Paysages - Contacts

Forum de contacts, de partages et d'entraides entre professionnels, étudiants ou amateurs dans le domaine de l'architecture et du paysage

  • Poster un nouveau sujet
  • Répondre au sujet

Problème de virus [résolu]

Partager
ludo

ludo
Invité

  • Message n°1

Problème de virus [résolu]

Message  ludo le Jeu 27 Nov - 1:28

Bonjour,
Very Happy

Mon PC a un virus et je n'arrive pas à m'en débarrasser.

Quelqu'un sait comment faire ?

Merci !
  • Revenir en haut
DllD

DllD
Admin

Messages: 71
Date d'inscription: 26/11/2008
Age: 32
  • Message n°2

Re: Problème de virus [résolu]

Message  DllD le Jeu 27 Nov - 1:48

Hello momo,

geek

Fais ceci stp :

> Télécharge random's system information tool (RSIT) : http://images.malwareremoval.com/random/RSIT.exe
- Enregistre le programme sur ton bureau.
- Double clique sur RSIT.exe
- A l'écran "Disclaimer" choisis "3 months" dans le menu déroulant puis clique sur <continue>.
- Si HiJackThis n'est pas détecté sur ton PC, RSIT le téléchargera ; accepte alors la licence.
- Une fois le scanne terminé tu obtiendras un rapport log.txt. Poste le sur le forum.
NB : Il se peut que tu obtiennes un second rapport nommé info.txt. Dans ce cas poste le aussi.


Poste le rapport en utilisant ce service : www.ci-joint.fr


Merci.

A+

Dernière édition par DllD le Ven 28 Nov - 0:09, édité 3 fois
  • Revenir en haut
DllD

DllD
Admin

Messages: 71
Date d'inscription: 26/11/2008
Age: 32
  • Message n°3

Re: Problème de virus [résolu]

Message  DllD le Jeu 27 Nov - 18:06

Salut maud,
Je copie colle ton rapport ci-dessous.

Logfile of random's system information tool 1.04 (written by random/random)
Run by Maud at 2008-11-27 01:53:42
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 19 GB (28%) free of 66 GB
Total RAM: 2047 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:53:54, on 27/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\nvsvc32.exe
C:\documents and settings\maud\local settings\application data\gibckc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Maud\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Maud.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Program Files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
O4 - HKCU\..\Run: [gibckc] "c:\documents and settings\maud\local settings\application data\gibckc.exe" gibckc
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1193162452406
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 12694 bytes

Dernière édition par DllD le Jeu 27 Nov - 18:07, édité 1 fois
  • Revenir en haut
DllD

DllD
Admin

Messages: 71
Date d'inscription: 26/11/2008
Age: 32
  • Message n°4

Re: Problème de virus [résolu]

Message  DllD le Jeu 27 Nov - 18:06

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-03-14 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-06 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
ASUS Security Protect Manager - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-01-24 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-03-14 2436160]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-04-17 110592]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-08-06 573440]
"PowerForPhone"=C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe [2006-06-29 774144]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2006-02-21 180224]
"CognizanceTS"=c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll [2003-12-22 17920]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2006-05-30 811008]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-06-08 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ABLKSR"=C:\WINDOWS\ABLKSR\ABLKSR.exe [2006-01-02 61440]
"RemoteControl"=C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe [2004-11-02 32768]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-14 90112]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-08-01 802816]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-08-01 696320]
"Adobe Version Cue CS2"=C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [2005-04-06 856064]
"Acrobat Assistant 7.0"=C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe [2008-04-23 483328]
""= []
"Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-12-11 20992]
"MMTray"=C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [2003-10-01 114688]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-26 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"DriverUpdaterPro"=C:\Program Files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t []
"gibckc"=c:\documents and settings\maud\local settings\application data\gibckc.exe [2008-11-18 320000]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll [2006-05-02 40448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe"="C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe:*:Enabled:Adobe Version Cue CS2"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe"="C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe:*:Enabled:Camfrog Client Module"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{79f49e3b-e93c-11dc-9fad-0018de790b41}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7b14d89f-83b0-11dc-9f27-0018de790b41}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{80153c76-910d-11dc-9f39-0018de790b41}]
shell\AutoRun\command - J:\ReadMe.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ad2bc68-ae86-11dc-9f5f-0018de790b41}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aca9949a-0ba9-11dd-9fea-0018de790b41}]
shell\AutoRun\command - tknn6.bat
shell\explore\command - tknn6.bat
shell\open\command - tknn6.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6e0031a-4425-11dd-a02f-0018de790b41}]
shell\AutoRun\command - G:\AutoPlay.exe -auto -c

