Un virus? Teléchargement d'image impossible

bonjours à tous… voilà mon problème depuis hier je ne suis plus capable de télécharger mes image… ni avec Photobuvket ni avec serving… le téléchargement se fais lentement et une fois terminé rien ne s’ouvre…
j’utilise l’antivirus avast… et le spybot destroy…

mais je sens aussi que mon internet va moin vite…

que faire…?? Merci à l’avance

Delphy

Salut

Commence par suivre cette procédure et colle les rapport

Merci beaucoup je vais lire cela…

étape un :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:33:52, on 2008-10-10
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\eMule\emule.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Hélène\Documents\Notes\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = mndj.forumactif.net…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0\bin\jusched.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM…\Run: [ISUSScheduler] “C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start
O4 - HKLM…\Run: [RoxWatchTray] “C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM…\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM…\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM…\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [LogitechCommunicationsManager] “C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe”
O4 - HKLM…\Run: [LogitechQuickCamRibbon] “C:\Program Files\Logitech\QuickCam\Quickcam.exe” /hide
O4 - HKCU…\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU…\Run: [MsnMsgr] “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU…\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx2.hotmail.com…
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - upload.facebook.com…
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

–
End of file - 8509 bytes

étape 3 MBAM

Malwarebytes’ Anti-Malware 1.28
Version de la base de données: 1248
Windows 6.0.6001 Service Pack 1

2008-10-10 08:58:39
mbam-log-2008-10-10 (08-58-39).txt

Type de recherche: Examen complet (C:|)
Eléments examinés: 144698
Temps écoulé: 1 hour(s), 11 minute(s), 38 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

comment on fais pour aller en mode sans échec… f2 ou f12

F6 ou F8 c’est pas écrit lors du bios

bon c’est fais…
tout était beau…

mon internet est au ralentit maintenant…

Désactive ton antivirus, lance combofix et laisse le travailler.
Colle le rapport

ComboFix 08-10-29.06 - Hélène 2008-10-29 10:42:24.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.448 [GMT -4:00]
Lancé depuis: C:\Users\Hélène\Documents\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\x64

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-29 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans ce laps de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-29 14:51 6,029,312 --sha-w C:\Users\Hélène\NTUSER.DAT
2008-10-29 14:51 6,029,312 --sha-w C:\Users\Hélène\NTUSER.DAT
2008-10-29 14:39 318,976 ----a-w C:\Windows\System32\CF17737.exe
2008-10-29 13:12 --------- d-----w C:\Users\Hélène\AppData\Roaming\gtk-2.0
2008-10-28 15:07 --------- d-----w C:\ProgramData\Google Updater
2008-10-22 16:48 --------- d-----w C:\Program Files\Audacity
2008-10-16 10:54 --------- d-----w C:\Program Files\Windows Mail
2008-10-15 19:22 --------- d-----w C:\Users\Hélène\AppData\Roaming\Zylom
2008-10-15 19:22 --------- d-----w C:\Users\Hélène\AppData\Roaming\Identities
2008-10-15 01:44 --------- d-s—w C:\Users\Hélène\AppData\Roaming\Microsoft
2008-10-14 21:40 --------- d-----w C:\Users\Hélène\AppData\Roaming\OpenOffice.org2
2008-10-10 15:50 --------- d-----w C:\Program Files\Navilog1
2008-10-10 11:41 --------- d-----w C:\Users\Hélène\AppData\Roaming\Malwarebytes
2008-10-10 11:41 --------- d-----w C:\ProgramData\Malwarebytes
2008-10-10 11:41 --------- d-----w C:\Program Files\Malwarebytes’ Anti-Malware
2008-10-08 20:31 --------- d-----w C:\ProgramData\WindowsSearch
2008-10-05 22:33 --------- d-----w C:\ProgramData\GameHouse
2008-10-05 22:32 --------- d-----w C:\Program Files\Delicious Emilys Tea Garden
2008-10-02 03:49 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-10-02 01:59 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-10-02 01:16 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-18 05:09 3,601,464 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-09-18 02:16 2,032,640 ----a-w C:\Windows\System32\win32k.sys
2008-09-14 15:08 56,401,155 ----a-w C:\Users\Hélène\Le temps des vendages.zip
2008-09-14 15:08 56,401,155 ----a-w C:\Users\Hélène\Le temps des vendages.zip
2008-09-10 04:04 38,528 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys
2008-09-10 04:03 17,200 ----a-w C:\Windows\system32\drivers\mbam.sys
2008-09-10 03:54 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-09 02:12 --------- d-----w C:\ProgramData\Logishrd
2008-09-08 19:43 --------- d-----w C:\Users\Hélène\AppData\Roaming\Leadertech
2008-09-08 19:43 --------- d-----w C:\Program Files\Common Files\logishrd
2008-09-08 19:42 --------- d-----w C:\ProgramData\Logitech
2008-09-08 19:42 --------- d-----w C:\Program Files\Logitech
2008-08-05 09:49 428,544 ----a-w C:\Windows\System32\EncDec.dll
2008-08-05 09:49 293,376 ----a-w C:\Windows\System32\psisdecd.dll
2008-08-02 03:26 36,864 ----a-w C:\Windows\System32\cdd.dll
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 28,160 ----a-w C:\Windows\System32\Apphlpdm.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-31 01:13 4,240,384 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-06-13 12:26 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.

Il manque un bout du raopport :neutre:

oups désolé heureusement j’avais mis le tout dans mes notes…:super:

et puis il est malade???

.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
“{ecdee021-0d17-467f-a1ff-c7a115230949}”= “C:\Program Files\free-downloads.net\tbfree.dll” [2007-12-10 1510424]

[HKEY_CLASSES_ROOT\clsid{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{ecdee021-0d17-467f-a1ff-c7a115230949}]
2007-12-10 14:46 1510424 --a------ C:\Program Files\free-downloads.net\tbfree.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
“{ecdee021-0d17-467f-a1ff-c7a115230949}”= “C:\Program Files\free-downloads.net\tbfree.dll” [2007-12-10 1510424]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
“{ECDEE021-0D17-467F-A1FF-C7A115230949}”= “C:\Program Files\free-downloads.net\tbfree.dll” [2007-12-10 1510424]

[HKEY_CLASSES_ROOT\clsid{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe” [2008-01-19 1233920]
“MsnMsgr”=“C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” [2007-10-18 5724184]
“ehTray.exe”=“C:\Windows\ehome\ehTray.exe” [2008-01-19 125952]
“swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-11-29 68856]
“SpybotSD TeaTimer”=“C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe” [2008-07-07 2156368]
“eMuleAutoStart”=“C:\Program Files\eMule\emule.exe” [2007-05-13 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0\bin\jusched.exe” [2007-11-28 77824]
“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2008-07-19 78008]
“ISUSPM Startup”=“C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe” [2006-10-03 221184]
“ISUSScheduler”=“C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” [2006-10-03 81920]
“RoxWatchTray”=“C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe” [2006-11-05 221184]
“QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe” [2007-12-11 286720]
“iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe” [2007-12-11 267048]
“IgfxTray”=“C:\Windows\system32\igfxtray.exe” [2008-02-11 141848]
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe” [2008-02-11 166424]
“Persistence”=“C:\Windows\system32\igfxpers.exe” [2008-02-11 133656]
“Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2008-06-12 34672]
“LogitechCommunicationsManager”=“C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe” [2008-08-14 565008]
“LogitechQuickCamRibbon”=“C:\Program Files\Logitech\QuickCam\Quickcam.exe” [2008-08-14 2407184]
“RtHDVCpl”=“RtHDVCpl.exe” [2007-05-02 C:\Windows\RtHDVCpl.exe]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-11-28 50688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“EnableUIADesktopToggle”= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“msacm.divxa32”= divxa32.acm

