High-Tech Santé Médecine Droit-Finances

Grippe A

Que dois-je faire ?

Rechercher : dans
Par :

Accès internet hyper lent - PC infecté

Dernière réponse le 24 jui 2008 à 22:29:26 fabfab, le 6 jui 2008 à 18:32:33 
 Signaler ce message aux modérateurs

Bonjour,

Mon internet s'est énormément ralenti récemment au point que je ne peux pas ouvrir plusieurs fenêtres, j'ai un message délai de connexion dépassé, même quand je fais "page précédente".
L'environnement internet principal est Firefox 3, j'ai McAFee à jour qui ne détecte rien, disque dur défragmenté, ccleaner fait plusieurs fois par semaine. J'ai aussi explorer7 qui est encore plus lentet safari
J'ai réinstallé ma livebox, mais ça ne change rien. En revanche, le PC portable que j'utilise assez peu souvent car bien sûr ce n'est pas mon ordi principal, fonctionne très bien en Wifi. Donc ça ne vient pas de la connexion, mais d'un problème avec ma station. J'ajoute que je n'ai pas d'autres symptomes de type popups ou adware etc...
J'ai fait un scan HiJackThis que je vous poste ici.
Tout avis est bienvenu... merci ;)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:20:15, on 06/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
c:\PROGRA~1\mcafee\msc\mcshell.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: {a99805df-ef52-6129-f554-2d9de83e2177} - {7712e38e-d9d2-455f-9216-25fefd50899a} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {9C8A568E-4201-478a-8536-526CF371D2E2} - (no file)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00ED4F1.dat
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
End of file - 9761 bytes

Configuration: Windows XP
Firefox 3.0

Meilleures réponses pour « Accès internet hyper lent PC infecté » dans :
PC infecté par des rogues VoirQue faire si votre pc est infecté par un ou plusieurs rogues ?? Définition d'un rogue Procédure préliminaire à exécuter si vous êtes sous Vista 1. SmitfraudFix Option 1 - Recherche Option 2 - Nettoyage 2. MalwareByte's Anti...
Posez votre question Répondre

1

shion-ares, le 6 jui 2008 à 19:08:02

Bonjour

1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton bureau à partir de ce lien :

http://www.malwarebytes.org/

3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

7) Dans l'onglet analyse, vérifie que "Exécuter une analyse rapide" n'est pas coché et clique sur le bouton Rechercher pour démarrer l'analyse.

8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

10) Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

11) MBAM va ouvrir le bloc-notes et y copier le rapport d'analyse. Ferme le bloc-note. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

12) Ferme MBAM en cliquant sur Quitter.

   
Répondre à shion-ares

2

fabfab, le 6 jui 2008 à 21:06:55

Bonjour,

Whoaw,

J'ai installé MBAM, et j'ai supprimé plus de 4300 malwares qui faisaient un festin de mes ressources!

Merci pour ton aide, apparemment je n'ai plus de problemes de vitesse lorsque je suis sur le net.

Mais j'ai encore 7 fichiers svchost.exe qui trainent encore dans mes processus, ça me parait beaucoup non?

Merci pour ton expertise très précieuse

   
Répondre à fabfab

3

shion-ares, le 6 jui 2008 à 21:18:05

Pourrais tu poster le rapport stp

   
Répondre à shion-ares

4

fabfab, le 6 jui 2008 à 22:42:34

Tu parles du rapport MBAM?

   
Répondre à fabfab

5

fabfab, le 6 jui 2008 à 22:49:18

Voici le dernier rapport Hijackthis, suite à MBAM. Le rapport MBAM est vraiment très long.
Dis moi si tu en as besoin.
Merci encore pour ton aide

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:46:50, on 06/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: {a99805df-ef52-6129-f554-2d9de83e2177} - {7712e38e-d9d2-455f-9216-25fefd50899a} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00ED4F1.dat
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
End of file - 9629 bytes

   
Répondre à fabfab

6

fabfab, le 6 jui 2008 à 22:54:26

Désolé de faire des réponses multiples, je ne pense pas à tout en même temps...
Par ailleurs, j'ai aussi systématiquement chaque jour, à l'arrêt de windows (version xp officielle), une invite pour une MAJ.
Je suis la procédure (cliquer ici et l'ordinateur s'éteindra tout seul), mais ça me paraît suspect d'avoir une MAJ tous les jours. Est ce parce qu'elle ne s'installe pas correctement?

   
Répondre à fabfab

7

shion-ares, le 7 jui 2008 à 07:47:36

Oui je parle du rapport mbam

quand tu l'éteint combien as tu de mise a jours qui veulent s'installer ?

   
Répondre à shion-ares

8

fabfab, le 7 jui 2008 à 13:18:43

Bonjour,
Je n'ai pas relevé cette info, mais ça se produit chaque jour (je l'allume et l'éteins une fois/jour)
Je ne suis pas devant mon pc avant ce soir, mais je ne voulais pas te laisser sans réponse sur ce sujet.
Merci

   
Répondre à fabfab

9

fabfab, le 7 jui 2008 à 22:50:36

Bonsoir,

Pour répondre à ta question, j'ai encore ce soir UNE mise à jour qui veut s'exécuter.
Voici ci dessous le rapport MBAM que tu me demandais.
Bien cordialement,

Malwarebytes' Anti-Malware 1.19
Version de la base de données: 927
Windows 5.1.2600 Service Pack 2

20:58:25 06/07/2008
mbam-log-7-6-2008 (20-58-17).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 262658
Temps écoulé: 1 hour(s), 21 minute(s), 13 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 307
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 4087