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9f42276-83c7-11dc-9f28-0018de790b41}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe cradle_of_filth.vbe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4c987b8-a9b9-11dd-a0ce-0018de790b41}]
shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4c987c0-a9b9-11dd-a0ce-0018de790b41}]
shell\Auto\command - H:\cjq.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cjq.exe
  • Revenir en haut
DllD

DllD
Admin

Messages: 71
Date d'inscription: 26/11/2008
Age: 32
  • Message n°5

Re: Problème de virus [résolu]

Message  DllD le Jeu 27 Nov - 18:09

======File associations======

.scr - open - "C:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 3 months======

2008-11-27 01:52:52 ----D---- C:\rsit
2008-11-25 00:25:10 ----SHD---- C:\Config.Msi
2008-11-24 16:44:36 ----D---- C:\Documents and Settings\Maud\Application Data\Apple Computer
2008-11-24 16:35:21 ----D---- C:\Program Files\Apple Software Update
2008-11-24 16:35:20 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-11-21 03:51:45 ----D---- C:\Documents and Settings\Maud\Application Data\Toshiba
2008-11-16 00:09:11 ----D---- C:\Program Files\eMule
2008-11-15 05:21:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-11-15 05:20:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-15 05:16:19 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-15 05:14:42 ----D---- C:\WINDOWS\Prefetch
2008-11-14 15:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-14 15:33:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-14 15:33:13 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-14 15:32:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-14 15:32:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-14 15:31:05 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-14 15:30:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-14 15:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-14 15:28:50 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-14 15:28:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-11-14 15:26:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-14 15:26:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-14 15:25:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-14 15:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-14 15:24:39 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-14 15:24:15 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-14 15:23:56 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-14 15:16:16 ----A---- C:\WINDOWS\setuplog.txt
2008-11-14 15:13:57 ----D---- C:\WINDOWS\system32\fr
2008-11-14 15:13:57 ----D---- C:\WINDOWS\system32\bits
2008-11-14 15:13:57 ----D---- C:\WINDOWS\l2schemas
2008-11-14 15:10:58 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-14 15:03:46 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-14 03:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-11-14 03:33:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2008-11-06 16:36:41 ----D---- C:\100CASIO
2008-10-25 04:41:52 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-10-24 11:48:18 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2008-10-24 11:48:14 ----A---- C:\WINDOWS\system32\c_iscii.dll
2008-10-24 11:48:12 ----A---- C:\WINDOWS\system32\kbdusa.dll
2008-10-24 11:42:03 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2008-10-22 07:36:55 ----D---- C:\Documents and Settings\Maud\Application Data\Canon
2008-10-15 10:23:18 ----D---- C:\MCO-PRO
2008-10-15 02:11:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-10-15 02:11:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 02:11:29 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-10-15 02:10:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-10-15 02:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-10-05 14:21:04 ----A---- C:\WINDOWS\system32\rundll32.exe.Z-missing.txt
2008-10-03 13:41:47 ----D---- C:\WINDOWS\Applian FLV Player
2008-10-03 13:41:47 ----D---- C:\Program Files\FLV Player
2008-10-03 13:41:33 ----A---- C:\WINDOWS\Applian FLV Player Setup Log.txt
2008-10-03 12:53:28 ----D---- C:\Documents and Settings\Maud\Application Data\Mozilla
2008-10-03 12:53:13 ----D---- C:\Program Files\Mozilla Firefox
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
2008-09-15 11:52:18 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-09-12 14:11:25 ----HD---- C:\CanoScan
2008-09-12 14:11:25 ----A---- C:\WINDOWS\system32\UCS32P.DLL
2008-09-12 14:11:25 ----A---- C:\WINDOWS\system32\N067UFW.DLL
2008-09-12 14:11:25 ----A---- C:\WINDOWS\system32\CNQU70.DLL
2008-09-12 14:08:00 ----D---- C:\Program Files\WinZip
2008-09-12 13:59:41 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2008-09-11 13:50:45 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-09-11 13:49:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-06 22:18:56 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-09-06 22:18:54 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-06 22:18:54 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-09-06 22:18:54 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-09-06 22:18:47 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-06 22:18:47 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-09-06 22:18:43 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-09-06 22:18:43 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-09-06 22:18:39 ----N---- C:\WINDOWS\system32\slserv.exe