[HKLM~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
“TCP Query User{E348D14F-9BFF-4A18-B27B-215EAE3B3715}C:\program files\emule\emule.exe”= UDP:C:\program files\emule\emule.exe:eMule
“UDP Query User{71E41EBB-0699-4D7F-A827-2A3ED6CD14FC}C:\program files\emule\emule.exe”= TCP:C:\program files\emule\emule.exe:eMule
“{20D850E0-1C4F-4BAC-9B1E-7085BD083ABB}”= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
“{E8BF8F7E-ADBE-40ED-8731-83F603B122D6}”= Disabled:UDP:C:\Users\Hélène\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E09Z0107\incredimail_install[1].exe:IncrediMail Installer
“{83EC0BD8-1F4A-40BD-84E1-8206FD5D0167}”= Disabled:TCP:C:\Users\Hélène\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E09Z0107\incredimail_install[1].exe:IncrediMail Installer
“{FB2300E2-3701-4AFE-B430-7513DDD850A8}”= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
“{040F7CAB-2AAD-4D3C-B604-0C6EC76CDFCE}”= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
“{C3AB6EB2-4853-4DEE-9051-3A8A1CDD20A9}”= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
“{7DFF3B77-AD6B-4683-A1BF-8CA3D506FF88}”= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
“{9D2D6511-CDF7-4180-A12B-FB21E08EDA37}”= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
“{592F210E-46C1-441A-9EDB-F99BD5635B03}”= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
“TCP Query User{0017A441-5D43-42EA-A0C8-22C34792F9C1}C:\program files\azureus\azureus.exe”= UDP:C:\program files\azureus\azureus.exe:Azureus
“UDP Query User{677ABF49-7641-48E4-ADA3-606C5DF90AEF}C:\program files\azureus\azureus.exe”= TCP:C:\program files\azureus\azureus.exe:Azureus
“{63A0F818-009A-47E7-91D1-438D313A7E96}”= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
“{DCAA3E7E-CD11-4A97-8640-7E6F3B268649}”= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 DLARTL_M;DLARTL_M;C:\Windows\system32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
S3 NAL;Nal Service ;C:\Windows\system32\Drivers\iqvw32.sys [2007-09-10 30816]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{1b3f2461-913a-11dd-9c38-001aa095a043}]
\shell\AutoRun\command - explorer.exe CLD de La Matapédia.jpg

Newly Created Service - CATCHME
Newly Created Service - PROCEXP90
.
Contenu du dossier ‘Tâches planifiées’

2008-10-28 C:\Windows\Tasks\User_Feed_Synchronization-{BDF3596C-C067-458A-B14B-C269303E3740}.job

• C:\Windows\system32\msfeedssync.exe [2008-01-19 03:33]
  .
  .
  ------- Examen supplémentaire -------
  .
  R0 -: HKCU-Main,Start Page = mndj.forumactif.net…
  .

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2008-10-29 10:51:15
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0

.
Heure de fin: 2008-10-29 10:53:11
ComboFix-quarantined-files.txt 2008-10-29 14:53:02

Avant-CF: Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Après-CF: 164,817,993,728 octets libres

151 — E O F — 2008-10-29 10:15:09

Upload ce fichier sur virus total

Et post le rapport

Fichier CF12010.exe reçu le 2008.10.24 21:15:32 (CET)
Situation actuelle: terminé

