Vista internet security - Page 2

Précédent
  • 1
  • 2
  1. Utilisateur anonyme
     
    tu a accepté ou sur internet ou sur windows update ?
    0
  2. oudeis
     
    j'avais le même souci qu'olivier depuis hier...alors mille mercis pour le tuyau combofix , tout est rentré dans l'ordre maintenant !
    0
  3. olivier
     
    Désolé je m'étais absenté un peu...
    J'ai fait la procédure rkill puis combofix tout a lheure et vista internet security vient de réapparaitre...
    J'imagine que je suis pas encore tranquille!
    Que faire?
    Je devrais prendre quoi comme protection antivirus et antispyware?
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    Tu peux me poster le rapport de combofix ?
    0
  6. olivier
     
    Non combofix ne m'a pas donné de rapport et il n'y a rien a c\combofix.
    0
  7. olivier
     
    En attendant j'ai fait le seul truc qui semble calmer le virus à savoir remove it... Pour linstant je suis tranquille mais j'imagine que c'est pas fini!
    0
  8. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    Supprimes combofix de ton bureau et télécharge le ici

    Il est renommé en combokill.exe
    0
  9. olivier
     
    ComboFix 10-02-12.01 - Olivier 16/02/2010 10:32:20.2.2 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2046.1317 [GMT 1:00]
    Lancé depuis: c:\users\Olivier\Desktop\ComboKill.exe
    SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
    SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system32\begimepo.exe
    c:\windows\system32\stacsv.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2010-01-16 au 2010-02-16 ))))))))))))))))))))))))))))))))))))
    .