2008-09-06 22:18:39 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-09-06 22:18:39 ----N---- C:\WINDOWS\system32\slgen.dll
2008-09-06 22:18:39 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-09-06 22:18:39 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-09-06 22:18:39 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-06 22:18:39 ----N---- C:\WINDOWS\slrundll.exe
2008-09-06 22:18:38 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-09-06 22:18:37 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-06 22:18:36 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-06 22:18:36 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-06 22:18:35 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-06 22:18:35 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-06 22:18:35 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-06 22:18:35 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-09-06 22:18:33 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-06 22:18:28 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-06 22:18:28 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-06 22:18:28 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-06 22:18:27 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-09-06 22:18:27 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-09-06 22:18:27 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-09-06 22:18:26 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-06 22:18:26 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-06 22:18:18 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-06 22:18:18 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-06 22:18:18 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-06 22:18:18 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-06 22:18:17 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-09-06 22:18:11 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-06 22:18:11 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-06 22:18:11 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-06 22:18:11 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-06 22:18:11 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-06 22:18:11 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-06 22:18:08 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-09-06 22:18:08 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-09-06 22:18:07 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-09-06 22:18:05 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-09-06 22:18:03 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-09-06 22:18:03 ----A---- C:\WINDOWS\002923_.tmp
2008-09-06 22:18:02 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-06 22:18:02 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-06 22:18:02 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-06 22:18:02 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-06 22:18:02 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-06 22:18:02 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-06 22:18:02 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-06 22:18:02 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-06 22:18:00 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-06 22:18:00 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-06 22:18:00 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-06 22:18:00 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-06 22:18:00 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-06 22:18:00 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-06 22:18:00 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-06 22:18:00 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-06 22:18:00 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-06 22:17:59 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-06 22:17:58 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-06 22:17:54 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-06 22:17:54 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-06 22:17:54 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-09-06 22:17:54 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-09-06 22:17:53 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-09-06 22:17:53 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-09-06 22:17:53 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-09-06 22:17:53 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-09-06 22:17:53 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-09-06 22:17:51 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-06 02:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-09-06 02:01:41 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-09-06 02:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-09-04 20:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2008-09-04 20:02:46 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-09-04 20:02:45 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-09-04 20:01:43 ----D---- C:\Program Files\Windows Media Connect 2
2008-09-04 20:01:30 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-09-04 20:00:15 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-09-04 19:59:35 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-09-04 19:58:18 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2008-09-03 15:57:35 ----A---- C:\WINDOWS\IE4 Error Log.txt

