PC qui ralentit a vu d'oeil
Résolu
Silklash
-
Silklash Messages postés 48 Statut Membre -
Silklash Messages postés 48 Statut Membre -
Bonjour,
Mon PC est de plus en plus lent.... Maintenant même ouvrir une page https://www.commentcamarche.net/ prend 2 minute... j'ai passer Ccleaner, AVG Anti-spyware, BitDefender-online et un coup de Hijack pour finir
ps: je note quand meme une amelioration apres avoir un peu nettoyer mon pc (mais il est toujours lent)
Voila les rapport
Rapport d'AVG
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:54 2008-06-13
+ Résultat de l'analyse:
[1496] VM_13140000 -> Backdoor.Bandok.bd : Aucune action entreprise.
[160] VM_13140000 -> Backdoor.Bandok.bd : Aucune action entreprise.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Télécharger des logiciels.exe -> Backdoor.Hupigon.bnca : Aucune action entreprise.
C:\Documents and Settings\Parents\Bureau\Télécharger des logiciels.exe -> Backdoor.Hupigon.bnca : Aucune action entreprise.
C:\WINDOWS\system32\jfiehayd.dll -> Downloader.Agent.lxt : Aucune action entreprise.
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000343.com -> Dropper.Agent.nin : Aucune action entreprise.
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000344.com -> Dropper.Agent.nin : Aucune action entreprise.
C:\QooBox\Quarantine\C\WINDOWS\system32\ntpl.bin.vir -> Dropper.Agent.sbe : Aucune action entreprise.
C:\QooBox\Quarantine\C\d.exe.vir -> Dropper.Agent.sbe : Aucune action entreprise.
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000007.exe -> Dropper.Agent.sbe : Aucune action entreprise.
:mozilla.91:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.92:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.93:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.152:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.156:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.121:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.122:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.123:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.124:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adviva : Aucune action entreprise.
:mozilla.120:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@atdmt[1].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.105:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.26:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.114:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.115:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.116:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@connextra[1].txt -> TrackingCookie.Connextra : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.237:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.215:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.229:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@ivwbox[1].txt -> TrackingCookie.Ivwbox : Aucune action entreprise.
:mozilla.72:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.71:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@overture[1].txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.139:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.140:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.141:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.142:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.143:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.144:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.145:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.173:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.174:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.175:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.176:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.177:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.190:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.243:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Trafic : Aucune action entreprise.
:mozilla.54:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.55:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.56:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.18:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.19:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.125:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Webtrends : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@m.webtrends[2].txt -> TrackingCookie.Webtrends : Aucune action entreprise.
:mozilla.51:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.170:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.171:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\Program Files\Adverts\uninst.exe -> Trojan.Obfuscated.en : Aucune action entreprise.
Fin du rapport
Rapport BitDefender
C:\axer.exe
Infected with: Backdoor.Rustock.NDI
C:\axer.exe
Deleted
C:\d1.exe
Infected with: Trojan.Crypt.Delf.T
C:\d1.exe
Disinfection failed
C:\d1.exe
Deleted
C:\Program Files\Mozilla Firefox\install.exe
Infected with: Trojan.Retapu.D
C:\Program Files\Mozilla Firefox\install.exe
Disinfection failed
C:\Program Files\Mozilla Firefox\install.exe
Deleted
C:\QooBox\Quarantine\C\Program Files\Mozilla Firefox\patch.exe.vir
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\QooBox\Quarantine\C\Program Files\Mozilla Firefox\patch.exe.vir
Disinfection failed
C:\QooBox\Quarantine\C\Program Files\Mozilla Firefox\patch.exe.vir
Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\service.exe.vir
Infected with: Trojan.Crypt.Delf.T
C:\QooBox\Quarantine\C\WINDOWS\system32\service.exe.vir
Disinfection failed
C:\QooBox\Quarantine\C\WINDOWS\system32\service.exe.vir
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000003.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000003.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000003.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000008.exe
Infected with: Trojan.Crypt.Delf.T
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000008.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000008.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000338.exe=>(NSIS o)=>zlib_nsis0018
Infected with: Trojan.Generic.177970
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000338.exe=>(NSIS o)=>zlib_nsis0018
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000338.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>patch.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>patch.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>patch.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>install.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>install.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>install.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000368.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000368.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000368.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000370.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000370.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000370.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000372.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000372.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000372.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000373.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000373.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000373.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>patch.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>patch.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>patch.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>install.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>install.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>install.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000376.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000376.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000376.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000377.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000377.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000377.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000849.exe
Infected with: Trojan.FatObfus.2.Gen
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000849.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000849.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000850.dll
Infected with: Generic.Malware.dld!!.07071C2E
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000850.dll
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000850.dll
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000851.exe
Infected with: Backdoor.Rustock.NDI
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000851.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000852.exe
Infected with: Trojan.Crypt.Delf.T
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000852.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000852.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000853.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000853.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000853.exe
Deleted
C:\vuqs.exe
Infected with: Packer.Malware.Crypter.C
C:\vuqs.exe
Disinfection failed
C:\vuqs.exe
Deleted
C:\waxd.exe
Infected with: Trojan.Downloader.Tiny.NDU
C:\waxd.exe
Deleted
C:\WINDOWS\system32\aliceeadsl.exe
Infected with: Packer.Malware.Crypter.C
C:\WINDOWS\system32\aliceeadsl.exe
Disinfection failed
C:\WINDOWS\system32\aliceeadsl.exe
Deleted
Et le rapport HiJack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:06, on 2008-06-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [*aliceeadsl] C:\WINDOWS\system32\aliceeadsl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [aliceeadsl] C:\WINDOWS\system32\aliceeadsl.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0eb0e74a-2a76-4ab3-a7fb-9bd8c29f7f75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard (avg anti-spyware guard) - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
Mon PC est de plus en plus lent.... Maintenant même ouvrir une page https://www.commentcamarche.net/ prend 2 minute... j'ai passer Ccleaner, AVG Anti-spyware, BitDefender-online et un coup de Hijack pour finir
ps: je note quand meme une amelioration apres avoir un peu nettoyer mon pc (mais il est toujours lent)
Voila les rapport
Rapport d'AVG
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:54 2008-06-13
+ Résultat de l'analyse:
[1496] VM_13140000 -> Backdoor.Bandok.bd : Aucune action entreprise.
