Se connecter / S'enregistrer
Votre question

Virus détecté sur mon pc : TR/Vundo.Gen

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Février 2009 11:38:57

Bonjour à tous,
j'ai Antivir d'installé sur mon pc et ce matin il m'a détecté le virus connu sous le nom "TR/Vundo.Gen"

J'aimerais savoir si quelqu'un peut m'aider pour la suppression de cette saleté car les fenêtres Antivir défilent pour me rappeler qu'il est bien présent sur mon pc -_-'

Voici mon rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:33:19, on 8/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
c:\program files\avira\antivir personaledition classic\avcenter.exe
D:\Save_25_11_08\Bureau\Programmes\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKLM\..\Policies\Explorer\Run: [lsass] C:\WINDOWS\lsass.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bw+0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A1B7A8BA-3EE3-4435-AE00-999160998F8C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ddcBQijh - C:\WINDOWS\SYSTEM32\ddcBQijh.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 18378 bytes

Merci d'avance à tout ceux qui m'aideront ;) 

Autres pages sur : virus detecte vundo gen

8 Février 2009 15:08:15

bonjour
Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Fais redémarrer ton ordinateur en mode sans échec
    - Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
    -- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
    --- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
    ---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.

    ++++++++++++++++
    8 Février 2009 15:38:37

    Bonjour et merci pour la réponse.

    J'ai déjà fait un scan avec MBAM mais j'avoue que je ne l'ai pas fait en mode sans echec. J'ai aussi fait un scan (en mode sans echec cette fois) avec SDFix je poste les deux rapport a la suite dans l'ordre suivant : SDFix, ensuite MBAM


    SDFix: Version 1.240
    Run by Administrateur on dim. 08/02/2009 at 13:02

    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\SDFix

    Checking Services :


    Restoring Default Security Values
    Restoring Default Hosts File

    Rebooting


    Checking Files :

    Trojan Files Found:

    C:\WINDOWS\system32\ddcBQijh.dll - Deleted
    C:\WINDOWS\lsass.exe - Deleted





    Removing Temp Files

    ADS Check :



    Final Check :

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-08 13:07:53
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools Lite\"
    "h0"=dword:00000000
    "khjeh"=hex:61,df,09,8c,7a,ce,f6,f4,32,71,4e,f5,7e,e2,70,ce,7d,8a,06,ae,e4,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,12,d7,19,18,cb,95,04,dc,ee,7c,58,f7,52,0f,63,5a,a4,..
    "khjeh"=hex:c7,c3,84,b6,72,31,de,cb,c8,3b,db,ce,65,92,e9,a6,96,3b,0f,4c,e1,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:37,dc,c9,a6,94,8c,b5,bf,9c,40,25,45,87,fd,e4,c1,3a,58,31,7e,db,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools Lite\"
    "h0"=dword:00000000
    "khjeh"=hex:61,df,09,8c,7a,ce,f6,f4,32,71,4e,f5,7e,e2,70,ce,7d,8a,06,ae,e4,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,12,d7,19,18,cb,95,04,dc,ee,7c,58,f7,52,0f,63,5a,a4,..
    "khjeh"=hex:c7,c3,84,b6,72,31,de,cb,c8,3b,db,ce,65,92,e9,a6,96,3b,0f,4c,e1,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:37,dc,c9,a6,94,8c,b5,bf,9c,40,25,45,87,fd,e4,c1,3a,58,31,7e,db,..

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0


    Remaining Services :




    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:D NA"
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\\Program Files\\ma-config.com\\maconfservice.exe"="C:\\Program Files\\ma-config.com\\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

    Remaining Files :


    File Backups: - C:\SDFix\backups\backups.zip

    Files with Hidden Attributes :

    Sun 1 Feb 2009 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

    Finished!


    MBAM

    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1738
    Windows 5.1.2600 Service Pack 3

    8/02/2009 14:58:09
    mbam-log-2009-02-08 (14-58-09).txt

    Type de recherche: Examen complet (C:\|D:\|L:\|)
    Eléments examinés: 159742
    Temps écoulé: 1 hour(s), 27 minute(s), 18 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 4

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Documents and Settings\Greg\Local Settings\Temporary Internet Files\Content.IE5\2IYQ6ED1\is169806[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{70AABAA4-1BB0-4021-96BF-D2D3129F5B6E}\RP54\A0013603.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{70AABAA4-1BB0-4021-96BF-D2D3129F5B6E}\RP54\A0013611.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{70AABAA4-1BB0-4021-96BF-D2D3129F5B6E}\RP51\A0012283.exe (Trojan.Agent) -> Quarantined and deleted successfully.


