Virus Remover 2008
tacvyle
-
tacvyle -
tacvyle -
Bonjour,
Je viens d'etre infecter par le virus Virus Remover 2008 , j'ai lu sur d'autre message qu'il fallais utiliser malwarebytes pour réussir à l'enlever , ce que je viens de faire, mais je voulais savoir si tout etait okay car j ai toujours un icone me disant que mes mises a jours automatiques pour Windows sont désactiver mais ce n 'est pas le cas. Voici le rapport que malwarebyte m'a donné :
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\yayXnlKA.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pmnnOFVn.dll (Trojan.Vundo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eba24379-cacd-46db-8920-b784dfaf7f31} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{eba24379-cacd-46db-8920-b784dfaf7f31} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnnofvn (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eba24379-cacd-46db-8920-b784dfaf7f31} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\yayxnlka -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\yayxnlka -> Delete on reboot.
Dossier(s) infecté(s):
C:\Documents and Settings\Eric\Application Data\VirusRemover2008 (Rogue.VirusRemover) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Application Data\VirusRemover2008\Logs (Rogue.VirusRemover) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\yayXnlKA.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\AKlnXyay.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\AKlnXyay.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmnnOFVn.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Local Settings\Temp\winsinstall.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Local Settings\Temp\xcwsraoenm.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Local Settings\Temp\prun.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Local Settings\Temporary Internet Files\Content.IE5\P399UM44\apstpldr.dll[1].htm (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Local Settings\Temporary Internet Files\Content.IE5\P399UM44\winsinstall[2].exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7695EED3-BC30-46E0-BDFA-4BE93C2DEAD6}\RP63\A0013516.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urqomNGY.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmnmjGwU.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Application Data\VirusRemover2008\Logs\scns.log (Rogue.VirusRemover) -> Quarantined and deleted successfully.
Je vous remercie d'avance pour votre aide et j attend vos réponse avec impatiente
Je viens d'etre infecter par le virus Virus Remover 2008 , j'ai lu sur d'autre message qu'il fallais utiliser malwarebytes pour réussir à l'enlever , ce que je viens de faire, mais je voulais savoir si tout etait okay car j ai toujours un icone me disant que mes mises a jours automatiques pour Windows sont désactiver mais ce n 'est pas le cas. Voici le rapport que malwarebyte m'a donné :
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\yayXnlKA.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pmnnOFVn.dll (Trojan.Vundo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eba24379-cacd-46db-8920-b784dfaf7f31} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{eba24379-cacd-46db-8920-b784dfaf7f31} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnnofvn (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eba24379-cacd-46db-8920-b784dfaf7f31} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\yayxnlka -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\yayxnlka -> Delete on reboot.
Dossier(s) infecté(s):
C:\Documents and Settings\Eric\Application Data\VirusRemover2008 (Rogue.VirusRemover) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Application Data\VirusRemover2008\Logs (Rogue.VirusRemover) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\yayXnlKA.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\AKlnXyay.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\AKlnXyay.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmnnOFVn.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Local Settings\Temp\winsinstall.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Local Settings\Temp\xcwsraoenm.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Local Settings\Temp\prun.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Local Settings\Temporary Internet Files\Content.IE5\P399UM44\apstpldr.dll[1].htm (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Local Settings\Temporary Internet Files\Content.IE5\P399UM44\winsinstall[2].exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7695EED3-BC30-46E0-BDFA-4BE93C2DEAD6}\RP63\A0013516.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urqomNGY.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmnmjGwU.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Eric\Application Data\VirusRemover2008\Logs\scns.log (Rogue.VirusRemover) -> Quarantined and deleted successfully.
Je vous remercie d'avance pour votre aide et j attend vos réponse avec impatiente
A voir également:
- Virus Remover 2008
- Pdf watermark remover - Télécharger - PDF
- Virus mcafee - Accueil - Piratage
- Telecharger shortcut virus remover v3.1 gratuit - Télécharger - Antivirus & Antimalwares
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Virus facebook demande d'amis - Accueil - Facebook
1 réponse
Salut,
Redémarre ton pc normalement et fait ce qui suit:
Télécharge DDS.scr de sUBs
▶ Sur le bureau.