[160] VM_13140000 -> Backdoor.Bandok.bd : Aucune action entreprise.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Télécharger des logiciels.exe -> Backdoor.Hupigon.bnca : Aucune action entreprise.
C:\Documents and Settings\Parents\Bureau\Télécharger des logiciels.exe -> Backdoor.Hupigon.bnca : Aucune action entreprise.
C:\WINDOWS\system32\jfiehayd.dll -> Downloader.Agent.lxt : Aucune action entreprise.
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000343.com -> Dropper.Agent.nin : Aucune action entreprise.
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000344.com -> Dropper.Agent.nin : Aucune action entreprise.
C:\QooBox\Quarantine\C\WINDOWS\system32\ntpl.bin.vir -> Dropper.Agent.sbe : Aucune action entreprise.
C:\QooBox\Quarantine\C\d.exe.vir -> Dropper.Agent.sbe : Aucune action entreprise.
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000007.exe -> Dropper.Agent.sbe : Aucune action entreprise.
:mozilla.91:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.92:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.93:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.152:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.156:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.121:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.122:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.123:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.124:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Adviva : Aucune action entreprise.
:mozilla.120:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@atdmt[1].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.105:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.26:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.114:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.115:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.116:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@connextra[1].txt -> TrackingCookie.Connextra : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.237:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.215:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.229:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@ivwbox[1].txt -> TrackingCookie.Ivwbox : Aucune action entreprise.
:mozilla.72:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.71:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@overture[1].txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.139:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.140:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.141:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.142:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.143:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.144:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.145:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.173:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.174:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.175:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.176:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.177:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.190:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.243:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Trafic : Aucune action entreprise.
:mozilla.54:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.55:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.56:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.18:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.19:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Parents\Cookies\parents@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.125:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Webtrends : Aucune action entreprise.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@m.webtrends[2].txt -> TrackingCookie.Webtrends : Aucune action entreprise.
:mozilla.51:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.170:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.171:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\4z6drlhe.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\Program Files\Adverts\uninst.exe -> Trojan.Obfuscated.en : Aucune action entreprise.
Fin du rapport
Rapport BitDefender
C:\axer.exe
Infected with: Backdoor.Rustock.NDI
C:\axer.exe
Deleted
C:\d1.exe
Infected with: Trojan.Crypt.Delf.T
C:\d1.exe
Disinfection failed
C:\d1.exe
Deleted
C:\Program Files\Mozilla Firefox\install.exe
Infected with: Trojan.Retapu.D
C:\Program Files\Mozilla Firefox\install.exe
Disinfection failed
C:\Program Files\Mozilla Firefox\install.exe
Deleted
C:\QooBox\Quarantine\C\Program Files\Mozilla Firefox\patch.exe.vir
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\QooBox\Quarantine\C\Program Files\Mozilla Firefox\patch.exe.vir
Disinfection failed
C:\QooBox\Quarantine\C\Program Files\Mozilla Firefox\patch.exe.vir
Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\service.exe.vir
Infected with: Trojan.Crypt.Delf.T
C:\QooBox\Quarantine\C\WINDOWS\system32\service.exe.vir
Disinfection failed
C:\QooBox\Quarantine\C\WINDOWS\system32\service.exe.vir
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000003.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000003.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000003.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000008.exe
Infected with: Trojan.Crypt.Delf.T
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000008.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000008.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000338.exe=>(NSIS o)=>zlib_nsis0018
Infected with: Trojan.Generic.177970
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000338.exe=>(NSIS o)=>zlib_nsis0018
