PC INFECTé
progfann
Messages postés
365
Date d'inscription
Statut
Membre
Dernière intervention
-
crapoulou Messages postés 28002 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
crapoulou Messages postés 28002 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
Voila mon rapport RSIT. Merci de l'analyser:
Voila mon rapport RSIT. Merci de l'analyser:
Logfile of random's system information tool 1.06 (written by random/random) Run by KIM at 2010-04-03 21:23:41 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 28 GB (73%) free of 38 GB Total RAM: 256 MB (20% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:25:24, on 03/04/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\mspaint.exe C:\WINDOWS\system32\mspaint.exe C:\WINDOWS\system32\mspaint.exe C:\Documents and Settings\KIM\Mes documents\Téléchargements\RSIT.exe C:\Program Files\trend micro\KIM.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/?p=us R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/?p=us R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 5084 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20 1172280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-03 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-03 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-20 158008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20 1172280] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\KIM\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe [2002-07-11 188416] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe [2009-11-10 5244216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe -atboottime [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2002-10-11 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-03 149280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Gizmo5\mDNSResponder.exe"="C:\Program Files\Gizmo5\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\Gizmo5\Gizmo5.exe"="C:\Program Files\Gizmo5\Gizmo5.exe:*:Enabled:Gizmo5" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{233830c8-10fb-11df-ba9d-0011099be071}] shell\AutoRun\command - E:\PRIDJI///preslaba.exe shell\explore\command - E:\PRIDJI///preslaba.exe shell\open\command - E:\PRIDJI///preslaba.exe ======List of files/folders created in the last 1 months====== 2010-04-03 21:24:17 ----D---- C:\Program Files\trend micro 2010-04-03 21:23:41 ----D---- C:\rsit 2010-04-01 21:48:14 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-04-01 21:43:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$ 2010-03-31 21:40:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-03-29 23:02:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-03-29 23:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$ 2010-03-29 23:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2010-03-29 23:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2010-03-29 22:59:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-03-29 22:59:18 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-03-29 22:57:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-03-29 22:57:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-03-29 22:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$ 2010-03-29 22:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-03-29 22:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-03-29 22:55:15 ----SHD---- C:\Config.Msi 2010-03-29 22:54:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-03-29 22:53:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-03-29 22:53:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-03-29 22:52:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-03-29 22:51:47 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-03-29 21:13:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$ 2010-03-29 21:12:59 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-03-29 21:08:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-03-29 21:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$ 2010-03-29 21:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-03-29 21:07:28 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-03-29 21:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-03-29 21:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-03-29 21:04:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-03-29 21:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$ 2010-03-29 21:01:56 ----A---- C:\WINDOWS\imsins.BAK 2010-03-29 21:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ ======List of files/folders modified in the last 1 months====== 2010-04-03 21:24:17 ----RD---- C:\Program Files 2010-04-03 20:56:21 ----D---- C:\Program Files\Mozilla Firefox 2010-04-03 20:55:46 ----D---- C:\WINDOWS\Temp 2010-04-03 20:55:34 ----D---- C:\WINDOWS\system32\CatRoot2 2010-04-03 19:42:58 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-04-03 19:42:28 ----D---- C:\Documents and Settings\KIM\Application Data\Skype 2010-04-03 19:10:56 ----D---- C:\Documents and Settings\KIM\Application Data\skypePM 2010-04-02 21:27:19 ----D---- C:\WINDOWS\Prefetch 2010-04-02 21:17:46 ----HD---- C:\WINDOWS\inf 2010-04-02 20:37:15 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM 2010-04-02 20:19:09 ----D---- C:\WINDOWS 2010-04-02 20:18:16 ----D---- C:\WINDOWS\system32\drivers 2010-04-02 20:18:16 ----D---- C:\WINDOWS\system32 2010-04-01 21:48:18 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-04-01 21:45:20 ----D---- C:\Program Files\Internet Explorer 2010-03-31 21:34:18 ----HD---- C:\WINDOWS\$hf_mig$ 2010-03-29 23:02:05 ----SHD---- C:\WINDOWS\Installer 2010-03-29 23:00:25 ----D---- C:\WINDOWS\WinSxS 2010-03-29 22:04:25 ----D---- C:\WINDOWS\AppPatch 2010-03-29 21:11:00 ----A---- C:\WINDOWS\win.ini 2010-03-29 21:08:44 ----D---- C:\Program Files\Movie Maker 2010-03-29 21:03:04 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-03-28 20:37:09 ----D---- C:\WINDOWS\system32\CatRoot_bak 2010-03-28 20:37:09 ----D---- C:\WINDOWS\system32\CatRoot 2010-03-28 15:12:42 ----D---- C:\WINDOWS\Help 2010-03-10 05:20:53 ----A---- C:\WINDOWS\system32\shdocvw.dll 2010-03-10 05:20:50 ----A---- C:\WINDOWS\system32\browseui.dll 2010-03-07 17:27:01 ----D---- C:\Documents and Settings\KIM\Application Data\Canon ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 M2500;802.11g Wireless Network Driver; C:\WINDOWS\system32\DRIVERS\M2500.sys [2004-06-24 191360] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-05 534976] R3 SoC PC-Camera Service;SoC PC-Camera; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2004-02-10 127692] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [] S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys [] S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys [] S3 SISNIC;Pilote de carte Fast Ethernet PCI SiS; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-03 32768] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-03 153376] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-03 133104] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] -----------------EOF-----------------
3 réponses
-
Bonsoir,
Pourquoi poster un rapport ?
Explique-nous un peu plus ton problème stp.
Qu'est-ce qui te fait dire que tu es infecté ? -
Mon PC est Trop Trop lent, ça bloque trop, pour le demarrer je dois attendre 1heure, pour l'arreter je dois attendre 2heures....etc
-
Ok, c'est parti pour la désinfection :
Tu es infecté par un ver qui se propage dans ton ordinateur par support amovibles (clé USB, disquettes, appareils photos numériques, disques durs externes, ...)
Télécharge et installe UsbFix de C_XX & El desaparecido :
= = = = >>> En cliquant ici <<< = = = =
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir !
* Double clique sur le raccourci UsbFix présent sur ton bureau.
* Choisis l'option 1 (Recherche)
* Laisse travailler l'outil.
* Ensuite poste l'intégralité du rapport UsbFix.txt qui apparaîtra.
Notes :
- Le rapport UsbFix.txt est sauvegardé a la racine du disque. (C:\UsbFix.txt)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller sur le forum).
- "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.