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\mscoree.dll (Trojan.Agent) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{8ae72190-f8a5-b7c8-9572-98c79cdf00af} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscoree.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{047a9a40-657e-11d3-8d5b-00104b35e7ef} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1b2e3b3f-490a-4f4c-8c76-d94f59fe6400} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1d2680c9-0e2a-469d-b787-065558bc7d43} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e66f26b-79ee-11d2-8710-00c04f79ed0d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1ec2de53-75cc-11d2-9775-00a0c9b4d50c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{24800cd0-0f4e-4df7-9f69-3c6903c89224} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f281000-e95a-11d2-886b-00c04f869f04} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6619a740-8154-43be-a186-0319578e02db} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6619a740-8154-43be-a186-0319578e02db} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6fef44d0-39e7-4c77-be8e-c9f8cf988630} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a8f03be3-edb7-4972-821f-af6f8ea34884} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca35cb3d-0357-11d3-8729-00c04f79ed0d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cb2f6723-ab3a-11d2-9c40-00c04fa30a3e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d2eaa715-dac7-4771-af5c-931611a1853c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc5da001-7cd4-11d2-8ed9-d8c857f98fe3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e5cb7a31-7512-11d2-89ce-0080c792e5d8} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f1058e4d-a3b4-43d8-a5e8-35359fb76d9b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00b01b2e-b1fe-33a6-ad40-57de8358dc7d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{01ff4e4b-8ad0-3171-8c82-5c2f48b87e3d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{026cc6d7-34b2-33d5-b551-ca31eb6ce345} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{05eba309-0164-11d3-8729-00c04f79ed0d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{06b81c12-a5da-340d-aff7-fa1453fbc29a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07f94112-a42e-328b-b508-702ef62bcc29} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{08295c62-7462-3633-b35e-7ae68aca3948} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{09a60795-31c0-3a79-9250-8d93c74fe540} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0a29ff9e-7f9c-4437-8b11-f424491e3931} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0a3976c5-4529-4ef8-b0b0-42eed37082cd} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0ae2deb0-f901-478b-bb9f-881ee8066788} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0d23f8b4-f2a6-3eff-9d37-bdf79ac6b440} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e4effc0-2387-11d3-b372-00105a98b7ce} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e71f9bd-c109-3352-bd60-14f96d56b6f3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0ff66430-c796-3ee7-902b-166c402ca288} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{108296c1-281e-11d3-bd22-0000f80849bd} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{112bc2e7-9ef9-3648-af9e-45c0d4b89929} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1163d0ca-2a02-37c1-bf3f-a9b9e9d49245} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{146855fa-309f-3d0e-bb3e-df525f30a715} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{146a47ab-a2cf-3587-bb25-2b286d7566b4} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{14910622-09d4-3b4a-8c1e-9991dbdcc553} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{14be6b21-c682-3a3a-8b24-fee75b4ff8c5} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a06a4dc-e239-3717-89e1-d0683f3a5320} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1f17c39c-99d5-37e0-8e98-8f27044bd50a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1f9f18a3-efc0-3913-84a5-90678a4a9a80} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{204d5a28-46a0-3f04-bd7c-b5672631e57f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{21f5a790-53ea-3d73-86c3-a5ba6cf65fe9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2206d773-ca1c-3258-9456-ceb7706c3710} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{24540ebc-316e-35d2-80db-8a535caf6a35} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{24eec005-3938-3c71-821d-7f68fd850b2d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2763be6b-f8cf-39d9-a2e8-9e9815c0815e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{27e986e1-baec-3d48-82e4-14169ca8cecf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{27f31d55-d6c6-3676-9d42-c40f3a918636} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2846ae5e-a9fa-36cf-b2d1-6e95596dbde7} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{29c69707-875f-3678-8f01-283094a2dfb1} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{29c98dfc-ac6b-4788-bddd-ca41d6d3704a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2bb6c5e0-c2b9-3608-8868-21cfd6ddb91e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d5ec63c-1b3e-3ee4-9052-eb0d0303549c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2decbcb7-bac0-316d-9131-43035c5cb480} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{31c967b5-2f8a-3957-9c6d-34a0731db36c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{31d353b3-0a0a-3986-9b20-3ec4ee90b389} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{346d5b9f-45e1-45c0-aadf-1b7d221e9063} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3495e5fa-2a90-3ca7-b3b5-58736c4441dd} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35e946e4-7cda-3824-8b24-d799a96309ad} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{36dcda30-dc3b-4d93-be42-90b2d74c64e7} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{374050dd-6190-3257-8812-8230bf095147} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{39b68485-6773-3c46-82e9-56d8f0b4570c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3b0398c9-7812-4007-85cb-18c771f2206f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3bd1f243-9bc4-305d-9b1c-0d10c80329fc} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3c9dca8b-4410-3143-b801-559553eb6725} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3cded51a-86b4-39f0-a12a-5d1fdced6546} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3ddb2114-9285-30a6-906d-b117640ca927} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e5509f0-1fb9-304d-8174-75d6c9afe5da} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e8e0f03-d3fd-3a93-bae0-c74a6494dbca} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f4a4283-6a08-3e90-a976-2c2d3be4eb0b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3fa7a1c5-812c-3b56-b957-cb14af670c09} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3fb717af-9d21-3016-871a-df817abddd51} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3fdceec6-b14b-37e2-bb69-abc7ca0da22f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{40031115-09d2-3851-a13f-56930be48038} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{405c2d81-315b-3cb0-8442-ef5a38d4c3b8} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{40ae2088-ce00-33ad-9320-5d201cb46fc9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{41970d73-92f6-36d9-874d-3bd0762a0d6f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4224ac84-9b11-3561-8923-c893ca77acbe} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4286fa72-a2fa-3245-8751-d4206070a191} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{432d76ce-8c9e-4eed-addd-91737f27a8cb} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{433ca926-9887-3541-89cc-5d74d0259144} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{43cd41ad-3b78-3531-9031-3059e0aa64eb} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{44181b13-ae94-3cfb-81d1-37db59145030} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4479c009-4cc3-39a2-8f92-dfcdf034f748} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{458aa3b5-265a-4b75-bc05-9bea4630cf18} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4599202d-460f-3fb7-8a1c-c2cc6ed6c7c8} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{46080ca7-7cb8-3a55-a72e-8e50eca4d4fc} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{463ae13f-c7e5-357e-a41c-df8762fff85c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{46e97093-b2ec-3787-a9a5-470d1a27417c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{475e398f-8afa-43a7-a3be-f4ef8d6787c9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{47d3c68d-7d85-3227-a9e7-88451d6badfc} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{48728b3f-f7d9-36c1-b3e7-8bf2e63ce1b3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{48a75519-cb7a-3d18-b91e-be62ee842a3e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{48ad62e8-bd40-37f4-8fd7-f7a17478a8e6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{48c6e96f-a2f3-33e7-ba7f-c8f74866760b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{48d0cfe7-3128-3d2c-a5b5-8c7b82b4ab4f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4b601364-a04b-38bc-bd38-a18e981324cf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4be89ac3-603d-36b2-ab9b-9c38866f56d5} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d187ac2-d815-3b7e-bcea-8e0bbc702f7c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e515531-7a71-3cdd-8078-0a01c85c8f9d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e77ec8f-51d8-386c-85fe-7dc931b7a8e7} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4f272c37-f0a8-350c-867b-2c03b2b16b80} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50369004-db9a-3a75-be7a-1d0ef017b9d3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50aad4c2-61fa-3b1f-8157-5ba3b27aee61} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53a3c917-bb24-3908-b58b-09ecda99265f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5520b6d3-6ec6-3ce7-958b-e69faf6eff99} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5610f042-ff1d-36d0-996c-68f7a207d1f0} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{57154c7c-edb2-3bfd-a8ba-924c60913ebf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{58897d76-ef6c-327a-93f7-6cd66c424e11} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{58d052bc-a3df-3508-ac95-ff297bdc9f0c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{590e4a07-dafc-3be7-a178-da349bba980b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5a18d43e-115b-3b8b-8245-9a06b204b717} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b76534c-3acc-3d52-aa61-d788b134abe2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