    2010-02-16 09:40 . 2010-02-16 09:40 -------- d-----w- c:\users\Olivier\AppData\Local\temp
    2010-02-16 09:40 . 2010-02-16 09:40 -------- d-----w- c:\users\Default\AppData\Local\temp
    2010-02-13 15:23 . 2010-02-13 15:25 -------- d-----w- c:\program files\SEAF
    2010-02-13 15:15 . 2010-02-13 15:15 -------- d-----w- C:\_OTM
    2010-02-13 11:18 . 2010-02-13 11:24 1455792860 ----a-w- C:\UsbFix_Upload_Me_PC-de-Olivier.zip
    2010-02-12 03:08 . 2010-02-13 11:24 -------- d-----w- C:\UsbFix
    2010-02-11 17:12 . 2010-02-11 17:20 -------- d-----w- c:\program files\ZHPDiag
    2010-02-11 10:53 . 2010-02-11 10:53 5115823 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
    2010-02-11 10:47 . 2010-02-11 10:47 -------- d-----w- c:\users\Olivier\AppData\Local\Threat Expert
    2010-02-11 10:38 . 2010-01-21 23:21 767952 ------w- c:\windows\BDTSupport.dll
    2010-02-11 10:38 . 2008-11-26 11:08 131 ----a-w- c:\windows\IDB.zip
    2010-02-11 10:38 . 2009-10-28 00:36 1152444 ----a-w- c:\windows\UDB.zip
    2010-02-11 10:38 . 2009-10-30 10:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
    2010-02-11 10:38 . 2009-10-30 10:09 98600 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
    2010-02-11 10:38 . 2009-11-09 10:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
    2010-02-11 10:38 . 2009-10-06 15:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
    2010-02-11 10:38 . 2009-09-03 08:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
    2010-02-11 10:37 . 2010-02-11 10:39 -------- d-----w- c:\program files\Common Files\PC Tools
    2010-02-11 10:37 . 2010-02-11 14:34 -------- d-----w- c:\program files\Spyware Doctor
    2010-02-11 10:37 . 2010-02-11 10:37 -------- d-----w- c:\users\Olivier\AppData\Roaming\PC Tools
    2010-02-11 10:37 . 2010-02-11 10:37 -------- d-----w- c:\programdata\PC Tools
    2010-02-11 10:35 . 2010-02-11 10:33 329 ----a-w- c:\users\Olivier\exefix.reg
    2010-02-11 10:18 . 2010-02-11 10:18 -------- d-----w- c:\windows\Sun
    2010-02-07 10:09 . 2010-02-07 10:10 -------- d-----w- c:\program files\QuickTime
    2010-02-07 10:07 . 2010-02-07 10:07 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-02-12 08:26 . 2009-04-23 18:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-02-11 15:00 . 2007-05-20 11:04 -------- d-----w- c:\program files\BAE
    2010-02-11 10:40 . 2006-11-02 15:48 672322 ----a-w- c:\windows\system32\perfh00C.dat
    2010-02-11 10:40 . 2006-11-02 15:48 124434 ----a-w- c:\windows\system32\perfc00C.dat
    2010-02-07 14:25 . 2007-06-16 11:08 55717 ----a-w- c:\users\Olivier\AppData\Roaming\nvModes.dat
    2010-02-07 10:13 . 2007-06-16 20:48 -------- d-----w- c:\program files\iTunes
    2010-02-07 10:12 . 2007-06-16 20:47 -------- d-----w- c:\program files\iPod
    2010-02-07 10:12 . 2007-10-27 22:44 -------- d-----w- c:\program files\Common Files\Apple
    2010-01-07 15:07 . 2009-04-23 18:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-01-07 15:07 . 2009-04-23 18:09 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-12-26 01:05 . 2009-12-26 01:05 118104 ---ha-w- c:\windows\system32\mlfcache.dat
    2009-12-23 20:36 . 2009-12-23 20:36 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2009-12-21 08:24 . 2007-06-16 20:48 -------- d-----w- c:\programdata\Apple Computer
    2009-11-28 09:37 . 2009-05-10 10:02 117760 ----a-w- c:\users\Olivier\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
    2009-05-13 11:33 . 2009-05-10 22:06 31250464 --sha-w- c:\windows\System32\drivers\fidbox.dat
    2007-05-20 18:27 . 2007-05-20 18:27 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
    2009-06-14 14:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-19 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-17 815104]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2007-05-20 77824]
    "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
    "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
    "SigmatelSysTrayApp"="sttray.exe" [2007-02-08 303104]
    "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-10-04 86016]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8497696]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
    "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-10-04 86016]
    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-19 2043160]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-22 141608]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
    QuickSet.lnk - c:\windows\Installer\{53A01CC6-14B0-4512-A2E7-10D39BF83DC4}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-5-20 45056]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "HonorAutoRunSetting"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "HonorAutoRunSetting"= 0 (0x0)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "mixer"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
    backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
    2006-11-12 01:19 446976 ----a-w- c:\program files\DellSupport\DSAgnt.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
    2009-05-21 08:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
    2007-11-15 08:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
    2006-11-17 21:13 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
    2006-10-03 10:37 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
    2006-10-13 10:31 184320 ------w- c:\program files\Dell\MediaDirect\PCMService.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
    2006-11-05 10:22 221184 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
    2007-02-08 05:11 303104 ----a-w- c:\windows\sttray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [11/05/2009 10:02 28544]
    R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [11/02/2010 11:38 207792]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [23/04/2009 19:29 335240]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [23/04/2009 19:29 108552]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [28/04/2009 10:33 9968]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28/04/2009 10:33 72944]
    R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [23/04/2009 19:28 297752]
    R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [11/02/2010 11:38 112592]
    S2 gupdate1c9f56b54aee582;Service Google Update (gupdate1c9f56b54aee582);c:\program files\Google\Update\GoogleUpdate.exe [25/06/2009 09:02 133104]
    S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28/04/2009 10:33 7408]
    S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [11/02/2010 11:37 359624]
    .
    Contenu du dossier 'Tâches planifiées'

    2010-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-25 08:02]