======List of files/folders modified in the last 3 months======

2008-11-27 01:52:57 ----D---- C:\WINDOWS\Temp
2008-11-27 00:30:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-27 00:19:13 ----A---- C:\WINDOWS\ModemLog_Motorola SM56 Speakerphone Modem.txt
2008-11-27 00:19:04 ----D---- C:\WINDOWS\system32\drivers
2008-11-26 23:23:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-26 23:01:47 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-26 20:07:05 ----D---- C:\Program Files\adslTV
2008-11-25 03:34:50 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-25 00:26:32 ----SHD---- C:\WINDOWS\Installer
2008-11-25 00:25:54 ----D---- C:\Program Files\QuickTime
2008-11-25 00:25:20 ----D---- C:\Program Files\Fichiers communs
2008-11-25 00:25:19 ----D---- C:\WINDOWS\system32
2008-11-25 00:21:44 ----D---- C:\WINDOWS
2008-11-24 19:13:59 ----D---- C:\Documents and Settings\Maud\Application Data\Adobe
2008-11-24 16:36:46 ----D---- C:\Program Files\Internet Explorer
2008-11-24 16:35:37 ----SD---- C:\WINDOWS\Tasks
2008-11-24 16:35:21 ----RD---- C:\Program Files
2008-11-24 15:01:28 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-11-21 03:49:36 ----HD---- C:\WINDOWS\inf
2008-11-16 13:55:08 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-15 19:51:16 ----D---- C:\WINDOWS\Help
2008-11-15 18:52:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-15 05:22:23 ----D---- C:\Program Files\MSN Messenger
2008-11-15 05:22:01 ----D---- C:\WINDOWS\Debug
2008-11-15 05:20:23 ----A---- C:\WINDOWS\imsins.BAK
2008-11-15 05:14:05 ----D---- C:\WINDOWS\system32\wbem
2008-11-15 05:14:05 ----D---- C:\WINDOWS\system32\Setup
2008-11-15 05:14:05 ----D---- C:\WINDOWS\AppPatch
2008-11-15 05:14:04 ----RSD---- C:\WINDOWS\Fonts
2008-11-14 23:56:20 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-14 15:34:34 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-14 15:24:17 ----D---- C:\Program Files\Messenger
2008-11-14 15:23:25 ----D---- C:\WINDOWS\security
2008-11-14 15:14:21 ----D---- C:\WINDOWS\WinSxS
2008-11-14 15:14:11 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-14 15:14:11 ----D---- C:\WINDOWS\network diagnostic
2008-11-14 15:14:11 ----D---- C:\WINDOWS\ime
2008-11-14 15:13:58 ----D---- C:\WINDOWS\system32\usmt
2008-11-14 15:13:58 ----D---- C:\WINDOWS\system32\fr-fr
2008-11-14 15:13:57 ----D---- C:\WINDOWS\PeerNet
2008-11-14 15:13:56 ----D---- C:\Program Files\Movie Maker
2008-11-14 15:10:45 ----D---- C:\WINDOWS\system32\Restore
2008-11-14 15:10:45 ----D---- C:\WINDOWS\system32\npp
2008-11-14 15:10:43 ----D---- C:\WINDOWS\msagent
2008-11-14 15:10:41 ----D---- C:\WINDOWS\srchasst
2008-11-14 15:10:40 ----D---- C:\Program Files\NetMeeting
2008-11-14 15:10:38 ----D---- C:\WINDOWS\system32\Com
2008-11-14 15:10:35 ----D---- C:\Program Files\Windows NT
2008-11-14 15:10:35 ----D---- C:\Program Files\Outlook Express
2008-11-14 15:10:31 ----D---- C:\Program Files\Fichiers communs\System
2008-11-14 15:10:16 ----D---- C:\WINDOWS\system32\oobe
2008-11-14 15:10:13 ----D---- C:\WINDOWS\system
2008-11-14 15:07:06 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-14 15:03:25 ----D---- C:\WINDOWS\ehome
2008-11-14 14:37:58 ----A---- C:\WINDOWS\ModemLog_Modem standard 33600 bps.txt
2008-11-14 14:37:58 ----A---- C:\WINDOWS\ModemLog_Modem standard 33600 bps #2.txt
2008-11-14 14:37:52 ----A---- C:\WINDOWS\ModemLog_Modem standard 33600 bps #3.txt
2008-11-14 14:37:35 ----D---- C:\WINDOWS\Registration
2008-11-13 15:32:28 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-06 16:36:37 ----D---- C:\VALUEADD
2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-03 16:13:32 ----D---- C:\Documents and Settings\Maud\Application Data\U3
2008-10-23 23:44:00 ----D---- C:\films IN ITALIANO
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:08:06 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:32 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-15 17:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 02:11:05 ----D---- C:\WINDOWS\ie7updates
2008-10-15 00:08:37 ----D---- C:\Program Files\Google
2008-10-08 04:07:42 ----D---- C:\epson
2008-10-03 18:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-22 02:14:46 ----A---- C:\WINDOWS\win.ini
2008-09-12 14:12:35 ----D---- C:\WINDOWS\twain_32
2008-09-07 20:22:47 ----D---- C:\Documents and Settings\Maud\Application Data\vlc
2008-09-05 12:12:54 ----D---- C:\Program Files\Windows Media Player
2008-09-04 19:59:41 ----D---- C:\WINDOWS\system32\LogFiles
2008-09-04 18:16:10 ----A---- C:\WINDOWS\system32\msxml3.dll
  • Revenir en haut
DllD

DllD
Admin

Messages: 71
Date d'inscription: 26/11/2008
Age: 32
  • Message n°6

Re: Problème de virus [résolu]

Message  DllD le Jeu 27 Nov - 18:09

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-26 75072]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-03-16 302000]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 ItSDisk;ItSDisk; C:\WINDOWS\System32\Drivers\ItSDisk.sys [2006-05-16 17840]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-03-16 72496]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-10-22 21419]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-08-02 12544]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-12-11 25630]
R3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [2003-12-11 37916]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-11 70894]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2007-12-05 28256]
R3 NETw3x32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-07-26 1707776]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-11-01 51584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-24 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-08-06 980608]
R3 SynMini;USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-08-08 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-08-08 7808]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 catchme;catchme; \??\C:\DOCUME~1\Maud\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ipswuio;ipswuio; C:\WINDOWS\System32\DRIVERS\ipswuio.sys [2006-01-24 34944]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2007-07-17 226936]
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-24 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-24 151297]
R2 ASChannel;Canal de communication local; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2007-11-21 54784]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-08-01 434176]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-06 168432]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-03-16 1222192]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-08-01 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-08-01 937984]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-10-23 72704]
S3 Adobe Version Cue CS2;Adobe Version Cue CS2; C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [2005-04-06 163840]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------
  • Revenir en haut
DllD

DllD
Admin

Messages: 71
Date d'inscription: 26/11/2008
Age: 32
  • Message n°7

Re: Problème de virus [résolu]