    Actuellement, je fais un scan Antivir afin de voir si il trouve encore des fichier infecté mais j'en suis a 7% et plus de 30 minutes de scan donc j'en ai encore pour quelques temps a tout scanner.
    Contenus similaires
    8 Février 2009 16:53:47

    S'il vous plait, je sais que je ne suis pas seul, que vous avez une vie a côté et qu'on est dimanche mais j'aimerais supprimer ce virus avant de continuer a faire quoi que ce soit d'autre sur mon pc.
    Vous êtes mon seul espoir. Je suis désolé d'insister

    Voici mon scan anti virus après ceux de SDFix et MBAM :



    Avira AntiVir Personal
    Report file date: dimanche 8 février 2009 15:07

    Scanning for 1322990 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: ****************
    Platform: Windows XP
    Windows version: (Service Pack 3) [5.1.2600]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: ************

    Version information:
    BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
    AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:26
    AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
    LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
    ANTIVIR1.VDF : 7.1.1.113 2817536 Bytes 14/01/2009 00:02:46
    ANTIVIR2.VDF : 7.1.1.207 1359360 Bytes 30/01/2009 00:02:49
    ANTIVIR3.VDF : 7.1.1.239 314880 Bytes 6/02/2009 16:42:21
    Engineversion : 8.2.0.76
    AEVDF.DLL : 8.1.1.0 106868 Bytes 1/02/2009 00:02:56
    AESCRIPT.DLL : 8.1.1.43 344442 Bytes 6/02/2009 16:42:27
    AESCN.DLL : 8.1.1.6 127348 Bytes 1/02/2009 00:02:54
    AERDL.DLL : 8.1.1.3 438645 Bytes 4/11/2008 13:58:38
    AEPACK.DLL : 8.1.3.8 397684 Bytes 5/02/2009 16:42:42
    AEOFFICE.DLL : 8.1.0.33 196987 Bytes 1/02/2009 00:02:53
    AEHEUR.DLL : 8.1.0.90 1573237 Bytes 5/02/2009 16:42:40
    AEHELP.DLL : 8.1.2.0 119159 Bytes 1/02/2009 00:02:51
    AEGEN.DLL : 8.1.1.14 332148 Bytes 6/02/2009 16:42:26
    AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
    AECORE.DLL : 8.1.6.4 176501 Bytes 3/02/2009 08:55:02
    AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 9/07/2008 08:40:05
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
    AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
    AVREG.DLL : 8.0.0.1 33537 Bytes 9/05/2008 11:26:40
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
    RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, D:,
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: dimanche 8 février 2009 15:07

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'notepad.exe' - '1' Module(s) have been scanned
    Scan process 'greg.exe' - '1' Module(s) have been scanned
    Scan process 'firefox.exe' - '1' Module(s) have been scanned
    Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned
    Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
    Scan process 'btdna.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'nvPDsvc.exe' - '1' Module(s) have been scanned
    Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    32 processes with 32 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!
    Master boot sector HD2
    [INFO] No virus was found!
    Master boot sector HD3
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.
    Master boot sector HD4
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.
    Master boot sector HD5
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.
    Master boot sector HD6
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '56' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\System Volume Information\_restore{70AABAA4-1BB0-4021-96BF-D2D3129F5B6E}\RP41\A0008202.exe
    [0] Archive type: CAB SFX (self extracting)
    --> \NVCPL.HL_
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    Begin scan in 'D:\' <PB_SAVE>
    D:\System Volume Information\_restore{0871480A-7FB9-499E-B7AD-FEA6D4B238F3}\RP116\A0024351.exe
    [DETECTION] Is the TR/AdbPat.C Trojan
    [NOTE] The file was moved to '49bef365.qua'!
    D:\System Volume Information\_restore{70AABAA4-1BB0-4021-96BF-D2D3129F5B6E}\RP51\A0012092.exe
    [DETECTION] Is the TR/Agent.72607.A Trojan
    [NOTE] The file was moved to '49bef482.qua'!
    D:\Vidéo\dricos film\Bsplayer Pro v2.10.939 Multilangages Incl Keygen.rar
    [0] Archive type: RAR
    --> Keygen\keygen.exe
    [DETECTION] Is the TR/Delf.116736 Trojan
    [NOTE] The file was deleted!
    D:\sauvegarde du 265\Ma musique\LimeWire\Saved\halleyujah john bekler.wav.mp3
    [DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
    [NOTE] The file was deleted!