c35f099-165e-3225-a3a5-564150ea17f5} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c3e6ce8-b218-3762-883c-91bc987cdc2d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5ca9971b-2dc3-3bc8-847a-5e6d15cbb16e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5f3a0f8d-5ef9-3ad5-94e0-53aff8bce960} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5f9a955f-aa55-4127-a32b-33496aa8a44e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{61b3e12b-3586-3a58-a497-7ed7c4c794b9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{62545937-20a9-3d0f-b04b-322e854eacb0} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{62e92675-cb77-3fc9-8597-1a81a5f18013} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{630a3ef1-23c6-31fe-9d25-294e3b3e7486} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{647053c3-1879-34d7-ae57-67015c91fc70} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{66ce75d4-0334-3ca6-bca8-ce9af28a4396} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{673dfe75-9f93-304f-aba8-d2a86ba87d7c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{676e1164-752c-3a74-8d3f-bcd32a2026d6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{682d63b8-1692-31be-88cd-5cb1f79edb7b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6850404f-d7fb-32bd-8328-c94f66e8c1c7} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6896b49d-7afb-34dc-934e-5add38eeee39} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{68f8aea9-1968-35b9-8a0e-6fdc637a4f8e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6a02951c-b129-4d26-ab92-b9ca19bdca26} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6c1c243a-2146-3342-8078-ac4bfb9db4e9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6f674828-9081-3b45-bc39-791bd84ccf8f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{70a738d1-1bc5-3175-bd42-603e2b82c08b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{726bbdf4-6c6d-30f4-b3a0-f14d6aec08c7} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{742ad1fb-b2f0-3681-b4aa-e736a3bce4e1} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{74bdd0b9-38d7-3fda-a67e-d404ee684f24} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{75215200-a2fe-30f6-a34b-8f1a1830358e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{75999eba-0679-3d43-bdc4-02e4d637f1b1} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{769b8b68-64f7-3b61-b744-160a9fcc3216} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{777f668e-3272-39cd-a8b5-860935a35181} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{78d22140-40cf-303e-be96-b3ac0407a34d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7ae01d6c-bee7-38f6-9a86-329d8a917803} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7ae844f0-eca8-3f15-ae27-afa21a2aa6f8} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7b769b29-35f0-3bdc-aae9-e99937f6cdec} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7b938a6f-77bf-351c-a712-69483c91115d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7bc115cd-1ee2-3068-894d-e3d3f7632f40} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7e3393ab-2ab2-320b-8f6f-eab6f5cf2caf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7e34ab89-0684-3b86-8a0f-e638eb4e6252} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7f6bcbe5-eb30-370b-9f1b-92a6265afedd} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7f71db2d-1ea0-3cae-8087-26095f5215e6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7f8c7dc5-d8b4-3758-981f-02af6b42461a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7f976b72-4b71-3858-bee8-8e3a3189a651} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7fd3958d-0a14-3001-8074-0d15ead7f05c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7fe87a55-1321-3d9f-8fef-cd2f5e8ab2e9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{81c5fe01-027c-3e1c-98d5-da9c9862aa21} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{837a6733-1675-3bc9-bbf8-13889f84daf4} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84f70b6c-d59e-394a-b879-ffcc30ddcaa2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{877014b5-f3d4-458b-ad3a-b6c940bfde8f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8833bc41-dc6b-34b9-a799-682d2554f02f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88c8a919-eb24-3cca-84f7-2ea82bb3f3ed} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{89a86e7b-c229-4008-9baa-2f5c8411d7e0} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{89bcc804-53a5-3eb2-a342-6282cc410260} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{89d26277-8408-3fc8-bd44-cf5f0e614c82} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8a3fd229-b2a9-347f-93d2-87f3b7f92753} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c1425c9-a7d3-35cd-8248-928ca52ad49b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c40d44a-4ede-3760-9b61-50255056d3c7} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8d36569b-14d6-3c3d-b55c-9d02a45bfc3d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f45c7ff-1e6e-34c1-a7cc-260985392a05} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6d198c-e66f-3a87-aa3f-f885dd09ea13} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8fd730c1-dd1b-3694-84a1-8ce7159e266b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{91591469-efef-3d63-90f9-88520f0aa1ef} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9173d971-b142-38a5-8488-d10a9dcf71b0} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{91f672a3-6b82-3e04-b2d7-bac5d6676609} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{92755472-2059-3f96-8938-8ac767b5187b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{92e76a74-2622-3aa9-a3ca-1ae8bd7bc4a8} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{93f551d6-2f9e-301b-be63-85aef508cae0} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9546306b-1b68-33af-80db-3a9206501515} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{964aa3bd-4b12-3e23-9d7f-99342afae812} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{96705ee3-f7ab-3e9a-9fb2-ad1d536e901a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{96a058cd-faf7-386c-85bf-e47f00c81795} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9a3a64f4-8ba5-3dcf-880c-8d3ee06c5538} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9a944885-edaf-3a81-a2ff-6a9d5d1abfc7} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9b924ec5-bf13-3a98-8ac0-80877995d403} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9c125a6f-eae2-3fc1-97a1-c0dceab0b5df} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9c67f424-22dc-3d05-ab36-17eaf95881f2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9da2f8b8-59f0-3852-b509-0663e3bf643b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9e28ef95-9c6f-3a00-b525-36a76178cc9c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9e31421c-2f15-4f35-ad20-66fb9d4cd428} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9e933d22-77e0-40e9-9e66-09e44c9f41cb} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ea60eca-3dcd-340f-8e95-67845d185999} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9f5c8a02-771f-4965-8426-49c83c038ef3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a0e2e749-63ce-3651-8f4f-f5f996344c32} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a0f5f5dc-337b-38d7-b1a3-fb1b95666bbf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a164c0bf-67ae-3c7e-bc05-bfe24a8cdb62} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a1c0a095-df97-3441-bfc1-c9f194e494db} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a2d3756c-4dd1-4f7c-8622-e47c8da7d28a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a36738b5-fa8f-3316-a929-68099a32b43b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a36e4eaf-ea3f-30a6-906d-374bbf7903b1} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3a1f076-1fa7-3a26-886d-8841cb45382f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a6673c32-3943-3bbb-b476-c09a0ec0bcd6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7136bdf-b141-3913-9d1c-9bc5aff21470} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7248ec6-a8a5-3d07-890e-6107f8c247e5} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a8d058c4-d923-3859-9490-d3888fc90439} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aa544d41-28cb-11d3-bd22-0000f80849bd} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ab558a90-77ec-3c9a-a7e3-7b2260890a84} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad326409-bf80-3e0c-ba6f-ee2c33b675a5} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af60343f-6c7b-3761-839f-0c44e3ca06da} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af8c5f8a-9999-3e92-bb41-c5f4955174cd} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{afc681cf-e82f-361a-8280-cf4e1f844c3e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{afef65ad-4577-447a-a148-83acadd3d4b9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0f64827-79bb-3163-b1ab-a2ea0e1fda23} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b406ac70-4d7e-3d24-b241-aeaeac343bd9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b54e38f8-17ff-3d0a-9ff3-5e662de2055f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b6eb52d5-bb1c-3380-8bca-345ff43f4b04} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b71e484d-93ed-4b56-bfb9-ceed5134822b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b81cb5ed-e654-399f-9698-c83c50665786} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bc5062b6-79e8-3f19-a87e-f9daf826960c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bcb67d4d-2096-36be-974c-a003fc95041b} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bda7bee5-85f1-3b66-b610-ddf1d5898006} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c016a313-9606-36d3-a823-33ebf5006189} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c1abb475-f198-39d5-bf8d-330bc7189661} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c30abd41-7b5a-3d10-a6ef-56862e2979b6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c41d0b30-a518-3093-a18f-364af9e71eb7} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c41fa05c-8a7a-3157-8166-4104bb4925ba} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c498f2d9-a77c-3d4b-a1a5-12cc7b99115d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c76b435d-86c2-30fd-9329-e2603246095c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c7b9c313-2fd4-4384-8571-7abc08bd17e5} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9f0a842-3ce1-338f-a1d4-6d7bb397bdaa} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9f61cbd-287f-3d24-9feb-2c3f347cf570} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca0f511a-faf2-4942-b9a8-17d5e46514e8} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca805b13-468c-3a22-bf9a-818e97efa6b7} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{caa817cc-0c04-4d22-a05c-2b7e162f4e8f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{caec7d4f-0b02-3579-943f-821738ee78cc} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cbeaa915-4d2c-3f77-98e8-a258b0fd3cef} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc20c6df-a054-3f09-a5f5-a3b5a25f4ce6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc77f5f3-222d-3586-88c3-410477a3b65d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ccf306ae-33bd-3003-9cce-daf5befef611} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cdc70043-d56b-3799-b7bd-6113bbca160a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cdfa7117-b2a4-3a3f-b393-bc19d44f9749} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cf8f7fcf-94fe-3516-90e9-c103156dd2d5} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d049dc2b-82c3-3350-a1cc-bf69fee3825e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d13b741d-051f-322f-93aa-1367a3c8aafb} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d23d2f41-1d69-3e03-a275-32ae381223ac} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d2548bf2-801a-36af-8800-1f11fbf54361} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d5cb383d-99f4-3c7e-a9c3-85b53661448f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d6d2034d-5f67-30d7-9cc5-452f2c46694f} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d74d613d-f27f-311b-a9a3-27ebc63a1a5d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d8013eef-730b-45e2-ba24-874b7242c425} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d8013ef1-730b-45e2-ba24-874b7242c425} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d8013ff1-730b-45e2-ba24-874b7242c425} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d8a4f3eb-e7ec-3620-831a-b052a67c9944} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9035152-6b1f-33e3-86f4-411cd21cde0e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{da317be2-1a0d-37b3-83f2-a0f32787fc67} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{daa132bf-1170-3d8b-a0ef-e2f55a68a91d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dafb2462-2a5b-3818-b17e-602984fe1bb0} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db13821e-9835-3958-8539-1e021399ab6c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dd5856e5-8151-3334-b8e9-07cb152b20a4} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{de47d9cf-0107-3d66-93e9-a8acb06b4583} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dfd888a7-a6b0-3b1b-985e-4cdab0e4c17d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e38da416-8050-3786-8201-46f187c15213} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e724b749-18d6-36ab-9f6d-09c36d9c6016} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e772bbe6-cb52-3c19-876a-d1bfa2305f4e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e786fb32-b659-3d96-94c4-e1a9fc037868} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e7d574d5-2e51-3400-9fb6-a058f2d5b8ab} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e822f35c-ddc2-3fb2-9768-a2aebced7c40} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e9148312-a9bf-3a45-bbca-350967fd78f5} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e947a0b0-d47f-3aa3-9b77-4624e0f3aca4} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ebaa029c-01c0-32b6-aae6-fe21adfc3e5d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec3dac94-df80-3017-b381-b13dced6c4d8} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ecabafd1-7f19-11d2-978e-0000f8757e2a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ed0bc45c-2438-31a9-bbb6-e2a3b5916419} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ee832ce3-06ca-33ef-8f01-61c7c218bd7e} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ee96f4e1-377e-315c-aef5-874dc8c7a2aa} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eef05c76-5c98-3685-a69c-6e1a26a7f846} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ef24f689-14f8-4d92-b4af-d7b1f0e70fd4} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f00ca7a7-4b8d-3f2f-a5f2-ce4a4478b39c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f12fde6a-9394-3c32-8e4d-f3d470947284} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f1c3bf79-c3e4-11d3-88e7-00902754c43a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f1eba909-6621-346d-9ce2-39f266c9d011} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f59d514c-f200-319f-bf3f-9e4e23b2848c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f5e692d9-8a87-349d-9657-f96e5799d2f4} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f6914a11-d95d-324f-ba0f-39a374625290} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f6b6768f-f99e-4152-8ed2-0412f78517fb} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f8be2ad5-4e99-3e00-b10e-7c54d31c1c1d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fa0b54d5-f221-3648-a20c-f67a96f4a207} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fc13a7d5-e2b3-37ba-b807-7fa6238284d5} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fd8c8fce-4f85-36b2-b8e8-f5a183654539} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fdb2dc94-b5a0-3702-ae84-bbfa752acb36} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fdf9c30d-ccab-3e2d-b584-9e24ce8038e3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ffc9f9ae-e87a-3252-8e25-b22423a40065} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9c8a568e-4201-478a-8536-526cf371d2e2} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\adssite (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WinAble (Trojan.Adloader) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\mscoree.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1d2680c9-0e2a-469d-b787-065558bc7d43} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{11a69ae4-fbed-4832-a2bf-45af82825583} (Trojan.Vundo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully.
C:\Program Files\WinAble (Trojan.Adloader) -> Quarantined and deleted successfully.
C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\' (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\bvtpffbs.dllbox (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mscoree.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\Fonts\'\.45.2006.DVDRip.XViD-ESPiSE Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\007 Spy Software v3.873 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\00jj99uuii66ddxxqqq.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\1 Click DVD Movie 3.0.0.5 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\1 DVD Ripper 5.3 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\1 DVD Ripper 5.36 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\1 Lucky Fuck 1 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\10 books on Hacking Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\100 Blowjobs 17 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\100 Greatest Discoveries - Astronomy Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\100% Blowjobs 17 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\100% Blowjobs 8 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\101 Jukebox Classics Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\12 Work asterix Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\121 YukmouthMessy Marv - 100 Racks[2006][retail] Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\123 DVD Clone v2.42 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\123 DVD Ripper 1.00.060718 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\123 DVD Ripper 1.00.060718 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\123 Flash Menu Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\123 Flash Menu v3.2.0.1309 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\1408 (2007) Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\15 Minutes (2001) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\18 And Asian 3 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\18 Wheels of Steel Haulin Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\18 Wheels Of Steel Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\18 Year Old Pussy Vol.10 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\18Eighteen - Courtney Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\1Click DVD Copy 5.3.1.7 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\1Click DVD Copy Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\1Click DVD Copy v5.0.3.5 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\1Click Mini AIO Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\1st Security Agent V6.5 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\2 In 1 Hole Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\2 In The Can Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\2 Kinky 4 U Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\2 New Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\2 Young To Fall In Love 3 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\20 Years Of Jethro Tull, Awesome Collection Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\200 Pounds Beauty (2006) Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\237.DVDRip.XviD.2006 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\28 Days Later (2007) Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\28 Weeks Later (2007) TS Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\28 Weeks Later (2007) TS Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\28 Weeks Later Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\2Pac - 2Pacalypse Now ( 1991 ) Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\2Pac - 2Pacalypse Now (1991) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3 Doors Down - Another 700 Miles (EP) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3 Doors Down - Away From The Sun Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3 Doors Down - Greatest Hits Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3 Doors Down - The Better Life Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3-D Fish School (3D Screensaver) Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\30 Days Of Night Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\300 (2007) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\300 (2007) TS.XViD Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\300 - The Movie HD DVD Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\300 March To Glory (PSP) Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\300.