▶ L'outil ne nécessite pas d'installation.
▶ Lances-le en cliquant sur https://i75.servimg.com/u/f75/11/05/93/83/dds10.jpg 'icône dds.scr
▶ Cette fenêtre DOS va apparaitre:
https://i75.servimg.com/u/f75/11/05/93/83/ddsdos10.jpg
▶ <gras>Le scan ne doit pas dépasser trois minutes.
▶ Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau.
▶ Il te sera demandé si tu veux faire le scan optionnel.
▶ Accepte par Oui
▶ Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau.
▶ Tu ne le fourniras que si nécessaire.
▶ Poste le rapport DDS.txt
Redémarre ton pc normalement et fait ce qui suit:
Télécharge DDS.scr de sUBs
▶ Sur le bureau.
▶ L'outil ne nécessite pas d'installation.
▶ Lances-le en cliquant sur https://i75.servimg.com/u/f75/11/05/93/83/dds10.jpg 'icône dds.scr
▶ Cette fenêtre DOS va apparaitre:
https://i75.servimg.com/u/f75/11/05/93/83/ddsdos10.jpg
▶ <gras>Le scan ne doit pas dépasser trois minutes.
▶ Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau.
▶ Il te sera demandé si tu veux faire le scan optionnel.
▶ Accepte par Oui
▶ Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau.
▶ Tu ne le fourniras que si nécessaire.
▶ Poste le rapport DDS.txt
DDS (Ver_09-02-01.01) - NTFSx86
Run by Eric at 17:13:19,25 on 2009-02-20
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.3327.2644 [GMT -5:00]
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated)
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\steam\steam.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Eric\Bureau\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.rds.ca/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: NoExplorer - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Steam] "d:\steam\steam.exe" -silent
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\fichiers communs\ahead\lib\NMBgMonitor.exe"
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [36X Raid Configurer] c:\windows\system32\xRaidSetup.exe boot
mRun: [ISUSPM Startup] c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe -startup
mRun: [ISUSScheduler] "c:\program files\fichiers communs\installshield\updateservice\issch.exe" -start
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [Ai Nap] "c:\program files\asus\ai suite\ainap\AiNap.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [NeroFilterCheck] c:\program files\fichiers communs\ahead\lib\NeroCheck.exe
mRun: [ISUSPM] "c:\program files\fichiers communs\installshield\updateservice\isuspm.exe" -scheduler
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\eric\menudm~1\progra~1\dmarra~1\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Pages liées - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Pages similaires - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Version de la page actuelle disponible dans le cache Google - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1233191212337
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1233197624890
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\eric\applic~1\mozilla\firefox\profiles\mktkppii.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.rds.ca/
FF - plugin: c:\documents and settings\eric\application data\mozilla\firefox\profiles\mktkppii.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-1-29 64160]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-7-1 34312]
R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2008-7-1 468224]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 950096]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2009-1-29 670592]
S0 zkcxjzba;zkcxjzba;c:\windows\system32\drivers\yvsofwer.sys --> c:\windows\system32\drivers\yvsofwer.sys [?]
S3 LGDDCDevice;LGDDCDevice;c:\program files\lg soft india\fortemanager\bin\I2CDriver.sys [2009-1-30 14336]
S3 LGII2CDevice;LGII2CDevice;c:\program files\lg soft india\fortemanager\bin\PII2CDriver.sys [2009-1-30 18432]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187.sys --> c:\windows\system32\drivers\RTL8187.sys [?]