    End of the scan: dimanche 8 février 2009 16:33
    Used time: 1:25:47 Hour(s)

    The scan has been done completely.

    5926 Scanning directories
    466617 Files were scanned
    4 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    2 files were deleted
    0 files were repaired
    2 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    466611 Files not concerned
    6546 Archives were scanned
    7 Warnings
    4 Notes


    Il y a deux virus dans des fichiers "restore" mais sur un disque amovible (DD externe utilisé comme clé USB et sans OS installé dessus) puis-je les supprimer quand même?
    Les fichier warning, je suppose que ce sont ceux en quarantaine de MBAM mais je n'en suis pas sur.
    8 Février 2009 21:04:29

    Problème résolu, je vous remercie pour toute l'aide apporté a mon problème :) 
    8 Février 2009 22:50:13

    re
    ce n'est pas résolu... ça le sera quand je te le dirai ;O)

    Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tel q'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
    9 Février 2009 02:41:44

    C'est toi qui vois... Moi je pense que ma machine est propre mais si tu veux regarder par toi même y a pas de soucis...


    DDS (Ver_09-02-01.01) - NTFSx86
    Run by Greg at 2:34:49,87 on lun. 09/02/2009
    Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.32.1036.18.1023.526 [GMT 1:00]

    AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\Greg\Bureau\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.be/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
    mRun: [SkyTel] SkyTel.EXE
    mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
    mRun: [SpywareTerminator] "c:\program files\spyware terminator\SpywareTerminatorShield.exe"
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1233443021046
    DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_1_1_0.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\greg\applic~1\mozilla\firefox\profiles\m47a0pot.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
    FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll

    ============= SERVICES / DRIVERS ===============

    R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2009-1-31 21144]
    R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2009-2-1 11840]
    R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-2-8 141312]
    R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2009-2-1 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2009-2-1 151297]
    R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\nvidia corporation\performance drivers\nvPDsvc.exe [2008-12-11 3575808]
    R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2009-2-1 52032]
    S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-1-24 216232]