(2007).TS.XVid KVCD bluX Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3000 Miles (2007) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3d Album Commercial Suite 3.29 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3D Album PicturePro Platinum v3.1 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3D Desktop for Windows XP and Vista Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3D Live Pool v2.3 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3D Me Now Professional 1.5.1.1 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3D MP3 Sound Recorder 3.8.7. Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3D SexVilla v30.001 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3D Studio Max 9 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3D Ultra Pinball - Thrillride Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3D War Chess Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3DMark05 crack Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3M Post-it Digital Notes Pro 3.0.2.2069 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3Pete Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\3Planesoft Screensavers Collection Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\4x4 Evolution 2 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\5 Guy Cream Pie 27 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\50 Cent - Curtis (2007) Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\50 Cent - Curtis (Explicit) Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\50 Cent - Curtis (Explicit) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\50 Things You are Not Supposed To Know Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\500 Person Sex Convention Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\7 Sins PS2 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\7-Zip 4.54 Beta Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\8 Mobile Antivirus AIO Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\80 Days v1.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\84 Garfield Comic Strips Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\84 Garfield Comic Strips Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\88 Minutes (2007) Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\88 Minutes (2007) Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\88 Minutes (2007) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\88 Minutes DVD-ripp (2007) Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\911 First Responders Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\==Vista Ready Upgrade adviser== Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\A Dog's Breakfast (2007) Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\A Mighty Heart (2007) Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\A Mighty Heart (2007) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\A Secret Handshake (2007) Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\A-Z RealPlayer Video Converter v3.23 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\A-Z Video Converter Ultimate v7.44 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\A-Z Video Converter Ultimate v7.44 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\A-Z WMV Video Converter v3.70 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\A1 Website Download v1.1.8 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\A2M 10 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\AAA Logo 1.2.1 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\AAA Logo 1.2.1 Retail Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Abaqus v6.7 2CD ISO Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Abba - Number Ones (2006) Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Abby FineReader OCR v8.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ablaze Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ableton Live 6.0.7 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ableton Live v6.0.1.10 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Abode Photoshop CS3 Extended Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Abode Photoshop CS3 Extended Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Abode Photoshop CS3 Extended Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Above The Law - Sex MoneyMusic (2007) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Absolute DVD Copy v1.5.0 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Absolute DVD Ripper v1.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Absolute DVD Ripper v1.0 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Absolute MP3 Splitter and Converter 2.8.4 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Absolute MP3 Splitter v2.6.8 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Absolute MP3 SplitterConverter v2.6.2 Serial Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Absolute Sound Recorder v3.45 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Abylon LOGON SA v6.50.11.1 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\ACA Screen Recorder 2.03 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acala Divx DVD Player Assist v2.6.7 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Accepted Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\ACD Systems ACDSee Pro 2.0.219 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\ACDSee 8 professional Full Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\ACDSee 9 Photo Manager 9.0.108 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\ACDSee Pro 2.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ace Password Sniffer V1.3 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ace Utilities 3.2 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ace Utilities v4.0.0 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\AceHTML Pro ver.6.60 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\AceMoney 3.91 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Aces over Europe Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Aces over Pacific Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acker DVD Ripper v2.0.65 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acoustica Cd Dvd Label Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acoustica Mixcraft 3.0.18 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acoustica Mixcraft v3.0.29 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acoustica Premium Edition v4.00.353 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acronis Disk Director Suite v10.0.2160 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acronis True Image 10.0 Build 4942 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acronis True Image Home v10.0.4942 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acronis True Image Home v10.0.4942 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acronis True Image Home v10.0.4942 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acronis True Image Server v9.1.3920 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acronis True Image v10 Build 4871 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\AcroPlot Pro 2007 Build 2007.01.21 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Act Of War High Treason Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Act of War High Treason Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Active Desktop Calendar 7.18 Build 070806 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Active Fax v4.10.0214 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Active File Recovery Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Active Keys 2.31 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Active Password Changer 3.5 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Active Undelete V5.1.021 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acts Of Death (2007) Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Acts Of Death (2007) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Actua Tennis Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ad Muncher 4.7 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\AD Stream Recorder v.1.5 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ad-Aware 2007 Beta 4 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ad-Aware 2007 Pro v7.0.1.5 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ad-Aware Professional v6.0.181 Update Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ad-Aware SE Pro 1.06 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Ad-Aware SE Professional Edition 1.06 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\AdAware Pro v7.0.1.4 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Acrobat 7 Professional Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Acrobat 7.0 Pro Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Professional Full DvD iSO Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Acrobat 8 Professional FuLL Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Acrobat Professional 7.0 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Acrobat Reader 7.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Acrobat Reader® v8 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Acrobat v8 Professional FuLL Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Audition v2.0 Retail Edition Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Captivate v2.0.1177 WinALL Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe CS3 Design Premium Suite Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe CS3 Keygens Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Dreamweaver 8 (Macromedia) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Dreamweaver CS3 Crack Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Dreamweaver CS3 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe DreamWeaver CS3 Full-fixed Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Dreamweaver CS3 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Flash CS3 Professional Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Flash Professional CS3 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Flash Professional CS3 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Flash Professional CS3 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 v12.00 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe PageMaker v7.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe PhotoShop 7.0 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 (Police Tested) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Photoshop Cs2 9.0 Final Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Portable Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 v9.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successf

