AccueilCalendrierFAQRechercherMembresGroupesS'enregistrerConnexion
Statistiques Antivir
Rechercher
 
 

Résultats par :
 
Rechercher Recherche avancée
Derniers sujets
» Infection + PC très lent
Sam 14 Déc - 22:03:56 par Fred_R

» J'ai quelque chose qui est en train de bouffer mon pc
Dim 5 Mai - 19:12:45 par Marco2404

» systeme de plugin a l'adress 0*e4783995 a recu l'erreur critique
Lun 20 Juin - 15:58:24 par rositaa

» Démarrage bloquer
Sam 30 Jan - 19:55:46 par Nemesis31

» scan Security tool virus
Sam 30 Jan - 19:54:57 par Nemesis31

» coupure du PC
Mer 9 Déc - 22:40:37 par Nemesis31

» Mon Pc Ram Comme Un Fou :@
Mar 3 Nov - 0:18:46 par shion-ares

» coupure d'internet tout les 5 minutes plus d'executer sous xp
Jeu 10 Sep - 0:28:07 par gollum

» soupson d'infection
Jeu 3 Sep - 13:42:30 par Nemesis31

Navigation
 Accueil
 Membres
 Profil
 FAQ
 Rechercher
Connexion
Nom d'utilisateur:
Mot de passe:
Connexion automatique: 
:: Récupérer mon mot de passe
Partenaires
Forum gratuit



Tchat Blablaland


Meilleurs posteurs
geoffrey5
 
shion-ares
 
plopus
 
didier68
 
Anthony5151
 
Juliensl
 
bluestyle
 
ginga
 
Nemesis31
 
gobiel
 
La boutique du forum
vous avez la possibilité d'acheter des articles propres au forum
Sondage

Partagez | 
 

 Infection + PC très lent

Voir le sujet précédent Voir le sujet suivant Aller en bas 
AuteurMessage
Fred_R
Membre
Membre


Nombre de messages : 1
Age : 52
Date d'inscription : 07/11/2008

MessageSujet: Infection + PC très lent   Sam 14 Déc - 22:03:56

Bonjour,

J'ai hérité d'un PC qui s'avère extrêmement lent depuis l'installation d'une Livebox Orange, de plus il est infecté, les fichiers sont en quarantaine, je ne sais pas quoi faire avec.

Merci beaucoup pour votre aide qui me serait très précieuse.

Voici les rapports Ad Aware, Spybot et Hijackthis :


Logfile created: 14/12/2013 17:08:09
Ad-Aware version: 9.0.7
Extended engine: 3
Extended engine version: 3.1.2770
User performing scan: Chevalier

*********************** Definitions database information ***********************
Lavasoft definition file: 151.395
Genotype definition file version: 2012/02/13 12:34:34
Extended engine definition file: 24346.0

******************************** Scan results: *********************************
Scan profile name: Analyse complète (ID: full)
Objects scanned: 48870
Objects detected: 7


Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 7
Folders.........: 0
LSPs............: 0
Cookies.........: 0
Browser hijacks.: 0
MRU objects.....: 0



Quarantined items:
Description: c:\documents and settings\chevalier\local settings\temporary internet files\content.ie5\sdebkxu7\avira%20antivir%20personal%20-%20free%20antivirus[1].exe Family Name: DownloadMR (fs) Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: 36c752293f6bb76167376de9a2b2af1c
Description: c:\documents and settings\chevalier\mes documents\téléchargements\adobe-air-windows-downloader.exe Family Name: Malavida (fs) Engine: 3 Clean status: Success Item ID: 2 Family ID: 0 MD5: 4e599dd4224b20cbfa232815743c4118
Description: c:\program files\orange\antivirusfirewall\avfw_dl.exe Family Name: Win32.Trojan.Agent Engine: 1 Clean status: Success Item ID: 0 Family ID: 936 MD5: 945bb305b2133f69d40a4c9631118c9c
Description: c:\system volume information\_restore{6cfff9b9-d902-4d63-9125-62493cff0d05}\rp39\a0040130.dll Family Name: Win32.Trojan.Agent Engine: 1 Clean status: Success Item ID: 0 Family ID: 936 MD5: d18ee6a765434fc17dbde607d7d9406d
Description: c:\system volume information\_restore{6cfff9b9-d902-4d63-9125-62493cff0d05}\rp39\a0040131.exe Family Name: Win32.Trojan.Agent Engine: 1 Clean status: Success Item ID: 0 Family ID: 936 MD5: ca9f34d3c05d91371f3d11f49350c179
Description: c:\system volume information\_restore{6cfff9b9-d902-4d63-9125-62493cff0d05}\rp39\a0040191.exe Family Name: Win32.Trojan.Agent Engine: 1 Clean status: Success Item ID: 0 Family ID: 936 MD5: e473cf483b7fcc334493de030b5771e3
Description: c:\system volume information\_restore{6cfff9b9-d902-4d63-9125-62493cff0d05}\rp39\a0040132.exe Family Name: Wajam (fs) Engine: 3 Clean status: Success Item ID: 3 Family ID: 0 MD5: 58e407df43ca11ade8aecfe629feacd1