=============== Created Last 30 ================
2009-02-20 02:36 98,304 a------- c:\windows\system32\CmdLineExt.dll
2009-02-19 13:07 4,096 a------- c:\windows\system32\crash
2009-02-18 21:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Trymedia
2009-02-17 19:50 <DIR> --d----- c:\documents and settings\eric\.assistant
2009-02-09 22:51 120,056 -------- c:\windows\system32\pxcpyi64.exe
2009-02-09 22:51 118,520 -------- c:\windows\system32\pxinsi64.exe
2009-02-09 22:50 <DIR> --d----- c:\program files\DivX
2009-02-09 10:03 215,040 a------- c:\windows\system32\CNMLM94.DLL
2009-02-09 10:02 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys
2009-02-09 10:02 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2009-02-09 09:56 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys
2009-02-09 09:56 25,856 a------- c:\windows\system32\drivers\usbprint.sys
2009-02-08 15:12 <DIR> --d----- c:\docume~1\eric\applic~1\Ubisoft
2009-02-07 19:02 <DIR> --d----- c:\docume~1\eric\applic~1\Malwarebytes
2009-02-07 19:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-02-07 18:54 15,688 a------- c:\windows\system32\lsdelete.exe
2009-02-07 12:42 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys
2009-02-06 18:52 49,504 a------- c:\windows\system32\sirenacm.dll
2009-02-05 02:22 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Age of Empires 3
2009-01-31 22:44 <DIR> --d----- c:\documents and settings\eric\LocalLow
2009-01-31 22:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\TVU Networks
2009-01-30 16:02 147,456 a----r-- c:\windows\system32\LgExport.dll
2009-01-30 16:02 26,624 a----r-- c:\windows\system32\LGDispDrv.dll
2009-01-30 16:02 <DIR> --d----- c:\program files\LG Soft India
2009-01-30 15:48 <DIR> --d----- c:\program files\PC Drivers HeadQuarters
2009-01-30 15:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Drivers HeadQuarters
2009-01-30 14:43 69 a------- c:\windows\NeroDigital.ini
2009-01-30 00:31 664 a------- c:\windows\system32\d3d9caps.dat
2009-01-29 16:41 <DIR> --d----- c:\program files\MSXML 4.0
2009-01-29 16:16 <DIR> --d----- c:\docume~1\eric\applic~1\DAEMON Tools Pro
2009-01-29 16:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DAEMON Tools Lite
2009-01-29 16:15 <DIR> --d----- c:\program files\DAEMON Tools Lite
2009-01-29 16:13 717,296 a------- c:\windows\system32\drivers\sptd.sys
2009-01-29 16:13 <DIR> --d----- c:\docume~1\eric\applic~1\DAEMON Tools Lite
2009-01-29 15:59 <DIR> --d----- c:\program files\SlySoft
2009-01-29 15:52 <DIR> --d----- c:\program files\fichiers communs\Ahead
2009-01-29 15:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nero
2009-01-29 14:13 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-01-29 14:11 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-29 14:11 <DIR> --d----- c:\program files\Lavasoft
2009-01-29 13:59 327,168 a------- c:\windows\IsUninst.exe
2009-01-29 13:51 <DIR> --d----- c:\program files\MSI
2009-01-29 04:15 268,648 a------- c:\windows\system32\mucltui.dll
2009-01-29 04:15 27,496 a------- c:\windows\system32\mucltui.dll.mui
2009-01-29 04:12 32,592 a------- c:\windows\system32\msonpmon.dll
2009-01-29 04:09 <DIR> --d----- c:\program files\Microsoft Visual Studio 8