   
Répondre à fabfab

10

shion-ares, le 8 jui 2008 à 08:07:24

Et bien tu collectionne les cracks et ton pc est une ville a virus

pour tes mise a jours fait ceci

http://www.commentcamarche.net/faq/sujet 8150 echec d installation des mises a jour windows update

refait un log hijackthis stp

   
Répondre à shion-ares

11

fabfab, le 8 jui 2008 à 13:08:29

Bonjour,

Et merci pour ta réponse.
De quels cracks parles tu? Et pour les virus, j'utilise Mc Afee avec des updates automatiques, je suis étonné, je croyais que c'était un Antivirus efficace?

   
Répondre à fabfab

12

shion-ares, le 8 jui 2008 à 13:19:41

C:\WINDOWS\Fonts\'\Adobe DreamWeaver CS3 Full-fixed Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Dreamweaver CS3 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Flash CS3 Professional Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Flash Professional CS3 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Flash Professional CS3 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Flash Professional CS3 Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Illustrator CS2 v12.00 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe PageMaker v7.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe PhotoShop 7.0 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 (Police Tested) Patch.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Photoshop Cs2 9.0 Final Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 Portable Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\'\Adobe Photoshop CS2 v9.0 Crack.zip (Trojan.Agent) -> Quarantined and deleted successf

ceux ci par exemple

   
Répondre à shion-ares

13

fabfab, le 8 jui 2008 à 13:31:53

Super, tous dans mon dossier Fonts!
Il y a quelques temps j'ai downloadé des fonts sur le net et apparemment ils ont emmené des amis avec eux.

As tu un avis sur Mac Afee? J'utilise aussi Avast! sur mon portable, je ne crois pas avoir de soucis?

A titre d'info, par quel biais se crée l'invite à update sur Windows?

   
Répondre à fabfab

14

shion-ares, le 8 jui 2008 à 13:49:51

Mac afee il y as dix ans etait un tres bon antivirus maintenant je ne peux pas te le dire

   
Répondre à shion-ares

15

fabfab, le 8 jui 2008 à 21:52:54

Bonsoir,

J'ai installé dial a fix, j'ai suivi la procédure, j'ai lancé windows update qui a réinstallé la màj automatique.
Voici le nouveau log HiJackThis, qu'en penses tu? Pense tu que je devrais désinstaller Mc Afee et installer Avast! sur mon poste?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:47:21, on 08/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: {a99805df-ef52-6129-f554-2d9de83e2177} - {7712e38e-d9d2-455f-9216-25fefd50899a} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00ED4F1.dat
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
End of file - 9542 bytes

   
Répondre à fabfab

16

shion-ares, le 8 jui 2008 à 21:55:32

Attend je regarde et je te dit peut etre pas se soir mais demain sur

   
Répondre à shion-ares

17

fabfab, le 8 jui 2008 à 22:02:21

Un grand merci pour ton aide.
Je viens de lancer un nouvel examen complet Malwarebytes, je te tiendrai au courant.

Je te souhaite une très bonne soirée.

Bien cordialement,

   
Répondre à fabfab

18

shion-ares, le 9 jui 2008 à 08:03:08

Bonjour

fixe ces lignes avec hijackthis

O2 - BHO: {a99805df-ef52-6129-f554-2d9de83e2177} - {7712e38e-d9d2-455f-9216-25fefd50899a} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

Mets à jour ta console JAVA (supprime les versions obsolètes)
http://www.java.com/fr/download/manual.jsp

ensuite reposte un log hijackthis et dit moi comment se comporte ta machine

   
Répondre à shion-ares

19

fabfab, le 9 jui 2008 à 09:47:25

Bonjour,

Merci pour ta réponse, je m'en occuperai ce soir.
Mon log Malware me donne 0 infection.

Bonne journée,

   
Répondre à fabfab

20

fabfab, le 9 jui 2008 à 22:22:57

Bonsoir,
j'ai suivi tes consignes, voici le log.
j'ai toujours plusieurs svchost.exe, , est ce normal?
ma connexion internet semble normale à nouveau. En revanche, j'ai à nouveau ce soir une demande de MAJ windows, je ne sais pas si elle est normale ou pas.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:18:57, on 09/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00ED4F1.dat
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
End of file - 9327 bytes

   
Répondre à fabfab

21

fabfab, le 12 jui 2008 à 14:06:52

Salut,

Bon, mon pc est revenu à la situation de départ, internet rame grave.
Par exemple, pour te faire cette réponse, le timeout d'affichage de la page est dépassé, je suis obligé de rafraichir la page.
J'ai refait un malwarebytes complet hier soir qui donne 0 élément trouvé.
De plus, je suis à nouveau avec des invites windows répétées pour updatesn notamment 3 fois la même en trois jours, MAJ de sécurité pour Microsoft XML Core Services 4.0 Services pack 2 (KB936181).
Ce que je ne comprend pas, c'est que la situation paraissait s'être améliorée pendant 1 jour ou 2.
Si tu as une idée, je suis preneur... merci.

