Problème avec Rootkit/Win32.Agent.DW
roman6137
-
Roman6137 Messages postés 1 Statut Membre -
Roman6137 Messages postés 1 Statut Membre -
Bonjour,
J'ai un probleme avec ce rootkit (Rootkit/Win32.Agent.DW) je le trouve dans mon ordi qu'avec spyware terminator. J'ai AVG anti rootkit, AVG antispyware, Spybot, adware et même super antispyware. Aucun d'eux ne le trouve sauf Spyware terminator. Quand je tente de le supprimer il me met ceci:
Logfile of Spyware Terminator v2.0.0.193 (db:1.0.002.764)
Scan Time: 05/11/2007 11:00:26 length: 265 s
Platform: Windows XP Home Service Pack 2 (WINNT 5.1.2600)
User: Limited
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 29193 (Critical:1)
Filter: No System items, No Safe items, No Invalid items
Running Processes
LVPrcSrv.exe [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
MediaServerService.exe [Acer Inc.] : C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
CTsvcCDA.EXE [Creative Technology Ltd] : C:\WINDOWS\system32\CTsvcCDA.EXE
LVComSer.exe [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
ULCDRSvr.exe [Ulead Systems, Inc.] : C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
VTTimer.exe [S3 Graphics, Inc.] : C:\WINDOWS\system32\VTTimer.exe
Monitor.exe [acer Inc.] : C:\Acer\Empowering Technology\eRecovery\Monitor.exe
Communications_Helper.exe [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
Quickcam.exe [Logitech Inc.] : C:\Program Files\Logitech\QuickCam\Quickcam.exe
issch.exe [InstallShield Software Corporation] : C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
avgas.exe [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
CTDVDDET.EXE [Creative Technology Ltd] : C:\Program Files\Creative\SB Audigy 2 ZS Video Editor\DVDAudio\CTDVDDET.EXE
COCIManager.exe [Logitech Inc.] : C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
GoogleToolbarNotifier.exe [Google Inc.] : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MsnMsgr.Exe [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
RCMan.EXE [Creative Technology Ltd] : C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = https://actus.sfr.fr
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://www.google.com/?gws_rd=ssl
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = https://actus.sfr.fr
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - [Pando] : C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
02 - BHO: metaspinner media GmbH - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - : C:\Program Files\Yetisports\IEButtonYetiSportsEBayInterface.dll
02 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - [Pando Networks] : C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
02 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - [Google Inc.] : C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
02 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - [Pando] : C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
Toolbars
03 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - [Pando] : C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, swg : [Google Inc.] : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MsnMsgr : [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RemoteCenter : [Creative Technology Ltd] : C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSPY2002 : : C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, VTTimer : [S3 Graphics, Inc.] : C:\WINDOWS\system32\VTTimer.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, eRecoveryService : [acer Inc.] : C:\Acer\Empowering Technology\eRecovery\Monitor.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LogitechCommunicationsManager : [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LogitechQuickCamRibbon : [Logitech Inc.] : C:\Program Files\Logitech\QuickCam\Quickcam.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ISUSPM Startup : [InstallShield Software Corporation] : C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ISUSScheduler : [InstallShield Software Corporation] : C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, !AVG Anti-Spyware : [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CTDVDDET : [Creative Technology Ltd] : C:\Program Files\Creative\SB Audigy 2 ZS Video Editor\DVDAudio\CTDVDDET.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CTSysVol : [Creative Technology Ltd] : C:\Program Files\CREATIVE\SB AUDIGY 2 ZS VIDEO EDITOR\SURROUND MIXER\CTSYSVOL.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SbUsb AudCtrl : [Creative Technology Ltd] : C:\WINDOWS\system32\sbusbdll.dll
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : : C:\WINDOWS\system32\LSDELETE.EXE
Shell Extensions
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
PSPad - {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} - : C:\Program Files\PSPad editor\PSPadShell.dll
PowerISO - {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} - [PowerISO Computing, Inc.] : C:\Program Files\PowerISO\PWRISOSH.DLL
Services
23 - [Acer Inc.] : C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