    2010-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-25 08:02]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.fr/
    uInternet Settings,ProxyServer = 172.16.0.1:3128
    uInternet Settings,ProxyOverride = 172.16.*
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    TCP: {15CCD27B-9130-4E61-8283-64154F547479} = 192.168.1.1
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
    MSConfigStartUp-Corel Photo Downloader - c:\program files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
    MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
    MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
    MSConfigStartUp-MskAgentexe - c:\program files\McAfee\MSK\MskAgent.exe
    AddRemove-HijackThis - c:\genproc\outil\HijackThis.exe
    AddRemove-Tibia_is1 - c:\program files\Tibia\unins000.exe

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-02-16 10:40
    Windows 6.0.6001 Service Pack 1 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Heure de fin: 2010-02-16 10:43:50
    ComboFix-quarantined-files.txt 2010-02-16 09:43

    Avant-CF: 59 312 934 912 octets libres
    Après-CF: 59 274 358 784 octets libres

    - - End Of File - - 38EFB6B1553F0D51D6C347E45692991F
    0
  10. olivier
     
    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3746
    Windows 6.0.6001 Service Pack 1
    Internet Explorer 7.0.6001.18000

    16/02/2010 18:02:38
    mbam-log-2010-02-16 (18-02-38).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|)
    Eléments examinés: 253731
    Temps écoulé: 1 hour(s), 40 minute(s), 1 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\Olivier\AppData\Local\av.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\Olivier\Local Settings\Application Data\av.exe (ROGUE.Win7Antispyware2010) -> Quarantined and deleted successfully.
    0
  11. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    Tu peux me recoller un nouveau log ZhpDiag et me dire comment va le pc ?
    0
    1. liv
       
      This log file is located at C:\rkill.log.
      Please post this only if requested to by the person helping you.
      Otherwise you can close this log when you wish.
      Ran as Olivia on 19/02/2010 at 17:20:13.


      Processes terminated by Rkill or while it was running:


      C:\Windows\system32\RUNDLL32.EXE
      C:\Users\Olivia\AppData\Local\av.exe
      C:\Users\Olivia\Downloads\rkill.exe


      Rkill completed on 19/02/2010 at 17:20:19.
      0
  12. siong
     
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by tchu yi at 2010-03-02 15:16:23
    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
    System drive C: has 51 GB (45%) free of 114 GB
    Total RAM: 2813 MB (51% free)

    ======Scheduled tasks folder======

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    C:\Windows\tasks\McDefragTask.job
    C:\Windows\tasks\McQcTask.job
    C:\Windows\tasks\Norton Security Scan for tchu yi.job
    C:\Windows\tasks\PCConfidential.job
    C:\Windows\tasks\RegPowerClean.job
    C:\Windows\tasks\RPCReminder.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF}]
    PCCBHO.CPCCBHO - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll [2008-04-01 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
    McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-01-09 246800]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2009-03-25 62784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]
    Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaze.dll [2009-07-02 2215960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-30 279664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-01-30 812528]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
    McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-11-23 204048]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}]
    PriceGongCtrl Class - C:\Program Files\PriceGong\1.5.0\PriceGongIE.dll [2009-08-10 288056]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-29 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}]
    NetAssistantBHO Class - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll [2008-11-26 253048]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
    Search Assistant - C:\Program Files\SGPSA\BHO.dll [2009-08-25 927232]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
    XBTBPos00 Class - C:\Program Files\My.Freeze.com Toolbar\freeze_int2.dll [2009-10-26 1916024]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-11-23 204048]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]
    {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - Fast Browser Search Toolbar - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll [2009-08-13 2602368]
    {9ec204df-0e48-4c32-816e-2e928a4fd9c2} - WalterShop - C:\Windows\system32\mscoree.dll [2008-07-27 282112]
    {D0523BB4-21E7-11DD-9AB7-415B56D89593} - My.Freeze.com Toolbar - C:\Program Files\My.Freeze.com Toolbar\freeze_int2.dll [2009-10-26 1916024]
    {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaze.dll [2009-07-02 2215960]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-30 279664]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2008-10-31 6609440]
    "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-19 30192]
    "Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2008-12-18 690720]
    "EgisTecLiveUpdate"=C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [2008-10-27 199464]
    "mwlDaemon"=C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2008-10-27 346672]
    "BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
    "PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-11-21 13601312]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-11-21 92704]
    "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2009-01-09 870920]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-01-09 1418536]
    "ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-10-08 147456]
    "CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-10-08 167936]
    "PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-10-17 167936]
    "mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-03-25 645328]
    "FBSSA"=C:\Program Files\SGPSA\ie3sh.exe [2009-08-27 765824]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-29 149280]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-30 68856]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce048231-2275-11df-b86f-00235a55c624}]
    shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Yang.EXE