   
Répondre à fabfab

22

shion-ares, le 13 jui 2008 à 12:05:06

Bonjour

Scan en ligne Kaspersky

Tuto d’aide : http://cybersecurite.xooit.com/t100-Scan-en-ligne-Kaspersky.­htm#768

Rends toi sur http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.­html avec Internet explorer et

Clique sur Accept
Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
Clique une nouvelle fois sur "Accept"
Les bases de mises à jour vont s'installer, patiente un moment
Clique sur Next.
Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera.

A la fin du scan, si des objets infectés sont découverts, clique sur Save report as... Choisis Bureau et nomme le rapport "rapport Kaspersky" et dans le champ d'enregistrement, choisis "fichiers texte" enregistre alors le rapport.

Copie/colle le fichier texte ouvert en intégralité, en faisant un clic droit dessus, sélectionner tout/copier.

   
Répondre à shion-ares

23

fabfab, le 14 jui 2008 à 18:18:18

Quand je le dis que mon internet est super lent...
Sous IE, Kaspersky Online ne peut meme pas downloader ses fichiers de base de données... ça en charge 1000, puis plus rien... puis 5 ou 600... puis plus rien.. puis ça plante. Le bonheur.

   
Répondre à fabfab

24

shion-ares, le 14 jui 2008 à 18:59:05

Ok


ATTENTION A LIRE JUSQU'EN BAS ET BIEN SUIVRE

Télécharges ComboFix à partir d'un de ces liens :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Et important, enregistre le sur le bureau.

Avant d'utiliser ComboFix :

? Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

? Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.


Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

? Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

? Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

   
Répondre à shion-ares

25

fabfab, le 18 jui 2008 à 22:11:12

Bonsoir,
Après une semaine bien chargée, j'ai à nouveau le temps de répondre à ton message.
Voici le log en question. J'ai cru apercevoir la suppression de addsite.
Merci encore pour ton aide en tout cas.

ComboFix 08-07-17.4 - Loulou 2008-07-18 21:23:40.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1524 [GMT 2:00]
Endroit: C:\Documents and Settings\Loulou\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
* Resident AV is active


[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Loulou\Application Data\Adssite Advanced Toolbar
C:\Documents and Settings\Loulou\Application Data\Adssite Advanced Toolbar\selected.xml
C:\Documents and Settings\Loulou\Application Data\Adssite Advanced Toolbar\Thumbs.db
C:\Documents and Settings\Loulou\Favoris\Online Security Guide.lnk
C:\WINDOWS\system32\ghkmp.ini
C:\WINDOWS\system32\ghkmp.ini2
C:\x.dat
C:\z.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-18 to 2008-07-18 ))))))))))))))))))))))))))))))))))))
.

2008-07-13 18:17 . 2008-07-13 18:17 <REP> d-------- C:\WINDOWS\system32\fr
2008-07-13 18:11 . 2008-04-13 09:36 144,384 --------- C:\WINDOWS\system32\drivers\hdaudbus.sys
2008-07-13 18:11 . 2008-04-13 11:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-07-13 18:09 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\[u]0/u05546_.tmp
2008-07-13 17:26 . 2008-06-20 13:51 361,600 -----c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2008-07-13 17:26 . 2008-06-20 19:47 247,808 -----c--- C:\WINDOWS\system32\dllcache\mswsock.dll
2008-07-13 17:26 . 2008-06-20 13:08 225,856 -----c--- C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-07-13 17:26 . 2008-06-20 19:47 147,968 -----c--- C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-07-13 17:26 . 2008-06-20 13:40 138,496 -----c--- C:\WINDOWS\system32\dllcache\afd.sys
2008-07-13 16:59 . 2008-07-14 12:35 <REP> d-------- C:\WINDOWS\system32\CatRoot2
2008-07-13 15:03 . 2008-06-20 13:51 361,600 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2008-07-13 15:03 . 2008-06-20 13:08 225,856 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2008-07-13 15:03 . 2008-06-20 13:40 138,496 --a------ C:\WINDOWS\system32\drivers\afd.sys
2008-07-12 14:20 . 2008-07-12 14:20 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-09 22:14 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-06 19:26 . 2008-07-06 19:26 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-06 19:26 . 2008-07-15 02:56 <REP> d-------- C:\Documents and Settings\Loulou\Application Data\Malwarebytes
2008-07-06 19:26 . 2008-07-12 23:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-06 19:26 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-06 19:26 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-06 18:16 . 2008-07-06 18:16 <REP> d-------- C:\Program Files\Trend Micro
2008-07-02 21:58 . 2008-07-02 21:58 <REP> d-------- C:\Program Files\SAGEM
2008-07-02 21:58 . 2005-11-04 16:55 126,976 --a------ C:\WINDOWS\system32\coclassfast.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-15 00:56 --------- d-----w C:\Documents and Settings\Loulou\Application Data\TaoUSign
2008-07-15 00:56 --------- d-----w C:\Documents and Settings\Loulou\Application Data\InstallShield
2008-07-15 00:56 --------- d-----w C:\Documents and Settings\Loulou\Application Data\DataCast
2008-07-12 21:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-07-09 20:12 --------- d-----w C:\Program Files\Java
2008-07-08 20:58 --------- d-----w C:\Program Files\eMule
2008-07-07 20:53 6,656 --sha-w C:\Program Files\Thumbs.db
2008-07-06 15:17 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-07-05 22:22 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-02 19:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-08 13:59 --------- d-----w C:\Program Files\QuickTime
2008-06-08 13:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-08 12:00 --------- d-----w C:\Program Files\Apple Software Update
2008-06-08 12:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-06-07 11:55 --------- d-----w C:\Program Files\iWizz-MagnetoscopeInternet
2008-05-27 08:32 --------- d-----w C:\Documents and Settings\Loulou\Application Data\SiteAdvisor
2008-05-27 07:16 65,024 ----a-w C:\WINDOWS\IFinst26.exe
2008-05-27 07:16 --------- d-----w C:\Program Files\XviD-Convertisseur-Mp3-Samsung
2008-05-27 07:16 --------- d-----w C:\Program Files\Lame MP3 Codec
2008-05-27 07:14 --------- d-----w C:\Program Files\Samsung
2008-05-27 07:14 --------- d-----w C:\Program Files\MarkAny
2008-05-25 17:43 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-05-25 17:43 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-05-22 13:38 --------- d-----w C:\Program Files\SiteAdvisor
2008-05-09 10:55 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
2008-05-09 10:55 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll
2008-05-09 10:55 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
2008-05-09 10:55 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe
2008-05-07 05:11 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-11-20 13:55 262 -c--a-w C:\Documents and Settings\Loulou\z.dat
2007-11-20 13:55 0 -c--a-w C:\Documents and Settings\Loulou\x.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-08-24 23:07 51048]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2005-01-24 19:58 81920]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 01:52 849280]
"MAAgent"="C:\Program Files\MarkAny\ContentSafer\MAAgent.exe" [2007-12-17 16:47 62176]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 19:34 110592 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-13 19:34 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 16:51 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"msacm.l3codec"= l3codecp.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli scecli scecli