23 - [Arcsoft, Inc.] : C:\WINDOWS\system32\drivers\Afc.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [GRISOFT, s.r.o.] : C:\WINDOWS\system32\DRIVERS\avgarkt.sys
23 - : C:\Program Files\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.SYS
23 - [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
23 - [GRISOFT, s.r.o.] : C:\WINDOWS\system32\DRIVERS\AvgArCln.sys
23 - [GRISOFT, s.r.o.] : C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys
23 - [Creative Technology Ltd] : C:\WINDOWS\system32\CTsvcCDA.EXE
23 - [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
23 - [Logitech Inc.] : C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
23 - [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
23 - [Logitech Inc.] : C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
23 - [NewTech Infosystems, Inc.] : C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
23 - [Creative Technology Ltd.] : C:\WINDOWS\system32\DRIVERS\PFMODNT.SYS
23 - [Logitech Inc.] : C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
23 - [Realtek Semiconductor Corporation] : C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
23 - : C:\Program Files\SUPERANTISPYWARE\SASDIFSV.SYS
23 - : C:\Program Files\SUPERANTISPYWARE\SASKUTIL.SYS
23 - [Ulead Systems, Inc.] : C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
23 - [Copyright (C) VIA/S3 Graphics Co, Ltd.] : C:\WINDOWS\system32\DRIVERS\vtmini.sys
23 - : C:\ACER\EMPOWERING TECHNOLOGY\ERECOVERY\INT15.SYS
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon, DLLName : [SUPERAntiSpyware.com] : C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
IE URL Search Hooks
- {{06663B56-0D73-4f9f-BCC5-4AA941470AFD}} - [Pando] : C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
IE URL Search Hooks
- {{06663B56-0D73-4f9f-BCC5-4AA941470AFD}} - [Pando] : C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
Déplacement en quarantaine :
Préparation...
Création d'un point de restauration
Quarantaine Rootkit/Win32.Agent.DW
Déplacement de la clé registre échoué: HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RUNTIME
Déplacement de la clé registre échoué: HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RUNTIME
Fermeture du point de restauration système
Analyse(s) terminée(s)
Que se soit une mise en quarantaine ou une suppression ça ne change rien. Pourriez vous m'aider svp parce que ma machine est au ralentit. Merci
J'ai un probleme avec ce rootkit (Rootkit/Win32.Agent.DW) je le trouve dans mon ordi qu'avec spyware terminator. J'ai AVG anti rootkit, AVG antispyware, Spybot, adware et même super antispyware. Aucun d'eux ne le trouve sauf Spyware terminator. Quand je tente de le supprimer il me met ceci:
Logfile of Spyware Terminator v2.0.0.193 (db:1.0.002.764)
Scan Time: 05/11/2007 11:00:26 length: 265 s
Platform: Windows XP Home Service Pack 2 (WINNT 5.1.2600)
User: Limited
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 29193 (Critical:1)
Filter: No System items, No Safe items, No Invalid items
Running Processes
LVPrcSrv.exe [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
MediaServerService.exe [Acer Inc.] : C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
CTsvcCDA.EXE [Creative Technology Ltd] : C:\WINDOWS\system32\CTsvcCDA.EXE
LVComSer.exe [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
ULCDRSvr.exe [Ulead Systems, Inc.] : C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
VTTimer.exe [S3 Graphics, Inc.] : C:\WINDOWS\system32\VTTimer.exe
Monitor.exe [acer Inc.] : C:\Acer\Empowering Technology\eRecovery\Monitor.exe
Communications_Helper.exe [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
Quickcam.exe [Logitech Inc.] : C:\Program Files\Logitech\QuickCam\Quickcam.exe
issch.exe [InstallShield Software Corporation] : C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
avgas.exe [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
CTDVDDET.EXE [Creative Technology Ltd] : C:\Program Files\Creative\SB Audigy 2 ZS Video Editor\DVDAudio\CTDVDDET.EXE
COCIManager.exe [Logitech Inc.] : C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
GoogleToolbarNotifier.exe [Google Inc.] : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MsnMsgr.Exe [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
RCMan.EXE [Creative Technology Ltd] : C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = https://actus.sfr.fr
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://www.google.com/?gws_rd=ssl
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = https://actus.sfr.fr
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - [Pando] : C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
02 - BHO: metaspinner media GmbH - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - : C:\Program Files\Yetisports\IEButtonYetiSportsEBayInterface.dll
02 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - [Pando Networks] : C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
02 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - [Google Inc.] : C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
02 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - [Pando] : C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
Toolbars
03 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - [Pando] : C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, swg : [Google Inc.] : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MsnMsgr : [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RemoteCenter : [Creative Technology Ltd] : C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSPY2002 : : C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, VTTimer : [S3 Graphics, Inc.] : C:\WINDOWS\system32\VTTimer.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, eRecoveryService : [acer Inc.] : C:\Acer\Empowering Technology\eRecovery\Monitor.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LogitechCommunicationsManager : [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LogitechQuickCamRibbon : [Logitech Inc.] : C:\Program Files\Logitech\QuickCam\Quickcam.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ISUSPM Startup : [InstallShield Software Corporation] : C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ISUSScheduler : [InstallShield Software Corporation] : C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, !AVG Anti-Spyware : [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CTDVDDET : [Creative Technology Ltd] : C:\Program Files\Creative\SB Audigy 2 ZS Video Editor\DVDAudio\CTDVDDET.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CTSysVol : [Creative Technology Ltd] : C:\Program Files\CREATIVE\SB AUDIGY 2 ZS VIDEO EDITOR\SURROUND MIXER\CTSYSVOL.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SbUsb AudCtrl : [Creative Technology Ltd] : C:\WINDOWS\system32\sbusbdll.dll
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : : C:\WINDOWS\system32\LSDELETE.EXE
Shell Extensions
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOVIEWER.DLL
PSPad - {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} - : C:\Program Files\PSPad editor\PSPadShell.dll
PowerISO - {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} - [PowerISO Computing, Inc.] : C:\Program Files\PowerISO\PWRISOSH.DLL
Services
23 - [Acer Inc.] : C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
23 - [Arcsoft, Inc.] : C:\WINDOWS\system32\drivers\Afc.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [GRISOFT, s.r.o.] : C:\WINDOWS\system32\DRIVERS\avgarkt.sys
23 - : C:\Program Files\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.SYS
23 - [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
23 - [GRISOFT, s.r.o.] : C:\WINDOWS\system32\DRIVERS\AvgArCln.sys
23 - [GRISOFT, s.r.o.] : C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys
23 - [Creative Technology Ltd] : C:\WINDOWS\system32\CTsvcCDA.EXE
23 - [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
23 - [Logitech Inc.] : C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
23 - [Logitech Inc.] : C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
23 - [Logitech Inc.] : C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
23 - [NewTech Infosystems, Inc.] : C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
23 - [Creative Technology Ltd.] : C:\WINDOWS\system32\DRIVERS\PFMODNT.SYS
23 - [Logitech Inc.] : C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
23 - [Realtek Semiconductor Corporation] : C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
23 - : C:\Program Files\SUPERANTISPYWARE\SASDIFSV.SYS
23 - : C:\Program Files\SUPERANTISPYWARE\SASKUTIL.SYS
23 - [Ulead Systems, Inc.] : C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
23 - [Copyright (C) VIA/S3 Graphics Co, Ltd.] : C:\WINDOWS\system32\DRIVERS\vtmini.sys
23 - : C:\ACER\EMPOWERING TECHNOLOGY\ERECOVERY\INT15.SYS
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon, DLLName : [SUPERAntiSpyware.com] : C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
IE URL Search Hooks
- {{06663B56-0D73-4f9f-BCC5-4AA941470AFD}} - [Pando] : C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
IE URL Search Hooks
- {{06663B56-0D73-4f9f-BCC5-4AA941470AFD}} - [Pando] : C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
Déplacement en quarantaine :
Préparation...
Création d'un point de restauration
Quarantaine Rootkit/Win32.Agent.DW
Déplacement de la clé registre échoué: HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RUNTIME
Déplacement de la clé registre échoué: HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RUNTIME
Fermeture du point de restauration système
Analyse(s) terminée(s)
Que se soit une mise en quarantaine ou une suppression ça ne change rien. Pourriez vous m'aider svp parce que ma machine est au ralentit. Merci
A voir également:
- Problème avec Rootkit/Win32.Agent.DW
- Puabundler win32 rostpay ✓ - Forum Antivirus
- Puadimanager win32/offercore ✓ - Forum Virus
- Trojan win32 - Forum Virus
- PUADlManager:Win32/OfferCore ✓ - Forum Virus
- Win32:miscx-gen ✓ - Forum Linux / Unix