    =============== Created Last 30 ================

    2009-02-08 23:28 73,728 a------- c:\windows\system32\javacpl.cpl
    2009-02-08 19:33 <DIR> --d----- c:\program files\CCleaner
    2009-02-08 16:25 141,312 a------- c:\windows\system32\drivers\sp_rsdrv2.sys
    2009-02-08 16:25 <DIR> --d----- c:\docume~1\greg\applic~1\Spyware Terminator
    2009-02-08 16:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spyware Terminator
    2009-02-08 16:25 <DIR> --d----- c:\program files\Spyware Terminator
    2009-02-08 13:27 <DIR> --d----- c:\docume~1\greg\applic~1\Malwarebytes
    2009-02-08 13:27 15,504 a------- c:\windows\system32\drivers\mbam.sys
    2009-02-08 13:27 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-02-08 13:27 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
    2009-02-08 13:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2009-02-08 13:00 <DIR> --d----- c:\windows\ERUNT
    2009-02-08 12:55 <DIR> --d----- C:\SDFix
    2009-02-08 12:51 <DIR> --d----- c:\program files\Trend Micro
    2009-02-08 12:46 10,980 a------- c:\windows\hpdj3500.hi1
    2009-02-08 12:46 2,241 a------- c:\windows\hpdj3500.bu1
    2009-02-08 12:46 4,847 a------- c:\windows\hpbvspst.his
    2009-02-08 12:46 478 a------- c:\windows\hpbvspst.ini
    2009-02-08 12:41 144,829 a------- c:\windows\hpdj3500.his
    2009-02-08 12:41 4,771 a------- c:\windows\hpdj3500.ini
    2009-02-06 16:31 206,862 a------- c:\windows\system32\nvapps.xml
    2009-02-06 16:31 453,152 a------- c:\windows\system32\nvudisp.exe
    2009-02-06 16:31 18,725 a------- c:\windows\system32\nvdisp.nvu
    2009-02-06 16:31 <DIR> --d----- c:\windows\nview
    2009-02-06 16:31 453,152 a------- c:\windows\system32\NVUNINST.EXE
    2009-02-06 16:19 <DIR> --d----- c:\windows\SHELLNEW
    2009-02-06 13:37 120 a------- c:\windows\wininit.ini
    2009-02-06 13:00 <DIR> --d----- c:\program files\URUSoft
    2009-02-05 09:48 <DIR> --d----- c:\windows\NV30563060.TMP
    2009-02-05 09:02 <DIR> --d----- c:\windows\NV28563568.TMP
    2009-02-05 08:47 <DIR> --d----- c:\program files\Microsoft CAPICOM 2.1.0.2
    2009-02-04 19:20 <DIR> --d----- c:\windows\NV2376260.TMP
    2009-02-04 19:18 5,504 ac------ c:\windows\system32\dllcache\mstee.sys
    2009-02-04 19:18 5,504 a------- c:\windows\system32\drivers\MSTEE.sys
    2009-02-04 19:18 10,880 ac------ c:\windows\system32\dllcache\ndisip.sys
    2009-02-04 19:18 10,880 a------- c:\windows\system32\drivers\NdisIP.sys
    2009-02-04 19:18 16,384 ac------ c:\windows\system32\dllcache\ipsink.ax
    2009-02-04 19:18 15,232 ac------ c:\windows\system32\dllcache\streamip.sys
    2009-02-04 19:18 16,384 a------- c:\windows\system32\ipsink.ax
    2009-02-04 19:18 15,232 a------- c:\windows\system32\drivers\StreamIP.sys
    2009-02-04 19:18 11,136 ac------ c:\windows\system32\dllcache\slip.sys
    2009-02-04 19:18 11,136 a------- c:\windows\system32\drivers\SLIP.sys
    2009-02-04 18:49 92,160 ac------ c:\windows\system32\dllcache\kswdmcap.ax
    2009-02-04 18:49 61,952 ac------ c:\windows\system32\dllcache\kstvtune.ax
    2009-02-04 18:49 43,008 ac------ c:\windows\system32\dllcache\ksxbar.ax
    2009-02-04 18:49 92,160 a------- c:\windows\system32\kswdmcap.ax
    2009-02-04 18:49 61,952 a------- c:\windows\system32\kstvtune.ax
    2009-02-04 18:49 43,008 a------- c:\windows\system32\ksxbar.ax
    2009-02-04 18:46 118,784 -----r-- c:\windows\bwUnin-7.2.0.157-8876480SL.exe
    2009-02-04 18:43 <DIR> --d----- c:\program files\fichiers communs\Logitech
    2009-02-04 18:37 45,056 a------- c:\windows\system32\vusetup.dll
    2009-02-04 18:37 11,264 a------- c:\windows\system32\drivers\vulfntr.sys
    2009-02-04 18:37 6,912 a------- c:\windows\system32\drivers\vulfnth.sys
    2009-02-04 18:37 308,224 a------- c:\windows\IsUn040c.exe
    2009-02-04 18:03 73,728 a------- c:\windows\system32\RtNicProp32.dll
    2009-02-04 14:39 331,184 -------- c:\windows\system32\difxapi.dll
    2009-02-04 14:32 116,736 ac------ c:\windows\system32\dllcache\xrxwiadr.dll
    2009-02-04 14:32 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll
    2009-02-04 14:32 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll
    2009-02-04 14:32 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe
    2009-02-04 14:32 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe
    2009-02-04 14:32 99,865 ac------ c:\windows\system32\dllcache\xlog.exe
    2009-02-04 14:32 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys
    2009-02-04 14:32 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys
    2009-02-04 14:32 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys
    2009-02-04 14:30 19,016 ac------ c:\windows\system32\dllcache\w926nd.sys
    2009-02-04 14:29 26,112 ac------ c:\windows\system32\dllcache\usbser.sys
    2009-02-04 14:28 525,568 ac------ c:\windows\system32\dllcache\tridxp.dll
    2009-02-04 14:27 17,129 ac------ c:\windows\system32\dllcache\tdkcd31.sys
    2009-02-04 14:26 155,648 ac------ c:\windows\system32\dllcache\stlnprop.dll
    2009-02-04 14:25 58,368 ac------ c:\windows\system32\dllcache\smiminib.sys
    2009-02-04 14:24 50,432 ac------ c:\windows\system32\dllcache\sisv.sys
    2009-02-04 14:23 17,536 ac------ c:\windows\system32\dllcache\scr111.sys
    2009-02-04 14:22 81,408 ac------ c:\windows\system32\dllcache\rwia430.dll
    2009-02-04 14:21 45,312 ac------ c:\windows\system32\dllcache\ql12160.sys
    2009-02-04 14:20 16,896 ac------ c:\windows\system32\dllcache\philcam1.dll
    2009-02-04 14:19 28,032 ac------ c:\windows\system32\dllcache\ovcd.sys
    2009-02-04 14:18 39,264 ac------ c:\windows\system32\dllcache\neo20xx.sys
    2009-02-04 14:17 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys
    2009-02-04 14:16 59,392 ac------ c:\windows\system32\dllcache\m3092dc.dll
    2009-02-04 14:15 14,720 ac------ c:\windows\system32\dllcache\kbdhid.sys
    2009-02-04 14:14 20,992 ac------ c:\windows\system32\dllcache\icam5ext.dll
    2009-02-04 14:13 542,879 ac------ c:\windows\system32\dllcache\hsf_msft.sys
    2009-02-04 14:12 2,688 ac------ c:\windows\system32\dllcache\hidswvd.sys
    2009-02-04 14:11 12,362 ac------ c:\windows\system32\dllcache\f3ab18xi.sys
    2009-02-04 14:10 634,166 ac------ c:\windows\system32\dllcache\el656ct5.sys
    2009-02-04 14:09 422,429 ac------ c:\windows\system32\dllcache\dgconfig.dll
    2009-02-04 14:08 8,192 ac------ c:\windows\system32\dllcache\changer.sys
    2009-02-04 14:07 66,557 ac------ c:\windows\system32\dllcache\bcm42u.sys
    2009-02-04 14:06 101,888 ac------ c:\windows\system32\dllcache\adpu160m.sys
    2009-02-03 20:31 410,984 a------- c:\windows\system32\deploytk.dll
    2009-02-03 20:20 <DIR> --d----- c:\windows\pss
    2009-02-02 17:54 <DIR> --d----- c:\program files\VideoLAN
    2009-02-02 17:33 <DIR> --d----- c:\docume~1\greg\applic~1\BSplayer Pro
    2009-02-02 17:33 <DIR> --d----- c:\program files\Webteh
    2009-02-02 17:31 <DIR> --d----- c:\program files\K-Lite Codec Pack
    2009-02-01 19:30 45 ----h--- c:\windows\dsez0285.dat
    2009-02-01 17:41 <DIR> --d----- c:\program files\NVIDIA Corporation
    2009-02-01 17:36 <DIR> --d----- C:\NVIDIA
    2009-02-01 16:24 <DIR> --d-h--- c:\windows\PIF
    2009-02-01 16:18 385 a------- c:\windows\ODBC.INI
    2009-02-01 16:18 28,040 a------- c:\windows\system32\mdimon.dll
    2009-02-01 14:36 268,648 a------- c:\windows\system32\mucltui.dll
    2009-02-01 14:36 27,496 a------- c:\windows\system32\mucltui.dll.mui
    2009-02-01 13:15 <DIR> --d----- c:\program files\Windows Media Connect 2
    2009-02-01 13:14 <DIR> --d----- c:\windows\system32\LogFiles
    2009-02-01 11:52 <DIR> --d----- c:\windows\system32\GroupPolicy
    2009-02-01 11:52 <DIR> --d----- c:\program files\Windows Desktop Search
    2009-02-01 11:50 <DIR> --d----- c:\windows\system32\URTTemp
    2009-02-01 10:37 <DIR> --d----- c:\program files\ma-config.com
    2009-02-01 10:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ma-config.com
    2009-02-01 10:23 <DIR> --d----- c:\docume~1\greg\applic~1\BitTorrent
    2009-02-01 10:22 <DIR> --d----- c:\program files\DNA
    2009-02-01 10:22 <DIR> --d----- c:\program files\BitTorrent
    2009-02-01 10:22 <DIR> --d----- c:\docume~1\greg\applic~1\DNA
    2009-02-01 01:16 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Messenger Plus!
    2009-02-01 01:15 <DIR> --d----- c:\program files\IZArc
    2009-02-01 01:11 <DIR> --d----- c:\docume~1\greg\applic~1\DAEMON Tools Pro
    2009-02-01 01:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DAEMON Tools Lite
