Virus et spyware de type spm/lx dans mon pc
bellasabrina
Messages postés
4
Statut
Membre
-
bellasabrina Messages postés 4 Statut Membre -
bellasabrina Messages postés 4 Statut Membre -
Bonjour,
Je suis nouvelle je me présente je suis sabrina, j'ai 23an, j'ai attrapé un méchant virus dans mon pc, il ralenti ainsi que ma connection, j'ai passé un coup de avast et spybot mais rien n'y fait. Je recois plein de site pour des pub notamment pour télécharger des antispyware et spybot.
Je vais devenir folle;lol, je poste le rapport hijackthis kiss a vous, vous permettrez au moins que je garde les derniers cheveux qui reste sur ma tete lol. merci d'aavance
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\qwquxdye.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\A-J\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://link0777.com/...
R3 - URLSearchHook: (no name) - {38B9494E-9D96-4002-B05F-2D0685EB408C} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\SYSTEM32\xpuxsfrj.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [1c94e098] rundll32.exe "C:\WINDOWS\system32\bqnxqtgt.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows Services] Spool32x.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [System Registry Settings] regedit.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows RPC Service] RPC32.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows System Gateway ] SPOOLER.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [EXPLORER MICROSOFT SYSTEM] task.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunServices: [Windows RPC Service] RPC32.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunServices: [Windows RPC Service] RPC32.exe (User 'Default user')
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: FreeBot.lnk = C:\Program Files\FreeBot\freebot.exe
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .3gp: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = chambre
O17 - HKLM\Software\..\Telephony: DomainName = chambre
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c009CF79.dat
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe (file missing)
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Je suis nouvelle je me présente je suis sabrina, j'ai 23an, j'ai attrapé un méchant virus dans mon pc, il ralenti ainsi que ma connection, j'ai passé un coup de avast et spybot mais rien n'y fait. Je recois plein de site pour des pub notamment pour télécharger des antispyware et spybot.
Je vais devenir folle;lol, je poste le rapport hijackthis kiss a vous, vous permettrez au moins que je garde les derniers cheveux qui reste sur ma tete lol. merci d'aavance
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\qwquxdye.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\A-J\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://link0777.com/...
R3 - URLSearchHook: (no name) - {38B9494E-9D96-4002-B05F-2D0685EB408C} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\SYSTEM32\xpuxsfrj.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [1c94e098] rundll32.exe "C:\WINDOWS\system32\bqnxqtgt.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows Services] Spool32x.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [System Registry Settings] regedit.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows RPC Service] RPC32.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows System Gateway ] SPOOLER.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [EXPLORER MICROSOFT SYSTEM] task.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunServices: [Windows RPC Service] RPC32.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunServices: [Windows RPC Service] RPC32.exe (User 'Default user')
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: FreeBot.lnk = C:\Program Files\FreeBot\freebot.exe
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .3gp: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = chambre
O17 - HKLM\Software\..\Telephony: DomainName = chambre
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c009CF79.dat
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe (file missing)
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
A voir également:
- Virus et spyware de type spm/lx dans mon pc
- Mon pc est lent - Guide
- Plus de son sur mon pc - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Forcer demarrage pc - Guide
4 réponses
Coucou Sabrina,
Tu es énormément infectée...
Mais ne t'inquiètes pas, on est là pour t'aider :)
Suis mon tutoriel à la lettre :
http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr
Courage,
Kris
Tu es énormément infectée...
Mais ne t'inquiètes pas, on est là pour t'aider :)
Suis mon tutoriel à la lettre :
http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr
Courage,
Kris
ca y'est j'ai fait ce que tu m'as demandé
voila le rapport de avg anti spyware
C:\Program Files\MaxSpeed -> Adware.SideFind : Aucune action entreprise.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MFEW4LPH\dl[1].exe -> Downloader.Agent.il : Aucune action entreprise.
C:\WINDOWS\system32\sysdl132.exe -> Downloader.BHO.bo : Aucune action entreprise.
C:\Documents and Settings\lol\Application Data\__c007FC87.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Application Data\__c00B87A4.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Application Data\__c00D33F3.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temp\brpclubp.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temp\hforooho.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temp\kvxdsisj.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temp\ocrwnyvi.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temp\rijwpqvv.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temporary Internet Files\Content.IE5\I1ECA5I4\mosx1024[1] -> Downloader.ConHook.hl : Aucune action entreprise.
C:\WINDOWS\system32\__c009CF79.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\WINDOWS\system32\bcgbcdgv.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\WINDOWS\system32\dhbfjaxh.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\WINDOWS\system32\hiklrlag.dll -> Downloader.ConHook.hl : Aucune action entreprise.