2009-01-29 04:09 <DIR> --d----- c:\windows\SHELLNEW
2009-01-29 03:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Azureus
2009-01-29 03:05 <DIR> --d----- c:\docume~1\eric\applic~1\Azureus
2009-01-29 03:04 <DIR> --d----- c:\program files\fichiers communs\i4j_jres
2009-01-29 01:53 <DIR> --d----- C:\ATI
2009-01-29 01:30 <DIR> --d----- c:\program files\ESET
2009-01-29 01:06 <DIR> --d----- c:\documents and settings\eric\Tracing
2009-01-29 01:05 <DIR> --d----- c:\program files\Microsoft
2009-01-29 01:05 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-01-29 01:02 <DIR> --d----- c:\program files\fichiers communs\Windows Live
2009-01-29 00:09 <DIR> --d----- c:\program files\Windows Media Connect 2
2009-01-29 00:08 <DIR> --d----- c:\windows\system32\LogFiles
2009-01-28 23:16 14,048 -------- c:\windows\system32\spmsg2.dll
2009-01-28 23:13 <DIR> --d----- c:\windows\system32\XPSViewer
2009-01-28 23:13 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll
2009-01-28 23:13 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-01-28 23:13 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll
2009-01-28 23:13 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-01-28 23:13 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-01-28 23:13 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-01-28 23:13 117,760 -------- c:\windows\system32\prntvpt.dll
2009-01-28 23:13 <DIR> --d----- C:\441698953834fb879e1d785d7a
2009-01-28 23:09 6,066,688 -c------ c:\windows\system32\dllcache\ieframe.dll
2009-01-28 23:09 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat
2009-01-28 23:09 1,048,576 -c------ c:\windows\system32\dllcache\ieframe.dll.mui
2009-01-28 23:09 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll
2009-01-28 23:09 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll
2009-01-28 23:09 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll
2009-01-28 23:09 63,488 -c------ c:\windows\system32\dllcache\icardie.dll
2009-01-28 23:09 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll
2009-01-28 23:09 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe
2009-01-28 22:35 272,768 -c------ c:\windows\system32\dllcache\bthport.sys
2009-01-28 22:25 <DIR> --d----- c:\windows\system32\fr-fr
2009-01-28 22:25 <DIR> --d----- c:\windows\system32\fr
2009-01-28 22:25 <DIR> --d----- c:\windows\l2schemas
2009-01-28 22:22 <DIR> --d----- c:\windows\network diagnostic
2009-01-28 21:55 <DIR> --d----- c:\windows\system32\PreInstall
2009-01-28 21:55 <DIR> --d-h--- c:\windows\$hf_mig$
2009-01-28 21:49 <DIR> --d----- c:\program files\fichiers communs\LogiShared
2009-01-28 21:49 24,576 a------- c:\windows\system32\msxml3a.dll
2009-01-28 21:49 <DIR> --d----- c:\program files\Yahoo!
2009-01-28 21:49 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-01-28 21:45 44,064 a------- c:\windows\system32\drivers\WmXlCore.sys
2009-01-28 21:45 21,280 a------- c:\windows\system32\drivers\WmFilter.sys
2009-01-28 21:45 10,144 a------- c:\windows\system32\drivers\WmBEnum.sys
2009-01-28 21:45 5,600 a------- c:\windows\system32\drivers\WmVirHid.sys
2009-01-28 21:45 <DIR> --d----- c:\program files\fichiers communs\Logitech