Scan and cleaning complete: Finished correctly after 2987 seconds

*********************************** Settings ***********************************

Scan profile:
ID: full, enabled:1, value: Analyse complète
ID: folderstoscan, enabled:1, value: C:\
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true

Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: N/A

Scheduled scan settings:
<Empty>

Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Sat Dec 14 16:34:00 2013
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Sat Dec 14 22:34:00 2013
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Sat Dec 14 04:34:00 2013
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Sat Dec 14 10:34:00 2013
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Sat Dec 14 16:34:00 2013
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: true
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false

Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

Realtime protection settings:
ID: realtime, enabled:1
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: maintainbackup, enabled:1, value: true
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: onaccessprotection, enabled:1, value: true
ID: registryprotection, enabled:1, value: true
ID: networkprotection, enabled:1, value: true


****************************** System information ******************************
Computer name: DELL-4LF0CKK2OF
Processor name: Intel(R) Pentium(R) D CPU 2.80GHz
Processor identifier: x86 Family 15 Model 4 Stepping 7
Processor speed: ~2793MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 15, processor revision 1031, number of processors 2, processor features: [MMX,SSE,SSE2]
Physical memory available: 126128128 bytes
Physical memory total: 526454784 bytes
Virtual memory available: 1906675712 bytes
Virtual memory total: 2147352576 bytes
Memory load: 76%
Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Windows startup mode:

Running processes:
PID: 576 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE NT
PID: 624 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: AUTORITE NT
PID: 648 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: AUTORITE NT
PID: 692 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: AUTORITE NT
PID: 704 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: AUTORITE NT
PID: 880 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 948 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1044 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1164 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1240 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1300 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT
PID: 1612 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT
PID: 1660 name: C:\WINDOWS\Explorer.EXE owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 1744 name: C:\WINDOWS\system32\hkcmd.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 1760 name: C:\WINDOWS\system32\igfxpers.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 1768 name: C:\Program Files\Analog Devices\Core\smax4pnp.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 1812 name: C:\WINDOWS\system32\ctfmon.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 1824 name: C:\Program Files\Messenger\msmsgs.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 1840 name: C:\Program Files\Orange\MailNotifier\MailNotifier.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 1852 name: C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\one\OrangeInside.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 1872 name: C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 2016 name: C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 452 name: C:\Program Files\Orange\Assistance Livebox\dist\ST2.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 1732 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 180 name: C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe owner: SYSTEM domain: AUTORITE NT
PID: 1788 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1344 name: C:\WINDOWS\system32\wuauclt.exe owner: SYSTEM domain: AUTORITE NT
PID: 2212 name: C:\WINDOWS\System32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT
PID: 2280 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: AUTORITE NT
PID: 2344 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2384 name: C:\WINDOWS\system32\wscntfy.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 2904 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Chevalier domain: DELL-4LF0CKK2OF
PID: 3268 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Chevalier domain: DELL-4LF0CKK2OF

Startup items:
Name: PostBootReminder
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
Name: CDBurn
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: SysTray
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Name: IgfxTray
imagepath: C:\WINDOWS\system32\igfxtray.exe
Name: HotKeysCmds
imagepath: C:\WINDOWS\system32\hkcmd.exe
Name: Persistence
imagepath: C:\WINDOWS\system32\igfxpers.exe
Name: SoundMAXPnP
imagepath: C:\Program Files\Analog Devices\Core\smax4pnp.exe
Name: mobilegeni daemon
imagepath: C:\Program Files\Mobogenie\DaemonProcess.exe

-----------------------------------------------------------------------------------------------

Search results from Spybot - Search & Destroy

14/12/2013 18:56:05
Scan took 00:35:08.
63 items found.