Message  DllD le Jeu 27 Nov - 18:14

info.txt logfile of random's system information tool 1.04 2008-11-27 01:52:58

======Uninstall list======

-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
-->msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
-->msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe"
-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E47302B-8081-46D3-9FEA-BEB2E5F5C3EC}\SETUP.EXE" -l0x40c anything
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Creative Suite 2-->C:\PROGRA~1\INSTAL~1\{0134A~1\setup.exe /relaunched/rootloc=e:\adobe creative suite 2.0/lang=040c
Adobe Creative Suite-->C:\PROGRA~1\INSTAL~1\{D52EC~1\setup.exe /Relaunched=yes /Uninstall /Relaunched=yes
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
ArcSoft Panorama Maker 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1CABB679-3958-44AA-BFFF-4E68A2684255}\SETUP.EXE" -l0x40c -uninst
a-squared Free 3.0-->"C:\Program Files\a-squared Free\unins000.exe"
ASUS Live Update-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
Asus MiVo Messenger-->"C:\Program Files\Asus\Asus MiVo Messenger\uninstall.exe"
Asus MultiFrame-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\SETUP.EXE" -l0x9
ASUS Security Protect Manager-->rundll32.exe "c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SetupHelper.dll",ExecMain /Uninstall {D83899AB-9964-4CFC-A246-F1BD430A455F}
ASUS Splendid Video Enhancement Technology-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.exe" -l0x9 -removeonly
ASUSDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
ATK Media-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
AutoCAD 2004-->MsiExec.exe /I{5783F2D7-0201-040C-0002-0060B0CE6BBA}
Autodesk Express Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
AVG Anti-Spyware 7.5-->C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe"
Bluetooth Stack for Windows-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
eMule-->"C:\Program Files\eMule\Uninstall.exe"
eMusic - 50 Free MP3 offer-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
EPSON TWAIN 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\Setup.exe" UNINSTALL
Favorit-->"c:\documents and settings\maud\local settings\application data\gibckc.exe" -uninstall
Fingerprint Sensor Minimum Install-->MsiExec.exe /I{AEC544CF-5D36-4F0A-86BD-DF3065258A5B}
Google Earth Pro-->MsiExec.exe /X{14630FF9-172D-4F71-85D2-E565FF92B2A5}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google SketchUp 6 Exporters-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EB459C2F-41CA-4222-B9CA-F8EBA40B8DAB}\setup.exe" -l0x40c -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly
Google SketchUp LayOut 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C12D609B-EB71-411B-82C3-9BE6D40435D7}\setup.exe" -l0x40c -removeonly
Google SketchUp Pro 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12E75B98-8463-4C1F-8DDA-F6CF31566A55}\setup.exe" -l0x40c -removeonly
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
IGN-NGI CDROM Belgium-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{9D34D0B6-D9C7-11D6-A442-00505659192F} /l1036
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
Logitech MouseWare 9.80 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x40c -l040c UNINSTALL
Logitech Resource Center-->C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{90CC4231-94AC-45CD-991A-0253BFAC0650}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
  • Revenir en haut
DllD

DllD
Admin

Messages: 71
Date d'inscription: 26/11/2008
Age: 32
  • Message n°8

Re: Problème de virus [résolu]

Message  DllD le Jeu 27 Nov - 18:14

mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Motorola SM56 Speakerphone Modem-->C:\Program Files\Asus\Asus MiVo Messenger\uninstall.exe /mdm
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MUSICMATCH(R) Jukebox-->C:\PROGRA~1\MUSICM~1\MUSICM~2\unmatch.exe
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Navilog1 3.6.4-->"C:\Program Files\Navilog1\unins000.exe"
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Net4Switch-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D6D7811-43B3-463C-BC79-5D1755269989}\SETUP.EXE" -l0x9
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Power4 Gear-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4462AD13-F2AA-4CBD-9F95-293C38EED870}\setup.exe" -l0x9
PowerForPhone-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{89DDBCD4-B326-4545-9A05-26C7B16C1DEB}\SETUP.EXE" -l0x9
QuarkXPress Passport-->MsiExec.exe /I{A7BF5297-3E74-11D5-B00F-00104B398D77}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x40c -removeonly
REALTEK PCIE NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}\SETUP.EXE" -l0x40c REMOVE
SafeCast Shared Components-->C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
Skype™ 3.5-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Suite Specific-->MsiExec.exe /I{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}
Sunbelt Kerio Personal Firewall-->MsiExec.exe /X{E659E0EE-10E6-49B7-8696-60F38D0EB174}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
USB2.0 1.3M WebCam-->C:\WINDOWS\StkUnist.exe
VideoLAN VLC media player 0.8.6i-->C:\Program Files\adslTV\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinFlash-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
Wireless Console 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe" -l0x9 -removeonly
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

=====HijackThis Backups=====

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - Global Startup: MultiFrame.lnk = ?
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

======Security center information======

AV: Avira AntiVir PersonalEdition
FW: Sunbelt Kerio Personal Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\Fichiers communs\Autodesk Shared\;C:\Program Files\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
  • Revenir en haut
DllD

DllD
Admin

Messages: 71
Date d'inscription: 26/11/2008
Age: 32
  • Message n°9

Re: Problème de virus [résolu]

Message  DllD le Ven 28 Nov - 0:02

Salut Maud,
comment vas-tu ? Tu as passé une bonne journée ?