2009-01-28 21:38 <DIR> --d----- c:\program files\fichiers communs\Ulead Systems
2009-01-28 21:37 10,368 -------- c:\windows\system32\drivers\iviaspi.sys
2009-01-28 21:37 <DIR> --d----- c:\program files\InterVideo Information Service
2009-01-28 21:37 519 -------- c:\windows\remove.iss
2009-01-28 21:37 1,060,864 a------- c:\windows\system32\MFC71.dll
2009-01-28 21:37 <DIR> --d----- c:\program files\fichiers communs\InterVideo
2009-01-28 21:37 81,920 a------- c:\windows\mws.exe
2009-01-28 21:37 <DIR> --d----- c:\program files\InterVideo
2009-01-28 21:25 24,576 a----r-- c:\windows\system32\AsIO.dll
2009-01-28 21:25 12,664 a----r-- c:\windows\system32\drivers\AsIO.sys
2009-01-28 21:25 12,096 a------- c:\windows\system32\drivers\AsInsHelp64.sys
2009-01-28 21:25 10,304 a------- c:\windows\system32\drivers\AsInsHelp32.sys
2009-01-28 21:24 <DIR> --d----- c:\program files\ASUS
2009-01-28 21:23 <DIR> --d----- c:\program files\Analog Devices
2009-01-28 21:21 33,202 a------- c:\windows\Ascd_tmp.ini
2009-01-28 21:13 <DIR> --d----- c:\windows\system32\drivers\system32
2009-01-28 21:13 <DIR> --d----- c:\windows\system32\drivers\INF
2009-01-28 21:13 <DIR> --d----- C:\Intel
2009-01-28 21:01 73,728 a------- c:\windows\system32\ISUSPM.cpl
2009-01-28 20:44 0 a------- c:\windows\ativpsrm.bin
2009-01-28 20:38 <DIR> --d----- c:\program files\fichiers communs\ATI Technologies
2009-01-28 20:35 593,920 -------- c:\windows\system32\ati2sgag.exe
2009-01-28 20:35 307,200 a------- c:\windows\system32\atiiiexx.dll
2009-01-28 20:35 15,079 a------- c:\windows\atiogl.xml
2009-01-28 20:35 7,167 a----r-- c:\windows\system32\atifglpf.xml
2009-01-28 20:35 425,984 a------- c:\windows\system32\ATIDEMGX.dll
2009-01-28 20:35 887,724 a----r-- c:\windows\system32\ativva6x.dat
2009-01-28 20:35 3,107,788 a----r-- c:\windows\system32\ativva5x.dat
2009-01-28 20:35 3,107,788 a----r-- c:\windows\system32\ativvaxx.dat
2009-01-28 20:35 180,720 a------- c:\windows\system32\atiicdxx.dat
2009-01-28 20:35 <DIR> --d----- c:\program files\ATI Technologies
2009-01-28 20:24 316,640 a------- c:\windows\WMSysPr9.prx
2009-01-28 20:24 <DIR> --d----- c:\windows\provisioning
2009-01-28 20:24 <DIR> --d----- c:\windows\peernet
2009-01-28 20:23 <DIR> --d----- c:\windows\ServicePackFiles
2009-01-28 20:21 <DIR> --d----- c:\windows\system32\ReinstallBackups
2009-01-28 20:21 26,488 a------- c:\windows\system32\spupdsvc.exe
2009-01-28 20:20 <DIR> --d----- c:\windows\EHome
2009-01-28 20:17 11,264 -------- c:\windows\system32\spnpinst.exe
2009-01-28 20:17 7,208 -------- c:\windows\system32\secupd.sig
2009-01-28 20:17 4,569 -------- c:\windows\system32\secupd.dat
2009-01-28 20:08 <DIR> --d----- c:\windows\system32\bits
2009-01-28 20:08 354,304 a------- c:\windows\system32\winhttp.dll
2009-01-28 20:08 18,944 a------- c:\windows\system32\qmgrprxy.dll
2009-01-28 20:08 8,192 -------- c:\windows\system32\bitsprx2.dll
2009-01-28 20:08 7,168 -------- c:\windows\system32\bitsprx3.dll
2009-01-28 20:07 213,528 a------- c:\windows\system32\wuaucpl.cpl
2009-01-28 20:07 35,864 a------- c:\windows\system32\wucltui.dll.mui
2009-01-28 20:07 27,672 a------- c:\windows\system32\wuaucpl.cpl.mui
2009-01-28 20:07 27,672 a------- c:\windows\system32\wuapi.dll.mui