    2009-02-01 01:10 <DIR> --d----- c:\program files\DAEMON Tools Lite
    2009-02-01 01:09 717,296 a------- c:\windows\system32\drivers\sptd.sys
    2009-02-01 01:09 <DIR> --d----- c:\docume~1\greg\applic~1\DAEMON Tools Lite
    2009-02-01 01:01 <DIR> --d----- c:\program files\Avira
    2009-02-01 01:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
    2009-02-01 00:38 430,080 ac------ c:\windows\system32\dllcache\vbscript.dll
    2009-02-01 00:24 <DIR> --d----- c:\windows\system32\fr
    2009-02-01 00:24 <DIR> --d----- c:\windows\system32\bits
    2009-02-01 00:24 <DIR> --d----- c:\windows\l2schemas
    2009-02-01 00:22 <DIR> --d----- c:\windows\ServicePackFiles
    2009-02-01 00:19 <DIR> --d----- c:\windows\EHome
    2009-02-01 00:13 13,646 a------- c:\windows\system32\wpa.bak
    2009-02-01 00:10 <DIR> --d----- c:\program files\Messenger Plus! Live
    2009-02-01 00:08 <DIR> --d----- c:\documents and settings\greg\Tracing
    2009-02-01 00:07 <DIR> --d----- c:\program files\Microsoft
    2009-02-01 00:07 <DIR> --d----- c:\program files\Windows Live SkyDrive
    2009-02-01 00:01 <DIR> --d----- c:\program files\fichiers communs\Windows Live
    2009-01-31 17:28 3,072 ac------ c:\windows\system32\dllcache\audstub.sys
    2009-01-31 17:28 3,072 a------- c:\windows\system32\drivers\audstub.sys
    2009-01-31 17:28 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys
    2009-01-31 17:28 25,856 a------- c:\windows\system32\drivers\usbprint.sys
    2009-01-31 17:27 58,752 ac------ c:\windows\system32\dllcache\redbook.sys
    2009-01-31 17:27 58,752 a------- c:\windows\system32\drivers\redbook.sys
    2009-01-31 17:27 20,992 ac------ c:\windows\system32\dllcache\rtl8139.sys
    2009-01-31 17:27 20,992 a------- c:\windows\system32\drivers\RTL8139.sys
    2009-01-31 17:26 46,464 ac------ c:\windows\system32\dllcache\gagp30kx.sys
    2009-01-31 17:26 46,464 a------- c:\windows\system32\drivers\gagp30kx.sys
    2009-01-31 17:26 77,312 ac------ c:\windows\system32\dllcache\usbui.dll
    2009-01-31 17:26 77,312 a------- c:\windows\system32\usbui.dll
    2009-01-31 17:25 <DIR> --d----- c:\program files\fichiers communs\ODBC
    2009-01-31 17:25 <DIR> --d----- c:\program files\fichiers communs\SpeechEngines
    2009-01-31 17:25 <DIR> --d-h--- c:\documents and settings\all users\Modèles
    2009-01-31 17:25 <DIR> --d--r-- c:\documents and settings\all users\Menu Démarrer
    2009-01-31 17:25 <DIR> --d--r-- c:\documents and settings\all users\Documents
    2009-01-31 17:25 <DIR> --d----- c:\documents and settings\all users\Favoris
    2009-01-31 17:25 <DIR> --d----- c:\documents and settings\all users\Bureau
    2009-01-31 17:24 <DIR> --d----- C:\Documents and Settings
    2009-01-31 17:23 261 a------- c:\windows\system32\$winnt$.inf
    2009-01-31 16:59 <DIR> --dsh--- c:\documents and settings\greg\UserData
    2009-01-31 16:55 <DIR> --d----- c:\program files\My Company Name
    2009-01-31 16:45 <DIR> --d----- c:\program files\Realtek
    2009-01-31 16:43 <DIR> --d----- c:\program files\VIA
    2009-01-31 16:43 <DIR> --d----- c:\program files\fichiers communs\InstallShield
    2009-01-31 16:40 <DIR> --d-h--- c:\documents and settings\greg\Voisinage réseau
    2009-01-31 16:40 <DIR> --d-h--- c:\documents and settings\greg\Voisinage d'impression
    2009-01-31 16:40 <DIR> --d-h--- c:\documents and settings\greg\Modèles
    2009-01-31 16:40 <DIR> --d--r-- c:\documents and settings\greg\Mes documents
    2009-01-31 16:40 <DIR> --d--r-- c:\documents and settings\greg\Menu Démarrer
    2009-01-31 16:40 <DIR> --d----- c:\documents and settings\greg\Favoris
    2009-01-31 16:40 <DIR> --d----- c:\documents and settings\greg\Bureau
    2009-01-31 16:35 <DIR> --dsh--- c:\documents and settings\all users\DRM
    2009-01-31 16:34 <DIR> --d-h--- c:\program files\WindowsUpdate
    2009-01-31 16:34 <DIR> --d----- c:\program files\Services en ligne
    2009-01-31 16:34 <DIR> --d----- c:\program files\fichiers communs\MSSoap
    2009-01-31 16:32 <DIR> --d----- c:\program files\Online Services
    2009-01-31 16:32 <DIR> --d----- c:\program files\Messenger
    2009-01-31 16:32 <DIR> --d----- c:\program files\MSN Gaming Zone
    2009-01-31 16:32 <DIR> --d----- c:\program files\Windows NT