    ======File associations======

    .exe - open - "C:\Users\tchu yi\AppData\Local\av.exe" /START "%1" %*

    ======List of files/folders created in the last 1 months======

    2010-03-02 15:16:23 ----D---- C:\rsit
    2010-03-02 15:16:23 ----D---- C:\Program Files\trend micro
    2010-03-02 14:00:16 ----D---- C:\Program Files\ZHPDiag
    2010-02-24 18:36:23 ----A---- C:\Windows\system32\tzres.dll
    2010-02-24 18:35:41 ----A---- C:\Windows\system32\RMActivate_isv.exe
    2010-02-24 18:35:41 ----A---- C:\Windows\system32\RMActivate.exe
    2010-02-24 18:35:40 ----A---- C:\Windows\system32\secproc_ssp.dll
    2010-02-24 18:35:40 ----A---- C:\Windows\system32\secproc_isv.dll
    2010-02-24 18:35:40 ----A---- C:\Windows\system32\secproc.dll
    2010-02-24 18:35:40 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
    2010-02-24 18:35:40 ----A---- C:\Windows\system32\RMActivate_ssp.exe
    2010-02-24 18:35:39 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
    2010-02-24 18:35:39 ----A---- C:\Windows\system32\msdrm.dll
    2010-02-24 18:00:50 ----D---- C:\Program Files\Common Files\Symantec Shared
    2010-02-22 17:03:15 ----D---- C:\ProgramData\Symantec
    2010-02-22 17:03:15 ----D---- C:\ProgramData\Norton
    2010-02-22 17:03:15 ----D---- C:\Program Files\Norton Security Scan
    2010-02-22 17:03:13 ----D---- C:\ProgramData\NortonInstaller
    2010-02-22 17:03:13 ----D---- C:\Program Files\NortonInstaller
    2010-02-22 14:02:46 ----D---- C:\Windows\system32\Adobe
    2010-02-10 15:04:36 ----A---- C:\Windows\system32\ntoskrnl.exe
    2010-02-10 15:04:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2010-02-10 15:04:26 ----A---- C:\Windows\system32\quartz.dll
    2010-02-10 15:04:26 ----A---- C:\Windows\system32\msyuv.dll
    2010-02-10 15:04:26 ----A---- C:\Windows\system32\msvidc32.dll
    2010-02-10 15:04:25 ----A---- C:\Windows\system32\tsbyuv.dll
    2010-02-10 15:04:25 ----A---- C:\Windows\system32\msvfw32.dll
    2010-02-10 15:04:25 ----A---- C:\Windows\system32\msrle32.dll
    2010-02-10 15:04:25 ----A---- C:\Windows\system32\mciavi32.dll
    2010-02-10 15:04:25 ----A---- C:\Windows\system32\iyuv_32.dll
    2010-02-10 15:04:25 ----A---- C:\Windows\system32\avifil32.dll
    2010-02-10 15:04:25 ----A---- C:\Windows\system32\avicap32.dll