2009-01-28 20:07 19,992 a------- c:\windows\system32\wuaueng.dll.mui
2009-01-28 20:06 <DIR> --dsh--- c:\documents and settings\eric\UserData
2009-01-28 19:57 <DIR> --d--r-- c:\windows\AsDmiHtm
2009-01-28 19:47 12,980 a------- c:\windows\system32\wpa.bak
2009-01-28 19:47 <DIR> --ds---- c:\windows\system32\Microsoft
2009-01-28 19:36 143,360 -----r-- c:\windows\system32\xRaidAPI.dll
2009-01-28 19:36 46,208 a----r-- c:\windows\system32\drivers\jraid.sys
2009-01-28 19:36 6,912 a----r-- c:\windows\system32\drivers\JGOGO.sys
2009-01-28 19:36 <DIR> --d----- C:\RaidTool
2009-01-28 19:36 1,953,792 -----r-- c:\windows\system32\xRaidSetup.exe
2009-01-28 19:36 <DIR> --d----- c:\windows\RaidTool
2009-01-28 19:34 85,120 a----r-- c:\windows\system32\drivers\Rtnicxp.sys
2009-01-28 19:34 <DIR> --d----- c:\windows\OPTIONS
2009-01-28 19:33 <DIR> --d----- c:\program files\Marvell
2009-01-28 19:33 <DIR> --d----- c:\program files\fichiers communs\InstallShield
2009-01-28 19:25 <DIR> --d----- c:\windows\ASUSInstAll
2009-01-28 19:17 33,240 a------- c:\windows\Ascd_log.ini
2009-01-28 19:16 5,810 a----r-- c:\windows\system32\drivers\ASACPI.sys
2009-01-28 19:16 10,288 a------- c:\windows\system32\drivers\ASUSHWIO.SYS
2009-01-28 19:13 552 a------- c:\windows\system32\d3d8caps.dat
2009-01-28 19:11 <DIR> --dsh--- c:\windows\Installer
2009-01-28 19:10 <DIR> --d-h--- c:\documents and settings\eric\Voisinage réseau
2009-01-28 19:10 <DIR> --d-h--- c:\documents and settings\eric\Voisinage d'impression
2009-01-28 19:10 <DIR> --d-h--- c:\documents and settings\eric\Modèles
2009-01-28 19:10 <DIR> --d--r-- c:\documents and settings\eric\Mes documents
2009-01-28 19:10 <DIR> --d--r-- c:\documents and settings\eric\Menu Démarrer
2009-01-28 19:10 <DIR> --d--r-- c:\documents and settings\eric\Favoris
2009-01-28 19:10 <DIR> --d----- c:\documents and settings\eric\Bureau
2009-01-28 19:10 <DIR> --d----- c:\documents and settings\Eric
2009-01-28 19:02 8,192 a------- c:\windows\REGLOCS.OLD
2009-01-28 19:01 156,672 ac------ c:\windows\system32\dllcache\winzm.ime
2009-01-28 19:01 156,672 ac------ c:\windows\system32\dllcache\winsp.ime
2009-01-28 19:01 156,672 ac------ c:\windows\system32\dllcache\winpy.ime
2009-01-28 19:01 79,360 ac------ c:\windows\system32\dllcache\winar30.ime
2009-01-28 19:01 72,704 ac------ c:\windows\system32\dllcache\wingb.ime
2009-01-28 19:01 65,536 ac------ c:\windows\system32\dllcache\winime.ime
2009-01-28 19:01 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll
2009-01-28 19:01 31,360 ac------ c:\windows\system32\dllcache\weitekp9.sys
2009-01-28 18:59 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-01-28 18:58 <DIR> --d----- c:\program files\fichiers communs\MSSoap
2009-01-28 18:57 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-01-28 18:57 <DIR> --d----- c:\program files\Services en ligne
2009-01-28 18:57 <DIR> --d----- c:\program files\Messenger
2009-01-28 18:57 <DIR> --d----- c:\program files\MSN Gaming Zone
2009-01-28 18:57 <DIR> --d----- c:\program files\Windows NT
2009-01-28 12:42 <DIR> --d----- c:\program files\fichiers communs\ODBC
2009-01-28 12:42 <DIR> --d----- c:\program files\fichiers communs\SpeechEngines