[3084] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[3120] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[3160] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[3196] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[3316] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[3376] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[348] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0288983.dll -> Downloader.Small.ddy : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@112.2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@divx.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@3.adbrite[1].txt -> TrackingCookie.Adbrite : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@adtech[1].txt -> TrackingCookie.Adtech : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@advertising[2].txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@adviva[1].txt -> TrackingCookie.Adviva : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@casalemedia[2].txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@ehg-deltatre.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@statcounter[1].txt -> TrackingCookie.Statcounter : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@tacoda[2].txt -> TrackingCookie.Tacoda : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@m.webtrends[2].txt -> TrackingCookie.Webtrends : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
voila le rapport de avg anti spyware
C:\Program Files\MaxSpeed -> Adware.SideFind : Aucune action entreprise.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MFEW4LPH\dl[1].exe -> Downloader.Agent.il : Aucune action entreprise.
C:\WINDOWS\system32\sysdl132.exe -> Downloader.BHO.bo : Aucune action entreprise.
C:\Documents and Settings\lol\Application Data\__c007FC87.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Application Data\__c00B87A4.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Application Data\__c00D33F3.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temp\brpclubp.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temp\hforooho.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temp\kvxdsisj.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temp\ocrwnyvi.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temp\rijwpqvv.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\Documents and Settings\lol\Local Settings\Temporary Internet Files\Content.IE5\I1ECA5I4\mosx1024[1] -> Downloader.ConHook.hl : Aucune action entreprise.
C:\WINDOWS\system32\__c009CF79.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\WINDOWS\system32\bcgbcdgv.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\WINDOWS\system32\dhbfjaxh.dll -> Downloader.ConHook.hl : Aucune action entreprise.
C:\WINDOWS\system32\hiklrlag.dll -> Downloader.ConHook.hl : Aucune action entreprise.
[3084] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[3120] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[3160] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[3196] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[3316] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[3376] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
[348] C:\WINDOWS\system32\__c00B4A29.dat -> Downloader.ConHook.hl : Aucune action entreprise.
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0288983.dll -> Downloader.Small.ddy : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@112.2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@divx.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@3.adbrite[1].txt -> TrackingCookie.Adbrite : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@adtech[1].txt -> TrackingCookie.Adtech : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@advertising[2].txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@adviva[1].txt -> TrackingCookie.Adviva : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@casalemedia[2].txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@ehg-deltatre.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\A-J\Cookies\a-j@smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@statcounter[1].txt -> TrackingCookie.Statcounter : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@tacoda[2].txt -> TrackingCookie.Tacoda : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@m.webtrends[2].txt -> TrackingCookie.Webtrends : Aucune action entreprise.
C:\Documents and Settings\lol\Cookies\lol@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
rapport de bit defender online
C:\Documents and Settings\lol\Local Settings\Temp\hddyuggg.exe
Infected with: Trojan.Fotomoto.F
C:\Documents and Settings\lol\Local Settings\Temp\hddyuggg.exe
Disinfection failed
C:\Documents and Settings\lol\Local Settings\Temp\hddyuggg.exe
Deleted
C:\Documents and Settings\lol\Local Settings\Temp\vwimjdvg.exe
Infected with: Trojan.Fotomoto.F
C:\Documents and Settings\lol\Local Settings\Temp\vwimjdvg.exe
Disinfection failed
C:\Documents and Settings\lol\Local Settings\Temp\vwimjdvg.exe
Deleted
C:\Documents and Settings\lol\Local Settings\Temporary Internet Files\Content.IE5\K9ID98CQ\pochki20071106[1]
Infected with: Trojan.Fotomoto.F
C:\Documents and Settings\lol\Local Settings\Temporary Internet Files\Content.IE5\K9ID98CQ\pochki20071106[1]
Disinfection failed
C:\Documents and Settings\lol\Local Settings\Temporary Internet Files\Content.IE5\K9ID98CQ\pochki20071106[1]
Deleted
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Feuilles.htm
Infected with: Win32.Worm.Allaple.A
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Feuilles.htm
Disinfection failed
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Feuilles.htm
Deleted
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Fiesta.htm
Infected with: Win32.Worm.Allaple.A
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Fiesta.htm
Disinfection failed
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Fiesta.htm
Deleted
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Glacier.htm
Infected with: Win32.Worm.Allaple.A
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Glacier.htm
Disinfection failed
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Glacier.htm
Deleted
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Lierre.htm
Infected with: Win32.Worm.Allaple.A
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Lierre.htm
Disinfection failed
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Lierre.htm
Deleted
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP554\A0286974.rbf
Infected with: Win32.Worm.Allaple.JF
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP554\A0286974.rbf
Disinfection failed
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP554\A0286974.rbf
Deleted
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289992.dll
Infected with: Trojan.Generic.70968
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289992.dll
Disinfection failed
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289992.dll
Deleted
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289993.dll
Infected with: Trojan.Generic.70968
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289993.dll
Disinfection failed
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289993.dll
Deleted
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289994.dll
Infected with: Trojan.Generic.70968
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289994.dll
Disinfection failed
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289994.dll
Deleted
C:\WINDOWS\system32\lhwjoont.exe
Infected with: Trojan.Fotomoto.F
C:\WINDOWS\system32\lhwjoont.exe
Disinfection failed
C:\WINDOWS\system32\lhwjoont.exe
Deleted
C:\WINDOWS\system32\qwquxdye.exe
Infected with: Trojan.Fotomoto.F
C:\WINDOWS\system32\qwquxdye.exe
Disinfection failed
C:\WINDOWS\system32\qwquxdye.exe
Deleted
C:\Documents and Settings\lol\Local Settings\Temp\hddyuggg.exe
Infected with: Trojan.Fotomoto.F
C:\Documents and Settings\lol\Local Settings\Temp\hddyuggg.exe
Disinfection failed
C:\Documents and Settings\lol\Local Settings\Temp\hddyuggg.exe
Deleted
C:\Documents and Settings\lol\Local Settings\Temp\vwimjdvg.exe
Infected with: Trojan.Fotomoto.F
C:\Documents and Settings\lol\Local Settings\Temp\vwimjdvg.exe
Disinfection failed
C:\Documents and Settings\lol\Local Settings\Temp\vwimjdvg.exe
Deleted
C:\Documents and Settings\lol\Local Settings\Temporary Internet Files\Content.IE5\K9ID98CQ\pochki20071106[1]
Infected with: Trojan.Fotomoto.F
C:\Documents and Settings\lol\Local Settings\Temporary Internet Files\Content.IE5\K9ID98CQ\pochki20071106[1]
Disinfection failed
C:\Documents and Settings\lol\Local Settings\Temporary Internet Files\Content.IE5\K9ID98CQ\pochki20071106[1]
Deleted
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Feuilles.htm
Infected with: Win32.Worm.Allaple.A
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Feuilles.htm
Disinfection failed
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Feuilles.htm
Deleted
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Fiesta.htm
Infected with: Win32.Worm.Allaple.A
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Fiesta.htm
Disinfection failed
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Fiesta.htm
Deleted
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Glacier.htm
Infected with: Win32.Worm.Allaple.A
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Glacier.htm
Disinfection failed
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Glacier.htm
Deleted
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Lierre.htm
Infected with: Win32.Worm.Allaple.A
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Lierre.htm
Disinfection failed
C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Lierre.htm
Deleted
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP554\A0286974.rbf
Infected with: Win32.Worm.Allaple.JF
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP554\A0286974.rbf
Disinfection failed
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP554\A0286974.rbf
Deleted
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289992.dll
Infected with: Trojan.Generic.70968
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289992.dll
Disinfection failed
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289992.dll
Deleted
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289993.dll
Infected with: Trojan.Generic.70968
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289993.dll
Disinfection failed
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289993.dll
Deleted
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289994.dll
Infected with: Trojan.Generic.70968
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289994.dll
Disinfection failed
C:\System Volume Information\_restore{5FD6E1D5-D1CF-4C7B-B9BA-3C8056D6D900}\RP557\A0289994.dll
Deleted
C:\WINDOWS\system32\lhwjoont.exe
Infected with: Trojan.Fotomoto.F
C:\WINDOWS\system32\lhwjoont.exe
Disinfection failed
C:\WINDOWS\system32\lhwjoont.exe
Deleted
C:\WINDOWS\system32\qwquxdye.exe
Infected with: Trojan.Fotomoto.F
C:\WINDOWS\system32\qwquxdye.exe
Disinfection failed
C:\WINDOWS\system32\qwquxdye.exe
Deleted
le rapport d'hijackthis après avoir désinfecté. merci cristophe t'es gentil
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\A-J\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://link0777.com/...
R3 - URLSearchHook: (no name) - {38B9494E-9D96-4002-B05F-2D0685EB408C} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [1c94e098] rundll32.exe "C:\WINDOWS\system32\bqnxqtgt.dll",b
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows Services] Spool32x.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [System Registry Settings] regedit.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows RPC Service] RPC32.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows System Gateway ] SPOOLER.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [EXPLORER MICROSOFT SYSTEM] task.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunServices: [Windows RPC Service] RPC32.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunServices: [Windows RPC Service] RPC32.exe (User 'Default user')
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: FreeBot.lnk = C:\Program Files\FreeBot\freebot.exe
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .3gp: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = chambre
O17 - HKLM\Software\..\Telephony: DomainName = chambre
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = chambre
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = chambre
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = chambre
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00B4A29.dat
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe (file missing)
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\A-J\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://link0777.com/...
R3 - URLSearchHook: (no name) - {38B9494E-9D96-4002-B05F-2D0685EB408C} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [1c94e098] rundll32.exe "C:\WINDOWS\system32\bqnxqtgt.dll",b
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows Services] Spool32x.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [System Registry Settings] regedit.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows RPC Service] RPC32.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows System Gateway ] SPOOLER.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [EXPLORER MICROSOFT SYSTEM] task.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunServices: [Windows RPC Service] RPC32.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunServices: [Windows RPC Service] RPC32.exe (User 'Default user')
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: FreeBot.lnk = C:\Program Files\FreeBot\freebot.exe
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .3gp: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = chambre
O17 - HKLM\Software\..\Telephony: DomainName = chambre
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = chambre
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = chambre
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = chambre
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00B4A29.dat
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe (file missing)
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