    ======List of files/folders modified in the last 1 months======

    2010-03-02 15:16:25 ----D---- C:\Windows\Temp
    2010-03-02 15:16:23 ----RD---- C:\Program Files
    2010-03-02 15:16:23 ----D---- C:\Windows\Prefetch
    2010-03-02 12:57:00 ----SHD---- C:\System Volume Information
    2010-03-02 11:35:54 ----D---- C:\Windows\System32
    2010-03-02 11:35:54 ----D---- C:\Windows\inf
    2010-03-02 11:35:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2010-03-02 11:30:24 ----D---- C:\Windows
    2010-03-01 23:43:47 ----D---- C:\Program Files\Mozilla Firefox
    2010-02-28 03:02:58 ----D---- C:\Windows\system32\catroot2
    2010-02-25 13:29:18 ----D---- C:\Windows\rescache
    2010-02-25 13:11:24 ----RSD---- C:\Windows\Fonts
    2010-02-25 13:11:24 ----D---- C:\Windows\system32\fr-FR
    2010-02-25 04:49:35 ----SHD---- C:\Windows\Installer
    2010-02-25 03:02:42 ----D---- C:\Windows\winsxs
    2010-02-25 03:01:17 ----D---- C:\Windows\system32\catroot
    2010-02-24 18:00:50 ----D---- C:\Program Files\Common Files
    2010-02-22 17:03:21 ----D---- C:\Windows\Tasks
    2010-02-22 17:03:18 ----D---- C:\Windows\system32\Tasks
    2010-02-22 17:03:15 ----HD---- C:\ProgramData
    2010-02-22 17:03:15 ----D---- C:\Windows\system32\drivers
    2010-02-22 14:03:14 ----D---- C:\Windows\system32\Macromed
    2010-02-22 14:02:47 ----SD---- C:\Windows\Downloaded Program Files
    2010-02-11 14:08:31 ----D---- C:\Program Files\Windows Mail

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
    R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-03-25 214024]
    R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2008-10-23 130424]
    R2 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2008-10-09 19504]
    R2 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2008-10-09 16432]
    R2 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2008-10-09 59952]
    R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-11-04 952320]
    R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-09-29 223232]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
    R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-10-31 2231456]
    R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-03-25 79880]
    R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-03-25 35272]
    R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-03-25 40552]
    R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-09-05 45600]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-11-21 7451264]
    R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-25 15872]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-01-09 204976]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-12-29 109920]
    S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-03-25 34216]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr28.sys [2008-08-09 419328]
    S3 RimUsb;Téléphone intelligent BlackBerry ; C:\Windows\System32\Drivers\RimUsb.sys [2008-04-16 22784]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
    S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
    S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
    S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
    S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
    R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-10-04 69632]
    R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2008-12-18 653856]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-12-08 93320]
    R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-03-25 797864]
    R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-01-09 2482848]
    R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-01-09 359952]
    R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-03-25 144704]
    R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
    R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-03-19 884360]
    R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-01-09 26640]
    R2 MWLService;MyWinLocker Service; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2008-10-27 306736]
    R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
    R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-11-21 203296]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-03-23 606736]
    S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888]
    S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30 135664]
    S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-19 30192]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-30 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
    S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-04-01 365072]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

    -----------------EOF-----------------
    0
  13. Simon
     
    Simon - 21 mar 2010 à 09:50
    J'ai eu le truc hier soir. 3 heurs pour le virer.
    "Vista security" est le virus. Il est composé de chevaux de troie, d'espions, il fait des modifs de fichiers,.......
    C'est un virus qui harcèle l'utilisateur pour qu'il donne ses numéros bancaires!!!!! Il fait croire que l'ordi est infesté de virus pour que l'utilisateur achète une solution fictive.

    La vrai solution est de le bloquer avec un bon pare feu (autre que celui de windows expl : Zone alarme car il est possible de vérifier tous ce qui sort et entre sur le PC) puis il faut l'éliminer avec un "anti-spyware".

    J'ai trouvé 5 Torjal, et 3 autres éléments du virus.

    Après ça, l'ordi doit fonctionner correctement.
    -1
Précédent
  • 1
  • 2