Résultat: 0/36 (0.00%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.10.24.3 2008.10.24 -
AntiVir 7.9.0.9 2008.10.24 -
Authentium 5.1.0.4 2008.10.24 -
Avast 4.8.1248.0 2008.10.24 -
AVG 8.0.0.161 2008.10.24 -
BitDefender 7.2 2008.10.24 -
CAT-QuickHeal 9.50 2008.10.24 -
ClamAV 0.93.1 2008.10.24 -
DrWeb 4.44.0.09170 2008.10.24 -
eSafe 7.0.17.0 2008.10.23 -
eTrust-Vet 31.6.6167 2008.10.24 -
Ewido 4.0 2008.10.24 -
F-Prot 4.4.4.56 2008.10.24 -
F-Secure 8.0.14332.0 2008.10.24 -
Fortinet 3.113.0.0 2008.10.24 -
GData 19 2008.10.24 -
Ikarus T3.1.1.44.0 2008.10.24 -
K7AntiVirus 7.10.506 2008.10.24 -
Kaspersky 7.0.0.125 2008.10.24 -
McAfee 5414 2008.10.24 -
Microsoft 1.4005 2008.10.24 -
NOD32 3552 2008.10.24 -
Norman 5.80.02 2008.10.24 -
Panda 9.0.0.4 2008.10.24 -
PCTools 4.4.2.0 2008.10.24 -
Prevx1 V2 2008.10.24 -
Rising 21.00.42.00 2008.10.24 -
SecureWeb-Gateway 6.7.6 2008.10.24 -
Sophos 4.35.0 2008.10.24 -
Sunbelt 3.1.1749.1 2008.10.23 -
Symantec 10 2008.10.24 -
TheHacker 6.3.1.0.126 2008.10.23 -
TrendMicro 8.700.0.1004 2008.10.24 -
VBA32 3.12.8.8 2008.10.22 -
ViRobot 2008.10.24.1436 2008.10.24 -
VirusBuster 4.5.11.0 2008.10.24 -
Information additionnelle
File size: 318976 bytes
MD5…: 206031193f3955ba118c054c03d681e1
SHA1…: d7060a99ce2d10793378b54f48c67abe5c30f59f
SHA256: d0c9835103df318c171c79dc2436ad07b4f5d8f322e7db463b703604debbb48f
SHA512: 8f1f5ece34604922261a45eb9f63e108fc376ba97622f7d7d42fa840f2c7962b
5842fb0a261d1317bd6b28c5d47ea92da4dfcf229f01d9e502f2a1dc0fa45857
PEiD…: -
TrID…: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4ad09797
timedatestamp…: 0x47918bde (Sat Jan 19 05:34:22 2008)
machinetype…: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x22340 0x22400 6.62 be85250250f32b72ee44fb7374cb1d65
.data 0x24000 0x1c8ec 0x1ca00 0.17 d10c8a04a14a8cc52ad73d873ab5743f
.rsrc 0x41000 0xcec8 0xd000 5.94 71c9fdd7cc38dc520c0c98455f25ef00
.reloc 0x4e000 0x1ad4 0x1c00 6.68 dee72bfe3939acba7e2250e0186e00db

( 4 imports )

ADVAPI32.dll: RevertToSelf, SaferRecordEventLogEntry, ImpersonateLoggedOnUser, SaferCloseLevel, SaferComputeTokenFromLevel, SaferIdentifyLevel, RegCloseKey, RegQueryValueExW, RegOpenKeyExW, RegEnumKeyW, RegDeleteValueW, RegOpenKeyW, RegDeleteKeyW, RegSetValueW, CreateProcessAsUserW, RegSetValueExW, RegCreateKeyExW, LookupAccountSidW, GetSecurityDescriptorOwner, GetFileSecurityW
KERNEL32.dll: SetFilePointer, lstrcmpW, lstrcmpiW, HeapFree, GetProcessHeap, MultiByteToWideChar, ReadFile, SetThreadLocale, GetProcAddress, GetModuleHandleW, VirtualQuery, HeapAlloc, CloseHandle, WriteConsoleW, FillConsoleOutputCharacterW, SetConsoleCursorPosition, ReadConsoleW, GetConsoleScreenBufferInfo, GetStdHandle, GetFileType, GetLastError, WideCharToMultiByte, GetFileSize, FlushConsoleInputBuffer, GetCPInfo, GetConsoleOutputCP, CreateFileW, FindClose, FindNextFileW, FindFirstFileW, GetFullPathNameW, GetUserDefaultLCID, SetLocalTime, SystemTimeToFileTime, GetSystemTime, FileTimeToSystemTime, GetLocaleInfoW, GetDateFormatW, FileTimeToLocalFileTime, GetTimeFormatW, GetLocalTime, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetEnvironmentVariableW, SetEnvironmentStringsW, SetConsoleMode, GetConsoleMode, GetCommandLineW, GetEnvironmentVariableW, SetErrorMode, SetLastError, ReadProcessMemory, LoadLibraryW, GetConsoleWindow, CreateProcessW, GetStartupInfoW, DeleteProcThreadAttributeList, UpdateProcThreadAttribute, InitializeProcThreadAttributeList, GetBinaryTypeW, NeedCurrentDirectoryForExePathW, GetFileAttributesW, GetConsoleTitleW, MoveFileExW, LocalFree, SetConsoleTitleW, MoveFileW, SetFilePointerEx, WriteFile, SearchPathW, GetVolumeInformationW, LeaveCriticalSection, EnterCriticalSection, CancelSynchronousIo, ExpandEnvironmentStringsW, GetModuleFileNameW, GetVersion, GetWindowsDirectoryW, SetConsoleCtrlHandler, InitializeCriticalSection, GetDriveTypeW, GetFileAttributesExW, HeapSetInformation, OpenThread, GetCurrentThreadId, VirtualFree, VirtualAlloc, HeapSize, HeapReAlloc, FlushFileBuffers, DuplicateHandle, FormatMessageW, ScrollConsoleScreenBufferW, SetConsoleTextAttribute, FillConsoleOutputAttribute, CreateDirectoryW, SetFileTime, DeleteFileW, SetEndOfFile, SetFileAttributesW, CopyFileW, GetExitCodeProcess, WaitForSingleObject, TerminateProcess, SetCurrentDirectoryW, GetCurrentDirectoryW, RemoveDirectoryW, CompareFileTime, GetDiskFreeSpaceExW, FindNextStreamW, FindFirstStreamW, DeviceIoControl, ResumeThread, SetProcessAffinityMask, GetSystemInfo, GetThreadLocale, GetVolumePathNameW, CreateSymbolicLinkW, CreateHardLinkW, RaiseException, LoadLibraryA, FreeLibrary, LocalAlloc, UnhandledExceptionFilter, GetCurrentProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, InterlockedCompareExchange, Sleep, InterlockedExchange, GetVDMCurrentDirectories, CmdBatNotification
msvcrt.dll: _wpopen, _wcsupr, setlocale, realloc, towlower, fprintf, _iob, printf, memcpy, wcsrchr, rand, iswalpha, wcstoul, _errno, _local_unwind4, wcsstr, _setjmp3, exit, fflush, srand, time, _wtol, iswxdigit, wcsncmp, _setmode, _pipe, _ultoa, swscanf, _close, _open_osfhandle, _dup, _dup2, qsort, _wcslwr, free, ferror, __getmainargs, _cexit, _exit, _XcptFilter, _initterm, _amsg_exit, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler4_common, _terminate@@YAXXZ, _controlfp, feof, _pclose, memmove, wcschr, _tell, iswspace, memset, wcsspn, towupper, longjmp, _wcsnicmp, _wcsicmp, _vsnwprintf, _get_osfhandle, _getch, iswdigit, wcstol, calloc, fgets
ntdll.dll: RtlDosPathNameToNtPathName_U, NtFsControlFile, RtlFreeHeap, NtQueryInformationProcess, NtSetInformationProcess, RtlNtStatusToDosError, NtQueryInformationToken, NtClose, NtOpenProcessToken, NtOpenThreadToken

( 0 exports )

ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n’y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l’utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu’un fichier est sans danger. Il n’y a actuellement aucune solution qui offre un taux d’efficacité de 100% pour la détection des virus et malwares.

Met a jour MBAM et refait un scan complet

Sinon le pc va mieux ou il y a encore un probléme?