2009-01-28 12:41 <DIR> --d-h--- c:\documents and settings\all users\Modèles
2009-01-28 12:41 <DIR> --d--r-- c:\documents and settings\all users\Menu Démarrer
2009-01-28 12:41 <DIR> --d--r-- c:\documents and settings\all users\Documents
2009-01-28 12:41 <DIR> --d----- c:\documents and settings\all users\Favoris
2009-01-28 12:41 <DIR> --d----- c:\documents and settings\all users\Bureau
==================== Find3M ====================
2009-02-19 23:28 503,804 a------- c:\windows\system32\perfh00C.dat
2009-02-19 23:28 81,592 a------- c:\windows\system32\perfc00C.dat
2009-01-28 22:26 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-28 21:48 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-01-28 21:48 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-01-28 18:58 21,892 a------- c:\windows\system32\emptyregdb.dat
2008-12-20 17:47 826,368 a------- c:\windows\system32\wininet.dll
2008-12-10 19:33 200,704 a------- c:\windows\system32\dtu100.dll
2008-12-10 19:33 86,016 a------- c:\windows\system32\dpl100.dll
2008-12-08 21:28 593,920 a------- c:\windows\system32\dpuGUI11.dll
2008-12-08 21:28 344,064 a------- c:\windows\system32\dpus11.dll
2008-12-08 21:28 294,912 a------- c:\windows\system32\dpu11.dll
2008-12-08 21:28 57,344 a------- c:\windows\system32\dpv11.dll
2008-12-01 15:51 318,464 a------- c:\windows\system32\ati2dvag.dll
2008-12-01 15:46 11,304,960 a------- c:\windows\system32\atioglxx.dll
2008-12-01 15:41 188,416 a------- c:\windows\system32\atipdlxx.dll
2008-12-01 15:40 147,456 a------- c:\windows\system32\Oemdspif.dll
2008-12-01 15:40 26,112 a------- c:\windows\system32\Ati2mdxx.exe
2008-12-01 15:40 43,520 a------- c:\windows\system32\ati2edxx.dll
2008-12-01 15:40 143,360 a------- c:\windows\system32\ati2evxx.dll
2008-12-01 15:38 598,016 a------- c:\windows\system32\ati2evxx.exe
2008-12-01 15:37 53,248 a------- c:\windows\system32\ATIDDC.DLL
2008-12-01 15:27 4,120,384 a------- c:\windows\system32\ati3duag.dll
2008-12-01 15:11 2,495,360 a------- c:\windows\system32\ativvaxx.dll
2008-12-01 14:57 48,640 a------- c:\windows\system32\amdpcom32.dll
2008-12-01 14:53 401,408 a------- c:\windows\system32\atikvmag.dll
2008-12-01 14:53 45,056 a------- c:\windows\system32\amdcalrt.dll
2008-12-01 14:53 45,056 a------- c:\windows\system32\amdcalcl.dll
2008-12-01 14:52 86,016 a------- c:\windows\system32\atiadlxx.dll
2008-12-01 14:52 17,408 a------- c:\windows\system32\atitvo32.dll
2008-12-01 14:50 286,720 a------- c:\windows\system32\atiok3x2.dll
2008-12-01 14:50 3,252,224 a------- c:\windows\system32\Amdcaldd.dll
2008-12-01 14:45 577,536 a------- c:\windows\system32\ati2cqag.dll
2006-06-23 01:48 32,768 a----r-- c:\windows\inf\UpdateUSB.exe
============= FINISH: 17:13:25,29 ===============
Dsl pour le temps de réponse
En passant je n'ai plus l'icone me disant que mes mises a jour windows sont désactivé, il a disparu apres deux trois redémarrage, et je ne vois plus VIRUS REMOVER dans mes rapport de scan de ad-aware et de mon anti-virus nod32 (que je viens d updater a la full version pcq je n'avais que la version d'essai) , est-ce que cela veux dire que tout a été réparé ???
Merci encore pour vos réponses ;)