:\DOCUME~1\Arnaud\LOCALS~1\Temp	mp2F.tmp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

Helby · Answer

Pour information après toutes cette analyse j'ai toujours beaucoup de pub qui s'affichent.

Merci d'avance pour votre aide car cela devient très penible à la longue :-)

Helby · Answer

up

Rapports après analyse

4 réponses

Discussions similaires