Win32.MyApp: [SBI $EFAC1196] Program directory (Directory, nothing done)
C:\Documents and Settings\Chevalier\Menu Démarrer\Programmes\My application\

Barowwsoe2Save: [SBI $F5174E26] Program directory (Directory, nothing done)
C:\Program Files\Optimizer Pro\

Toolbar.MySearchDial: [SBI $6485A0A0] Class ID (Registry Key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}

Toolbar.MySearchDial: [SBI $43883FF2] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\mysearchdial

DoubleClick: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


DoubleClick: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


Tradedoubler: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


Tradedoubler: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


Tradedoubler: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


Tradedoubler: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


BurstMedia: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


BurstMedia: [SBI $19447DDC] Tracking cookie (Firefox: Chevalier (default-1386772486093)) (Browser: Cookie, nothing done)


Common Dialogs: [SBI $19447DDC] History (28 files) (Registry Key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

7-Zip: [SBI $12C3A52C] Folder history (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\7-ZIP\FM\FolderHistory

7-Zip: [SBI $3D5692BD] Last used folder (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\7-ZIP\FM\PanelPath0

Internet Explorer: [SBI $FF589D0C] Download directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Internet Explorer\Download Directory

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $E48560B4] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\MediaPlayer\Player\RecentFileList

MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

MS Media Player: [SBI $1BDA487B] Last selected track index (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylistIndex

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS Office 12.0 (Excel): [SBI $546355D5] Recent Cartel List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Office\12.0\Excel\File MRU

MS Office 12.0 (Publisher): [SBI $CBBE5E84] Recent Publication List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Office\12.0\Publisher\Recent File List

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Office\12.0\Word\File MRU

MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Explorer: [SBI $85C2C910] Last Copy/MoveTo folder (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1343024091-329068152-839522115-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (2) (Browser: Cookie, nothing done)


Cache: [SBI $49804B54] Browser: Cache (7) (Browser: Cache, nothing done)


Historique: [SBI $49804B54] Browser: History (6) (Browser: History, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (654) (Browser: Cookie, nothing done)



--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-12-14 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2013-11-12 Includes\Adware.sbi (*)
2013-12-10 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2013-10-16 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2013-10-29 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-11-19 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-12-10 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2013-10-29 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-12-03 Includes\TrojansC-03.sbi (*)
2013-10-22 Includes\TrojansC-04.sbi (*)
2013-12-10 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)

-------------------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:49:55, on 14/12/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 26.0 (fr)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Orange\MailNotifier\MailNotifier.exe
C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\one\OrangeInside.exe
C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe
C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe
C:\Program Files\Orange\Assistance Livebox\dist\ST2.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\Chevalier\Mes documents\Téléchargements\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-12-14&ent=hp&u=C2A34E66AF11B218ECFD7B52AC6FC657
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=irmsd1103aw&cd=2XzuyEtN2Y1L1QzutDtDtCtAyBtBzy0EzzyD0FyCyE0EtD0DtN0D0Tzu0SyBtDyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1276220595&ir=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Search Protection] C:\Documents and Settings\All Users\Application Data\Search Protection\SearchProtection.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [orangeinside] C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [Orange Installer] "C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Assistance Livebox.lnk = C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\src\addfavorites_html\addfavorites.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html
O8 - Extra context menu item: envoyer par sms - C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\src\sendsms_html\sendsms.html
O8 - Extra context menu item: envoyer un mail - C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\src\sendmail_html\sendmail.html
O8 - Extra context menu item: orange.fr - C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\src\orange_html\orange.html
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html
O8 - Extra context menu item: traduire la page - C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\src\translate_html\translate.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\Documents and Settings\Chevalier\Application Data\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs:
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe

--
End of file - 8583 bytes
Revenir en haut Aller en bas
Voir le profil de l'utilisateur
 
Infection + PC très lent
Voir le sujet précédent Voir le sujet suivant Revenir en haut 
Page 1 sur 1
 Sujets similaires
-
» [Résolu] très très lent !!! ( facetheme )
» pc très très lent
» infection winlogon ? pc lent
» [résolu]PC très lent
» [Résolu] Pc très très lent

Permission de ce forum:Vous ne pouvez pas répondre aux sujets dans ce forum
 :: Forums :: Virus/Sécurité-
Sauter vers: