Forum Clubic

Raport hijackthis

Suite à un autre post vous m’avez demandé de faire un scan avant analyse antivirus et malware.
Voici les deux rapports (deux virus détectés mis en quarantaine par avast)
Désolé mais sur le premier rapport je ne l’ai pas fait en tant qu’administrateur donc la partie host n’a pas été scannée (enfin je crois)
Premier rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:21, on 20/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
C:\Users\nadine\Downloads\dob250.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = recherche.neuf.fr…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = recherche.neuf.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = home.neuf.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.fr.acer.yahoo.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = recherche.neuf.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.fr.acer.yahoo.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = recherche.neuf.fr…
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = fr.rd.yahoo.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [ZoneAlarm Client] “C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe”
O4 - HKLM…\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM…\Run: [Agent Banque 3.0 Manager] C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe
O4 - HKLM…\Run: [SystrayORAHSS] “C:\Program Files\Orange\Systray\SystrayApp.exe”
O4 - HKLM…\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe


End of file - 6601 bytes

DEUXIEME RAPPORT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:40:45, on 21/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Users\nadine\Downloads\dob250.exe
C:\Users\nadine\Desktop\dob250.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = recherche.neuf.fr…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = recherche.neuf.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = home.neuf.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.fr.acer.yahoo.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = recherche.neuf.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.fr.acer.yahoo.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = recherche.neuf.fr…
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = fr.rd.yahoo.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [ZoneAlarm Client] “C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe”
O4 - HKLM…\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM…\Run: [Agent Banque 3.0 Manager] C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe
O4 - HKLM…\Run: [SystrayORAHSS] “C:\Program Files\Orange\Systray\SystrayApp.exe”
O4 - HKLM…\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE RÉSEAU’)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe


End of file - 6852 bytes

Merci pour votre aide

Salut

Upload c’est fichier sur le site virus total et post les résultat

A tu suivis toutes les instructions du sujet que je t’ai donner?
Post les rapport de Malwarebytes et de ton antivirus (si tu a eu des rapport)

1 er upload
Fichier Bq30tna.exe reçu le 2008.08.21 20:39:38 (CET)
Situation actuelle: en cours de chargement … mis en file d’attente en attente en cours d’analyse terminé NON TROUVE ARRETE
Résultat: 0/36 (0%)
en train de charger les informations du serveur…
Votre fichier est dans la file d’attente, en position: ___.
L’heure estimée de démarrage est entre ___ et ___ .
Ne fermez pas la fenêtre avant la fin de l’analyse.
L’analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d’analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n’existe pas.
Le service est en ce moment, stoppé, votre fichier attend d’être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer “Demande” pour que le système vous envoie une notification quand l’analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.21 -
AntiVir 7.8.1.23 2008.08.21 -
Authentium 5.1.0.4 2008.08.21 -
Avast 4.8.1195.0 2008.08.21 -
AVG 8.0.0.161 2008.08.21 -
BitDefender 7.2 2008.08.21 -
CAT-QuickHeal 9.50 2008.08.21 -
ClamAV 0.93.1 2008.08.21 -
DrWeb 4.44.0.09170 2008.08.21 -
eSafe 7.0.17.0 2008.08.21 -
eTrust-Vet 31.6.6039 2008.08.21 -
Ewido 4.0 2008.08.21 -
F-Prot 4.4.4.56 2008.08.21 -
F-Secure 7.60.13501.0 2008.08.21 -
Fortinet 3.14.0.0 2008.08.21 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.21 -
K7AntiVirus 7.10.423 2008.08.21 -
Kaspersky 7.0.0.125 2008.08.21 -
McAfee 5366 2008.08.21 -
Microsoft 1.3807 2008.08.21 -
NOD32v2 3376 2008.08.21 -
Norman 5.80.02 2008.08.21 -
Panda 9.0.0.4 2008.08.21 -
PCTools 4.4.2.0 2008.08.21 -
Prevx1 V2 2008.08.21 -
Rising 20.58.32.00 2008.08.21 -
Sophos 4.32.0 2008.08.21 -
Sunbelt 3.1.1564.1 2008.08.21 -
Symantec 10 2008.08.21 -
TheHacker 6.3.0.6.057 2008.08.21 -
TrendMicro 8.700.0.1004 2008.08.21 -
VBA32 3.12.8.4 2008.08.21 -
ViRobot 2008.8.21.1344 2008.08.21 -
VirusBuster 4.5.11.0 2008.08.21 -
Webwasher-Gateway 6.6.2 2008.08.21 -
Information additionnelle
File size: 3370496 bytes
MD5…: fddd9d8d2916f0e10b993195f9312dd2
SHA1…: 7b6bc3f69c62f1ce6c2bac5212649121a743cc8a
SHA256: 591eb0c04c4a077c8e270f6bf29c8725ac66161dbd7b6069e9f2e715d0bf4ca5
SHA512: 14887c6f0a6d6a11594bfccdb34a6aaead75cf649233e2369de32a93e2eecd21
5b3bdecc4eee47a11a9c0a8427a9c3b48ffdc788641eadbab13956464c8df0f9
PEiD…: BobSoft Mini Delphi -> BoB / BobSoft
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x663f80
timedatestamp…: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype…: 0x14c (I386)

( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x26301c 0x263200 6.55 4110d50becd335c2ae1a566013c93d16
DATA 0x265000 0xa170 0xa200 5.20 5d050d5ac19a6108292956288ae91da5
BSS 0x270000 0x6369 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x277000 0x4742 0x4800 5.16 d0c926de74ee0d3df87ed4c935a3ac78
.tls 0x27c000 0x98 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x27d000 0x4d 0x200 1.11 f2d33cad868cee28b208f0f19dc47a8c
.reloc 0x27e000 0x2c560 0x2c600 6.61 1a74d0ae3edaae3102648fbb02bbcd67
.rsrc 0x2ab000 0x98600 0x98600 3.95 197f6ad40b976806c7fcb7a94cae80f0

( 33 imports )

kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetTickCount, QueryPerformanceCounter, GetVersion, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, SetCurrentDirectoryA, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetCurrentDirectoryA, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle
user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA
advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen
kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
borlndmm.dll: @Borlndmm@SysGetMem$qqri
kernel32.dll: GetProcAddress, GetModuleHandleA
advapi32.dll: SetSecurityDescriptorDacl, RegSetValueExA, RegQueryValueExW, RegQueryValueExA, RegQueryInfoKeyA, RegOpenKeyExW, RegOpenKeyExA, RegFlushKey, RegEnumValueA, RegEnumKeyExA, RegDeleteValueA, RegDeleteKeyA, RegCreateKeyExA, RegCreateKeyA, RegCloseKey, LookupAccountNameA, InitializeSecurityDescriptor, GetUserNameA
kernel32.dll: lstrlenW, lstrlenA, lstrcpyA, lstrcmpA, WritePrivateProfileStringA, WriteFile, WideCharToMultiByte, WaitForSingleObject, WaitForMultipleObjects, VirtualQueryEx, VirtualQuery, VirtualProtect, VirtualFree, VirtualAlloc, UnmapViewOfFile, SuspendThread, SleepEx, Sleep, SizeofResource, SetThreadPriority, SetThreadLocale, SetFilePointer, SetFileAttributesA, SetEvent, SetErrorMode, SetEndOfFile, SetCurrentDirectoryA, SetComputerNameA, ResumeThread, ResetEvent, ReleaseMutex, ReadFile, QueryPerformanceFrequency, QueryPerformanceCounter, PulseEvent, OpenProcess, OpenMutexA, OpenFileMappingA, OpenEventA, MultiByteToWideChar, MulDiv, MapViewOfFile, LockResource, LoadResource, LoadLibraryA, LeaveCriticalSection, IsBadReadPtr, InitializeCriticalSection, GlobalUnlock, GlobalSize, GlobalReAlloc, GlobalMemoryStatus, GlobalHandle, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetWindowsDirectoryA, GetVersionExA, GetVersion, GetUserDefaultLCID, GetTickCount, GetThreadPriority, GetThreadLocale, GetSystemPowerStatus, GetSystemInfo, GetSystemDirectoryA, GetStringTypeExA, GetStdHandle, GetProfileStringA, GetProcAddress, GetPrivateProfileStringA, GetOEMCP, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetFileSize, GetFileAttributesA, GetExitCodeThread, GetEnvironmentVariableA, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentThread, GetCurrentProcessId, GetCurrentProcess, GetCurrentDirectoryA, GetComputerNameA, GetCPInfo, GetACP, FreeResource, InterlockedIncrement, InterlockedExchange, InterlockedDecrement, FreeLibrary, FormatMessageA, FlushInstructionCache, FindResourceA, FindFirstFileA, FindClose, FileTimeToLocalFileTime, FileTimeToDosDateTime, ExpandEnvironmentStringsA, EnumCalendarInfoA, EnterCriticalSection, DeleteFileA, DeleteCriticalSection, CreateThread, CreateMutexA, CreateFileMappingA, CreateFileA, CreateEventA, CreateDirectoryA, CompareStringW, CompareStringA, CloseHandle
mpr.dll: WNetOpenEnumA, WNetGetUniversalNameA, WNetEnumResourceA, WNetCloseEnum
version.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA
gdi32.dll: UnrealizeObject, TextOutA, StretchDIBits, StretchBlt, StartPage, StartDocA, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetTextAlign, SetStretchBltMode, SetROP2, SetPixelFormat, SetPixel, SetMapMode, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SetAbortProc, SelectPalette, SelectObject, SelectClipRgn, SaveDC, RoundRect, RestoreDC, ResetDCA, Rectangle, RectVisible, RealizePalette, Polyline, Polygon, PlayEnhMetaFile, Pie, PatBlt, MoveToEx, MaskBlt, LineTo, LPtoDP, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetViewportOrgEx, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32A, GetTextExtentExPointA, GetTextAlign, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetPixel, GetPaletteEntries, GetObjectA, GetMapMode, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileDescriptionA, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipRgn, GetClipBox, GetBrushOrgEx, GetBkMode, GetBkColor, GetBitmapBits, GdiFlush, FrameRgn, FillRgn, ExtTextOutA, ExtSelectClipRgn, ExtCreatePen, ExcludeClipRect, Escape, EnumFontsA, EnumFontFamiliesExA, EndPage, EndDoc, Ellipse, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRoundRectRgn, CreateRectRgnIndirect, CreateRectRgn, CreatePolygonRgn, CreatePenIndirect, CreatePen, CreatePalette, CreateICA, CreateHalftonePalette, CreateFontIndirectW, CreateFontIndirectA, CreateEnhMetaFileA, CreateEllipticRgn, CreateDIBitmap, CreateDIBSection, CreateDCA, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, CombineRgn, CloseEnhMetaFile, ChoosePixelFormat, BitBlt, Arc, AbortDoc
user32.dll: CreateWindowExA, WindowFromPoint, WindowFromDC, WinHelpA, WaitMessage, ValidateRect, UpdateWindow, UnregisterClassA, UnionRect, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCursor, ShowCaret, SetWindowRgn, SetWindowsHookExA, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongA, SetTimer, SetSysColors, SetScrollRange, SetScrollPos, SetScrollInfo, SetRectEmpty, SetRect, SetPropA, SetParent, SetMenuItemInfoA, SetMenu, SetKeyboardState, SetForegroundWindow, SetFocus, SetCursorPos, SetCursor, SetClipboardData, SetClassLongA, SetCaretPos, SetCaretBlinkTime, SetCapture, SetActiveWindow, SendMessageA, ScrollWindowEx, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassA, RedrawWindow, PtInRect, PostQuitMessage, PostMessageA, PeekMessageA, OpenClipboard, OffsetRect, OemToCharA, MsgWaitForMultipleObjects, MoveWindow, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyA, LoadStringA, LoadMenuA, LoadKeyboardLayoutA, LoadImageA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, IsClipboardFormatAvailable, IsChild, IsCharAlphaNumericA, IsCharAlphaA, InvalidateRgn, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, HideCaret, GetWindowThreadProcessId, GetWindowTextA, GetWindowRgn, GetWindowRect, GetWindowPlacement, GetWindowLongA, GetWindowDC, GetUpdateRect, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetNextDlgTabItem, GetMessageTime, GetMenuStringA, GetMenuState, GetMenuItemRect, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutNameA, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDoubleClickTime, GetDlgItem, GetDialogBaseUnits, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassNameA, GetClassInfoA, GetCaretPos, GetCaretBlinkTime, GetCapture, GetAsyncKeyState, GetActiveWindow, FrameRect, FindWindowExA, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EnumDisplaySettingsA, EnumClipboardFormats, EndPaint, EndDeferWindowPos, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextExA, DrawTextW, DrawTextA, DrawStateA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawFocusRect, DrawEdge, DrawAnimatedRects, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DestroyCaret, DeleteMenu, DeferWindowPos, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreatePopupMenu, CreateMenu, CreateIcon, CreateCaret, CloseClipboard, ClientToScreen, CheckMenuItem, ChangeDisplaySettingsA, CallWindowProcA, CallNextHookEx, BringWindowToTop, BeginPaint, BeginDeferWindowPos, CharNextA, CharLowerBuffA, CharLowerA, CharUpperBuffA, CharToOemA, AdjustWindowRectEx, ActivateKeyboardLayout
kernel32.dll: Sleep
oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayPutElement, SafeArrayGetElement, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopyInd, VariantCopy, VariantClear, VariantInit
ole32.dll: CreateStreamOnHGlobal, IsAccelerator, OleDraw, OleSetMenuDescriptor, DoDragDrop, RevokeDragDrop, RegisterDragDrop, OleUninitialize, OleInitialize, CoTaskMemFree, CoTaskMemAlloc, ProgIDFromCLSID, StringFromCLSID, CoCreateInstance, CoGetClassObject, CoUninitialize, CoInitialize, IsEqualGUID
oleaut32.dll: GetErrorInfo, GetActiveObject, SysFreeString
olepro32.dll: OleLoadPicture
comctl32.dll: ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_GetIcon, ImageList_Remove, ImageList_DrawEx, ImageList_Replace, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create, InitCommonControls
winspool.drv: OpenPrinterA, EnumPrintersA, DocumentPropertiesA, ClosePrinter
shell32.dll: Shell_NotifyIconA, ShellExecuteA, SHGetFileInfoA
wininet.dll: InternetSetStatusCallback, InternetSetOptionA, InternetReadFile, InternetOpenA, InternetGetLastResponseInfoA, InternetConnectA, InternetCloseHandle, HttpSendRequestA, HttpQueryInfoA, HttpOpenRequestA, FtpGetFileSize, FtpOpenFileA
shell32.dll: SHGetSpecialFolderLocation, SHGetPathFromIDListA, SHGetMalloc, SHGetDesktopFolder, SHBrowseForFolderA
comdlg32.dll: CommDlgExtendedError, PrintDlgA, GetSaveFileNameA, GetOpenFileNameA
omdw.dll: OMDWPNET_SendMail, OMDWPNET_IsInternetConnexion, OMDWPMSG_AfficheSaveFileName, OMDWPMSG_AfficheOpenFileName, OMDWPMSG_AfficheQuestion, OMDWPMSG_AfficheSelectionItems, OMDWPMSG_AfficheStop, OMDWPMSG_AfficheAttention, OMDWPMSG_AfficheInfo, OMDWPMNT_ForcerNumericValue, OMDWPMNT_Arrondir, OMDWPIHM_GetBackgroundColor, OMDWPIHM_SetBackgroundColor, OMDWPIHM_AutoSizeCheckBox, OMDWPIHM_PositionnerPopupCtrl, OMDWPIHM_GetDefaultMenuItem, OMDWPIHM_GetFormName, OMDWPIHM_GetForm, OMDWPIHM_GetLabelCtrlCaption, OMDWPIHM_GetStandardScrollSize, OMDWPIHM_GetValueHTMLCB, OMDWPIHM_SetValueHTMLCB, OMDWPIHM_AjouterArrayHTMLCB, OMDWPIHM_AjouterColonneHTMLCB, OMDWPIHM_AjouterMenuAPropos, OMDWPIHM_SetCursor, OMDWPIHM_GetCtrlPosition, OMDWPIHM_SetFocus, OMDWPIHM_GetTextLigneHTMLCB, OMDWPIHM_FormatHTMLCB, OMDWPIHM_FormatHTMLCBColor, OMDWPIHM_FillGridViewUngrouped, OMDWPIHM_FillGridViewColumns, OMDWPIHM_GetGridViewSelection, OMDWPIHM_GetGridViewCell, OMDWPIHM_AjouterLigneGridView, OMDWPIHM_SetGridViewCellValue, OMDWPIHM_ClearGridView, OMDWPIHM_FormatGridView, OMDWPIHM_FormatBouton, OMDWPFIL_GetInternetCmdLine, OMDWNDLL_Main, OMDWPDIV_FindAppFromPid, OMDWPDIV_CreateProcess, OMDWPCHR_RevertString, OMDWPCHR_FormaterFileName, OMDWPCHR_DeformaterHTML, OMDWPCHR_FindIntoList, OMDWPCHR_Pad, OMDWPCHR_Iif_Int, OMDWPCHR_Iif_Str, OMDWPCHR_SetTokenPart, OMDWPCHR_UncryptInternalString, OMDWPCHR_GetTokenPart
omcw.dll: OMCWCVER_GetOsVersion, OMCWCPTH_GetTempFileName, OMCWCPTH_GetAppDataDirectory, OMCWCPTH_IsValidPath, OMCWCPTH_GetPersoDirectory, OMCWCPTH_GetTempDirectory, OMCWCPTH_GetFileName, OMCWCPTH_GetDirName, OMCWCMNT_DeFormateUnit, OMCWCMNT_Formate, OMCWCMNT_DeFormate, OMCWCMNT_IsNumeric, OMCWCMEM_Free, OMCWCMEM_Allocat, OMCWCIHM_IsThemeXP, OMCWCIHM_NbLignes, OMCWCIHM_Exec, OMCWCFIL_GetTempFilename, OMCWCFIL_WriteLogMsg, OMCWCFIL_InitLogFile, OMCWCFIL_GetFileVersion, OMCWCFIL_Writeln, OMCWCFIL_Close, OMCWCFIL_AppendEnd, OMCWCFIL_Create, OMCWCCHR_PosStrNotInStr, OMCWCCHR_PosStrInStr, OMCWCCHR_LibGetType, OMCWCCHR_GetType, OMCWCCHR_Proper
bq30ut1.dll: BQU1CRES_GetResourceID, BQU1CLOG_GetLogFile, BQU1CLOG_WriteWarning, BQU1CLOG_WriteError, BQU1CHLP_CallContextItem, BQU1CHLP_CallItem, BQU1CDLL_GetHinstDLL
omdwib.dll: OMIBNCST_FormaterLibelleSQL, OMIBNCST_CurrToIBStr
winmm.dll: sndPlaySoundA
kernel32.dll: GetVersionExA
wsock32.dll: WSACleanup, WSAStartup, gethostname, gethostbyname, inet_ntoa
winspool.drv: DeviceCapabilitiesA
gdiplus.dll: GdipSetStringFormatHotkeyPrefix, GdipGetImageHeight, GdipGetImageWidth, GdipDisposeImage, GdipLoadImageFromStreamICM, GdipLoadImageFromStream, GdipDrawImageRect, GdipGetImageRawFormat, GdipSetStringFormatLineAlign, GdipSetStringFormatAlign, GdipDeleteStringFormat, GdipCreateStringFormat, GdipMeasureString, GdipDrawString, GdipDeleteFont, GdipCreateFont, GdipDeleteFontFamily, GdipCreateFontFamilyFromName, GdipSetTextRenderingHint, GdipSetSmoothingMode, GdipDeleteGraphics, GdipCreateFromHDC, GdipCreateSolidFill, GdipDeleteBrush, GdiplusShutdown, GdiplusStartup, GdipFree, GdipAlloc

( 0 exports )
2 eme upload
Fichier HijackThis.exe reçu le 2008.08.21 18:49:43 (CET)
Situation actuelle: terminé
Résultat: 2/36 (5.56%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.21 -
AntiVir 7.8.1.23 2008.08.21 -
Authentium 5.1.0.4 2008.08.21 -
Avast 4.8.1195.0 2008.08.21 -
AVG 8.0.0.161 2008.08.21 -
BitDefender 7.2 2008.08.21 -
CAT-QuickHeal 9.50 2008.08.21 -
ClamAV 0.93.1 2008.08.21 -
DrWeb 4.44.0.09170 2008.08.21 -
eSafe 7.0.17.0 2008.08.21 Suspicious File
eTrust-Vet 31.6.6039 2008.08.21 -
Ewido 4.0 2008.08.21 -
F-Prot 4.4.4.56 2008.08.20 -
F-Secure 7.60.13501.0 2008.08.21 -
Fortinet 3.14.0.0 2008.08.21 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.21 -
K7AntiVirus 7.10.423 2008.08.21 -
Kaspersky 7.0.0.125 2008.08.21 -
McAfee 5366 2008.08.21 -
Microsoft 1.3807 2008.08.21 -
NOD32v2 3375 2008.08.21 -
Norman 5.80.02 2008.08.21 -
Panda 9.0.0.4 2008.08.21 Suspicious file
PCTools 4.4.2.0 2008.08.21 -
Prevx1 V2 2008.08.21 -
Rising 20.58.32.00 2008.08.21 -
Sophos 4.32.0 2008.08.21 -
Sunbelt 3.1.1564.1 2008.08.21 -
Symantec 10 2008.08.21 -
TheHacker 6.3.0.6.056 2008.08.21 -
TrendMicro 8.700.0.1004 2008.08.21 -
VBA32 3.12.8.4 2008.08.21 -
ViRobot 2008.8.21.1344 2008.08.21 -
VirusBuster 4.5.11.0 2008.08.21 -
Webwasher-Gateway 6.6.2 2008.08.21 -
Information additionnelle
File size: 401720 bytes
MD5…: e8269245566be948f6a219135b434160
SHA1…: 1ac255b76ef692ea6c09d4840dcd28c67c5d6bfe
SHA256: 3c253bfd385c7f245f3c6131e58cbe22c0d03073a828b9938f923f00562d7c2d
SHA512: bed5aa905b0b940e99489c19835c1c199878ab7455bff84748b94a0577db8d8e
ebd66c96a3fc6db110bb6fde95947837860eb701c01cb65cb73488c7a464bae8
PEiD…: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x542830
timedatestamp…: 0x466838c1 (Thu Jun 07 16:56:33 2007)
machinetype…: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0xfc000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0xfd000 0x46000 0x45a00 7.93 8764d7eac0301131e6c79e4aa30317bf
.rsrc 0x143000 0x1b000 0x1ae00 4.69 5f1a0873640fcdb4a281dbf91049814f

( 2 imports )

KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess
MSVBVM60.DLL: -

( 0 exports )
ThreatExpert info: www.threatexpert.com…
packers (F-Prot): UPX
packers (Kaspersky): PE_Patch.UPX, UPX

ATENTION ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n’y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l’utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu’un fichier est sans danger. Il n’y a actuellement aucune solution qui offre un taux d’efficacité de 100% pour la détection des virus et malwares.

Curieux car c’est hijackthis.exe dont j’ai modifié le nom comme vous l’aviez noté non??

3eme upload

c’est comme le deuxième le fichier a été déplacé depuis.

Bizarre pas de journal archivé avec avast dans la zone de quarantaine suite au scan du 20/08 deux adwares
Avec malwarebytes le 17/08 il y avait un fichier infecté je vous mets le rapport pour info
Malwarebytes’ Anti-Malware 1.24
Version de la base de données: 1060
Windows 6.0.6001 Service Pack 1

14:00:13 17/08/2008
mbam-log-8-17-2008 (14-00-13).txt

Type de recherche: Examen complet (C:|D:|)
Eléments examinés: 115396
Temps écoulé: 1 hour(s), 45 minute(s), 47 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\ATI Technologies\AskSBar\bar\1.bin\ASKSBAR.DLL (Adware.AskSBAR) -> Quarantined and deleted successfully.

Celui du 21/08 avec aucun malware
Malwarebytes’ Anti-Malware 1.24
Version de la base de données: 1060
Windows 6.0.6001 Service Pack 1

05:28:58 21/08/2008
mbam-log-8-21-2008 (05-28-58).txt

Type de recherche: Examen rapide
Eléments examinés: 34367
Temps écoulé: 7 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Voilà merci pour votre réponse :wink:

Connait tu c’est fichier?

Oui suite au post “mon pc rame” on ma dit d’utiliser HijackThis dans la procédure il était indiqué de changer le nom j’ai mis dob250
CQFD
Rien d’autre c’est bon signe pour l’infection mais ça rame toujours.
Alors qu’à l’achat se n’était as une foudre mais mieux qu’aujourd’hui :@
Merci

Fait un scan complet en mode sans échec avec malwarebytesantimalware et ton antivirus aprés l’avoir mis a jours