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000338.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>patch.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>patch.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>patch.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>install.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>install.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)=>install.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000367.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000368.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000368.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000368.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000370.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000370.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000370.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000372.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000372.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000372.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000373.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000373.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000373.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>patch.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>patch.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>patch.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>install.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>install.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)=>install.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000375.exe=>(RAR Sfx o)
Update failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000376.exe
Suspected of: BehavesLike:Trojan.WinlogonHook
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000376.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000376.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000377.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000377.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000377.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000849.exe
Infected with: Trojan.FatObfus.2.Gen
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000849.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000849.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000850.dll
Infected with: Generic.Malware.dld!!.07071C2E
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000850.dll
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000850.dll
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000851.exe
Infected with: Backdoor.Rustock.NDI
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000851.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000852.exe
Infected with: Trojan.Crypt.Delf.T
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000852.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000852.exe
Deleted
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000853.exe
Infected with: Trojan.Retapu.D
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000853.exe
Disinfection failed
C:\System Volume Information\_restore{19E21AC7-3BBA-46C6-B892-01F46C398782}\RP2\A0000853.exe
Deleted
C:\vuqs.exe
Infected with: Packer.Malware.Crypter.C
C:\vuqs.exe
Disinfection failed
C:\vuqs.exe
Deleted
C:\waxd.exe
Infected with: Trojan.Downloader.Tiny.NDU
C:\waxd.exe
Deleted
C:\WINDOWS\system32\aliceeadsl.exe
Infected with: Packer.Malware.Crypter.C
C:\WINDOWS\system32\aliceeadsl.exe
Disinfection failed
C:\WINDOWS\system32\aliceeadsl.exe
Deleted
Et le rapport HiJack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:06, on 2008-06-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [*aliceeadsl] C:\WINDOWS\system32\aliceeadsl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [aliceeadsl] C:\WINDOWS\system32\aliceeadsl.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0eb0e74a-2a76-4ab3-a7fb-9bd8c29f7f75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard (avg anti-spyware guard) - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
A voir également:
- PC qui ralentit a vu d'oeil
- Pc qui rame - Guide
- Comment savoir qui a vu mes publications sur facebook - Guide
- Qui a vu mon profil instagram - Guide
- Remettre a zero un pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
105 réponses
je vais lancer le scan de ToolsCleaner de A.Roshtein se soir
et j'installerai correctement AVIRA demain
Merci
Edite : quand tu dit : "hors connexion" tu veut dire
-sans page internet ouverte
ou
-se déconnecter de la livebox
et j'installerai correctement AVIRA demain
Merci
Edite : quand tu dit : "hors connexion" tu veut dire
-sans page internet ouverte
ou
-se déconnecter de la livebox
Voila le rapport de ToolsCleaner
-->- Recherche:
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Enfants\Bureau\OtMoveIt2.exe: trouvé !
C:\Documents and Settings\Enfants\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Enfants\Bureau\Robin\CCleaner\HijackThis.lnk: trouvé !
C:\Documents and Settings\Enfants\Bureau\Robin\CCleaner\Reparer MSN\SdFix.exe: trouvé !
C:\Program Files\Hijack\HijackThis: trouvé !
C:\Program Files\Hijack\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Enfants\Bureau\OtMoveIt2.exe: supprimé !
C:\Documents and Settings\Enfants\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\Enfants\Bureau\Robin\CCleaner\HijackThis.lnk: supprimé !
C:\Documents and Settings\Enfants\Bureau\Robin\CCleaner\Reparer MSN\SdFix.exe: supprimé !
C:\Program Files\Hijack\HijackThis\HijackThis.exe: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Hijack\HijackThis: supprimé !
sur ce ^^' bonne nuit je vais me coucher
Merci
-->- Recherche:
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Enfants\Bureau\OtMoveIt2.exe: trouvé !
C:\Documents and Settings\Enfants\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Enfants\Bureau\Robin\CCleaner\HijackThis.lnk: trouvé !
C:\Documents and Settings\Enfants\Bureau\Robin\CCleaner\Reparer MSN\SdFix.exe: trouvé !
C:\Program Files\Hijack\HijackThis: trouvé !
C:\Program Files\Hijack\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Enfants\Bureau\OtMoveIt2.exe: supprimé !
C:\Documents and Settings\Enfants\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\Enfants\Bureau\Robin\CCleaner\HijackThis.lnk: supprimé !
C:\Documents and Settings\Enfants\Bureau\Robin\CCleaner\Reparer MSN\SdFix.exe: supprimé !
C:\Program Files\Hijack\HijackThis\HijackThis.exe: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Hijack\HijackThis: supprimé !
sur ce ^^' bonne nuit je vais me coucher
Merci
Woaw je suis vraiment très content que tu sois venu ! mon pc "surf" vraiment beaucoup plus vite
je tien aussi a remercier Le sioux, G1rl, mOé et tous ceux qu'y m'ont donné des astuces et tous les créateurs des programmes qui nous on aidés
Vraiment merci pour tout !
ps: je vais m'occuper des dernière manip ^^
A dans 3 jours
je tien aussi a remercier Le sioux, G1rl, mOé et tous ceux qu'y m'ont donné des astuces et tous les créateurs des programmes qui nous on aidés
Vraiment merci pour tout !
ps: je vais m'occuper des dernière manip ^^
A dans 3 jours
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question