Tu as XPpro toi ? Hummm... Suspect
Ton PC n'est pas à jour donc tu as des failles de sécurité. Tes éléments USB sont truffés d'infections. Je pense que tu as été parasité à cause de ta vieille version d'Acrobat Reader (je ne parle pas des infections USB là). (cf : http://forum.malekal.com/viewtopic.php?f=33&t=13629)


Cette ligne :
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7b14d89f-83b0-11dc-9f27-0018de790b41}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(&0)\command - Recycled\ctfmon.exe
provoque des détournement de DNS. C'est peut-être là la cause de tes déconnexions internet.



Alors,
voici l'attaque : affraid

> Télécharge UsbFix (de Chiquitine29) sur ton Bureau : http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe
- Lance l'installation avec les paramètres par défaut.
- Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir (allume les si nécessaire).
- Double-clique sur le raccourci UsbFix sur ton Bureau puis choisi l'option de suppression => Le PC va redémarrer.
- Après redémarrage, poste le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
- Relance USBFix puis choisis maintenant l'option de vaccination.




Ensuite,
> Télécharge OTMoveIT_3 (de Old_Timer) : http://oldtimer.geekstogo.com/OTMoveIt3.exe sur ton bureau...
- Double-clique sur OTMoveIt3.exe pour le lancer.
- Copie le texte qui se trouve ci-dessous et colle-le dans le cadre de gauche de OTMoveIt nommé <Paste standard List of Files/Folders to be moved> ( http://assiste.com.free.fr/m/nick/OTMI3-Paste.png) (http://nsm01.casimages.com/img/2008/04/16//08041610060260771956959.jpg ).

:processes
explorer.exe
C:\documents and settings\maud\local settings\application data\gibckc.exe

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
"gibckc"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{79f49e3b-e93c-11dc-9fad-0018de790b41}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7b14d89f-83b0-11dc-9f27-0018de790b41}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{80153c76-910d-11dc-9f39-0018de790b41}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ad2bc68-ae86-11dc-9f5f-0018de790b41}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aca9949a-0ba9-11dd-9fea-0018de790b41}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9f42276-83c7-11dc-9f28-0018de790b41}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4c987c0-a9b9-11dd-a0ce-0018de790b41}]

:files
c:\documents and settings\maud\local settings\application data\gibckc.exe
C:\WINDOWS\002923_.tmp

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]


- Clique sur <MoveIt!> (http://assiste.com.free.fr/m/nick/OTMI3-MoveIt.png) pour lancer la suppression.
N.B :Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.
- Un rapport est créé dans %SYSTEMDRIVE%\_OTMoveIt\MovedFiles\date du jour (souvent C:\_OTMoveIt\MovedFiles\), copie-colle-le dans ta réponse suivante.



Autre chose,
que contient de ce dossier ? Des photos ?
C:\100CASIO



Poste moi pour finir un nouveau rapport RSIT pleazZze. cyclops


Infos sur tes infections :
http://www.brakstar.com/dicobrak/term/620,7.xhtml
http://www.greatis.com/appdata/d/c/c;_recycled_ctfmon.exe.htm
http://www.f-secure.com/v-descs/readme.shtml
http://www.avira.com/fr/threats/section/fulldetails/id_vir/3619/vbs_sasan.a.2.html
http://www.threatexpert.com/report.aspx?md5=2cd67d3a5805f7475c35a29ed5c70afb
http://www.tsenagasy.com/cradle-of-filth-vbe-t13380.html
http://www.auditmypc.com/process/wscript.asp
http://translate.google.fr/translate?hl=fr&sl=en&u=http://www.spywaredb.com/remove-ncase/&sa=X&oi=translate&resnum=1&ct=result&prev=/search%3Fq%3Dcjq.exe%26hl%3Dfr%26sa%3DN



albino


Bon courage.

A+
  • Revenir en haut
« Voir le sujet précédent · Voir le sujet suivant »
  • Poster un nouveau sujet
  • Répondre au sujet

La date/heure actuelle est Mar 1 Déc - 13:45