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BlueSoleil.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk
backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk
backup=C:\WINDOWS\pss\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Loulou^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=C:\Documents and Settings\Loulou\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 19:34 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
--a------ 2007-08-03 23:33 582992 C:\Program Files\McAfee.com\Agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McENUI]
--a------ 2007-11-30 05:42 1164576 C:\PROGRA~1\McAfee\MHN\McENUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]
--a--c--- 2007-04-10 12:01 1537640 C:\Program Files\Norton Ghost\Agent\GhostTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteAdvisor]
--a------ 2007-08-24 23:57 36640 C:\Program Files\SiteAdvisor\6261\SiteAdv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
--a------ 2007-02-23 16:32 126976 C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
--a------ 2005-01-24 19:58 81920 C:\PROGRA~1\Sony\SONICS~1\SSAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-05-25 19:42 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--------- 2008-04-13 19:34 110592 C:\WINDOWS\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BthServ"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\msncall.exe"=
"C:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 04:47]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-12 03:40]
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-04-12 15:57]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c89d6d2-a0f6-11dc-bd6d-0060b3fdb4ad}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-07-05 09:41:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-07-14 23:28:29 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
"2008-06-30 23:00:01 C:\WINDOWS\Tasks\McQcTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-d0e8d965 - C:\WINDOWS\system32\vlcinrcd.dll
MSConfigStartUp-updateMgr - C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-18 21:32:00
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...


**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDANTSRV.EXE
C:\WINDOWS\system32\gearsec.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\FICHIE~1\McAfee\MNA\McNASvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\PROGRA~1\FICHIE~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-18 22:00:15 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-18 19:59:08

Pre-Run: 58,859,499,520 octets libres
Post-Run: 58,763,681,792 octets libres

229 --- E O F --- 2008-07-14 10:38:39

   
Répondre à fabfab

26

fabfab, le 18 jui 2008 à 22:30:08

Pour complément d'info, j'avais téléchargé avast! le week end dernier, qui m'avait trouvé 3 virus non détectés par mcafee à jour...
Je viens de rebooter mon pc, et de lancer 2 fois firefox, ça a l'air de nouveau rapide... je suis preneur de tes instructions, je crois que l'on va dans le bon sens.
Merci encore.

   
Répondre à fabfab

27

shion-ares, le 18 jui 2008 à 22:31:17

Je vois la trace de 3 antivirus

repsote un log

je vais analyser cela ce soir et je te tien au courant

   
Répondre à shion-ares

28

shion-ares, le 18 jui 2008 à 22:32:24

Reposte un log hijackthis stp

   
Répondre à shion-ares

29

fabfab, le 18 jui 2008 à 22:58:15

A ma connaissance, j'ai avast et mc afee.
J'avais enlevé norton torp lourd. Chez norton je n'ai plus que le logiciel Ghost.
Voici le log HiJack:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:56:48, on 18/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\iWizz-MagnetoscopeInternet\iWizz.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
End of file - 9818 bytes

   
Répondre à fabfab

30

shion-ares, le 19 jui 2008 à 13:29:45

Ok deja vire un des deux antivirus soit avast soit mcafee

   
Répondre à shion-ares

31

fabfab, le 19 jui 2008 à 21:42:52

Je viens d'enlever mc afee

   
Répondre à fabfab

32

fabfab, le 19 jui 2008 à 22:10:32

Et voici un nouveau log HJThis
J'ai enlevé mac afee, mais egalament norton ghost et le service Liveupdate norton qui va avec.
Je m'aperçois que j'ai un 'Toolbar No name', qu'en penses tu?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:08:28, on 19/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
End of file - 6616 bytes

   
Répondre à fabfab

33

shion-ares, le 21 jui 2008 à 09:05:22

Bonjour

relance hijackthis et fixe ces lignes

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

comment ce comporte ton pc

   
Répondre à shion-ares

34

fabfab, le 21 jui 2008 à 21:17:21

Bonsoir,

J'ai fixé les 2 lignes , voici le dernier log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:16:05, on 21/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
End of file - 6492 bytes

   
Répondre à fabfab

35

fabfab, le 21 jui 2008 à 21:32:35

Le PC se comporte beaucoup mieux, firefox se comporte normalement.
J'ai une petite nouveauté: au lancement de windows, j'ai une bulle "i" et une icone dans la barre de lancement à coté de l'horloge qui me dit "des fichiers sont en attente de gravure sur le cd...or il n'y a rien en attente de gravure, ni cd dans le graveur.
Original isn't it?

   
Répondre à fabfab

36

shion-ares, le 21 jui 2008 à 22:33:57

Bonsoir

double clic dessus et supprime ce qu'il y as dans la fenetre qui va s'ouvrir

   
Répondre à shion-ares

37

shion-ares, le 22 jui 2008 à 01:37:33

Bonsoir

double clic dessus et tu pourra effacer les fichiers que tu as du mettre par inadvertances

   
Répondre à shion-ares

38

fabfab, le 24 jui 2008 à 22:01:50

Bonsoir,

Apparemment, tout a l'air de bien fonctionner, je pense que l'on peut mettre le problème comme résolu.
Un grand merci pour ton aide et ton assiduité à m'aider dans mes pérégrinations informatiques...

Merci à ce forum.

Cordialement,

   
Répondre à fabfab

39

 shion-ares, le 24 jui 2008 à 22:29:26

Bonsoir

et bien parfait et bon surf

   
Répondre à shion-ares
Posez votre question Répondre
Ils ont besoin de votre aide
Collection CommentÇaMarche.net