    ==================== Find3M ====================

    2009-02-08 10:59 429,362 a------- c:\windows\system32\perfh00C.dat
    2009-02-08 10:59 55,824 a------- c:\windows\system32\perfc00C.dat
    2009-02-01 00:28 76,507 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
    2009-01-31 16:33 21,892 a------- c:\windows\system32\emptyregdb.dat
    2008-12-31 17:05 945,008 a------- c:\windows\system32\WGATray.old.exe
    2008-12-31 17:04 691,560 a------- c:\windows\system32\OGACheckControl.dll
    2008-12-31 17:04 528,744 a------- c:\windows\system32\OGAVerify.exe
    2008-12-31 17:04 502,120 a------- c:\windows\system32\OGAAddin.dll
    2008-12-28 23:48 2,330,643 a------- c:\windows\system32\x264vfw.dll
    2008-12-16 21:58 25,624 a------- c:\windows\system32\drivers\LVPr2Mon.sys
    2008-12-16 21:50 13,584 a------- c:\windows\system32\drivers\iKeyLgFT.dll
    2008-12-16 21:38 227,172 a------- c:\windows\system32\drivers\LVFeL000.cfg
    2008-12-16 21:38 146,680 a------- c:\windows\system32\drivers\LVFeL001.cfg
    2008-12-16 21:38 85,302 a------- c:\windows\system32\drivers\LVFeL002.cfg
    2008-12-16 21:38 69,592 a------- c:\windows\system32\drivers\LVFaL000.cfg
    2008-12-16 15:48 21,144 a------- c:\windows\system32\drivers\xfilt.sys
    2008-12-16 15:47 13,976 a------- c:\windows\system32\drivers\videX32.sys
    2008-12-11 11:57 333,952 a------- c:\windows\system32\drivers\srv.sys
    2008-12-11 01:33 86,016 a------- c:\windows\system32\dpl100.dll
    2008-12-08 12:53 57,344 a------- c:\windows\system32\ff_vfw.dll
    2008-12-07 19:08 795,648 a------- c:\windows\system32\xvidcore.dll
    2008-12-07 19:08 130,048 a------- c:\windows\system32\xvidvfw.dll
    2008-12-02 22:37 49,480 a------- c:\windows\system32\sirenacm.dll

    ============= FINISH: 2:35:08,10 ===============

    Voilà, je vais me coucher je répondrais demain (ou tout à l'heure :)  )
    9 Février 2009 18:59:23

    re
    Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer.

  • Autorise les Active x.
  • Clique sur Démarrer Online Scanner.
  • Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
  • Colle son rapport ici.
  • Poste un nouveau rapport Hijackthis.

    Aide : Comment faire un scan en ligne avec Kaspersky .
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS