Sujet Précédent Sujet Suivant

Virus Win32Vundo@dll

Résolu/Fermé
gregrock Messages postés 60 Date d'inscription samedi 24 mai 2008 Statut Membre Dernière intervention 3 avril 2009 - 25 mai 2008 à 09:08
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 - 26 mai 2008 à 08:56
Bonjour,

Mon Pc est infecté depuis quelques jours et je n'arrive pas a me débarrasser du virus. Avast me dit que c'est un cheval de trois et me demande ce qu'il doit faire avec le fichier infecté. Je le met en quarantaine (je l'ai aussi supprimé deux fois) mais le problème revient toutes les deux heures.Il semblerais que ce cheval de trois s'appel "Win32Vundo@dll" .

J'ai vu sur ce forum beaucoup de gens avoir le même problème que moi. J'ai donc fait ce qu'on leur a demandé, c'est à dire deux scan, un avec hijack et l'autre avec combofix. J'ai deux rapports que je vais collé en dessous. Si quelqu'un est capable de m'aider, je lui serrais super reconnaissant.



Rapport de Hijack:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:29, on 2008-05-24
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\prevhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2flenovo.live.com%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [LenovoOobeOffers] c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe /filePath="c:\swshare\firstrun.txt"
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\Windows\system32\IPSSVC.EXE
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: Incrustation (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 10641 bytes

Rapport de Combofix:

ComboFix 08-05-21.3 - greg 2008-05-24 19:09:20.1 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1036.18.987 [GMT 2:00]
Endroit: C:\Users\greg\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-24 to 2008-05-24 ))))))))))))))))))))))))))))))))))))
.

2008-05-23 14:12 . 2008-05-23 14:20 <REP> d-------- C:\Users\greg\AppData\Roaming\Canon
2008-05-23 14:04 . 2008-05-23 14:04 <REP> d--h----- C:\CanoScan
2008-05-23 14:04 . 2002-05-24 03:04 389,180 --a------ C:\Windows\System32\UCS32P.DLL
2008-05-23 14:04 . 2002-04-12 20:23 339,968 --a------ C:\Windows\System32\N124UFW.dll
2008-05-23 14:04 . 2002-09-27 14:56 69,632 --a------ C:\Windows\System32\CNQU70.DLL
2008-05-23 12:45 . 2008-05-23 12:45 <REP> d-------- C:\VundoFix Backups
2008-05-23 10:47 . 2008-05-23 10:47 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-05-20 18:53 . 2008-05-20 18:53 <REP> d-------- C:\Users\Administrator\AppData\Roaming\Lenovo
2008-05-20 18:53 . 2008-05-20 18:53 <REP> d-------- C:\Users\Administrator\AppData
2008-05-20 18:53 . 2008-05-20 18:53 <REP> d-------- C:\Users\Administrator
2008-05-20 17:59 . 2008-05-20 17:59 <REP> d-------- C:\Users\greg\AppData\Roaming\DivX
2008-05-19 13:01 . 2008-05-19 13:01 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-05-19 11:48 . 2008-05-19 11:48 <REP> d-------- C:\Program Files\Tim Heuer
2008-05-19 09:32 . 2008-05-19 09:32 <REP> d-------- C:\Program Files\Hewlett-Packard
2008-05-18 23:37 . 2008-05-18 23:37 <REP> d-------- C:\PerfLogs
2008-05-18 19:12 . 2008-01-19 05:12 3,662,296 --a------ C:\Windows\System32\locale.nls
2008-05-18 19:11 . 2008-01-19 07:54 289,467 --a------ C:\Windows\System32\dot3.tmf
2008-05-18 19:11 . 2008-01-19 07:54 261,163 --a------ C:\Windows\System32\onex.tmf
2008-05-18 19:11 . 2008-01-19 09:36 191,488 --a------ C:\Windows\System32\provthrd.dll
2008-05-18 19:09 . 2008-01-19 09:33 599,552 --a------ C:\Windows\System32\vsp1cln.exe
2008-05-18 19:09 . 2008-01-05 13:39 150 --a------ C:\Windows\System32\RacUREx.xml
2008-05-18 19:09 . 2008-01-05 13:31 3 --a------ C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2008-05-18 19:07 . 2008-01-19 09:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll
2008-05-18 15:35 . 2008-05-18 15:35 <REP> d-------- C:\Users\All Users\FLEXnet
2008-05-18 15:35 . 2008-05-18 15:35 <REP> d-------- C:\ProgramData\FLEXnet
2008-05-18 15:35 . 2008-05-18 15:35 <REP> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-05-18 15:35 . 2006-09-29 06:56 28,248 -ra------ C:\Windows\System32\AdobePDF.dll
2008-05-18 15:29 . 2008-05-23 19:38 <REP> d-------- C:\Users\All Users\Adobe
2008-05-18 14:49 . 2008-05-18 14:49 <REP> d-------- C:\Users\greg\AppData\Roaming\LaCie
2008-05-18 14:41 . 2008-05-18 14:41 <REP> d-------- C:\Windows\System32\URTTEMP
2008-05-18 12:35 . 2008-05-18 12:35 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-05-18 12:13 . 2006-10-26 19:56 32,592 --a------ C:\Windows\System32\msonpmon.dll
2008-05-18 12:11 . 2008-05-18 12:11 <REP> d-------- C:\Program Files\Microsoft Works
2008-05-18 12:09 . 2008-05-18 12:09 <REP> d-------- C:\Windows\PCHEALTH
2008-05-18 12:09 . 2008-05-18 12:09 <REP> d-------- C:\Program Files\Microsoft.NET
2008-05-18 12:07 . 2008-05-18 12:07 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-05-18 12:05 . 2008-05-18 12:05 <REP> dr-h----- C:\MSOCache
2008-05-18 11:32 . 2008-05-18 11:32 <REP> d-------- C:\Users\greg\AppData\Roaming\AdobeUM
2008-05-18 10:13 . 2008-05-23 19:38 <REP> d-------- C:\AITEMP
2008-05-18 10:01 . 2008-05-18 10:01 <REP> d-------- C:\Users\All Users\Macrovision
2008-05-18 10:01 . 2008-05-18 10:01 <REP> d-------- C:\ProgramData\Macrovision
2008-05-18 10:01 . 2008-05-18 10:01 <REP> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-05-18 09:56 . 2008-05-18 09:56 <REP> d-------- C:\Windows\System32\Adobe
2008-05-18 09:56 . 2001-11-14 20:19 16,384 --a------ C:\Windows\System32\FileOps.exe
2008-05-18 09:51 . 2008-05-23 14:34 <REP> d-------- C:\Program Files\Common Files\Adobe
2008-05-18 08:41 . 2008-05-23 10:53 <REP> d-------- C:\Users\All Users\Microsoft Help
2008-05-18 08:41 . 2008-05-23 10:53 <REP> d-------- C:\ProgramData\Microsoft Help
2008-05-18 08:27 . 2008-05-18 08:27 <REP> d-------- C:\Program Files\Common Files\McNeel Shared
2008-05-18 08:26 . 2008-05-18 08:26 <REP> d-------- C:\Users\All Users\McNeel
2008-05-18 08:26 . 2008-05-18 08:26 <REP> d-------- C:\ProgramData\McNeel
2008-05-18 08:26 . 2008-05-18 08:27 <REP> d-------- C:\Program Files\Rhinoceros 4.0
2008-05-17 17:11 . 2008-05-24 18:29 <REP> d-------- C:\Users\greg\AppData\Roaming\skypePM
2008-05-17 17:11 . 2008-05-24 19:05 <REP> d-------- C:\Users\greg\AppData\Roaming\Skype
2008-05-17 17:11 . 2008-05-17 17:11 56 ---h----- C:\Users\All Users\ezsidmv.dat
2008-05-17 17:11 . 2008-05-17 17:11 56 ---h----- C:\ProgramData\ezsidmv.dat
2008-05-17 17:10 . 2008-05-17 17:10 <REP> d-------- C:\Users\All Users\Skype
2008-05-17 17:10 . 2008-05-17 17:10 <REP> d-------- C:\ProgramData\Skype
2008-05-17 17:10 . 2008-05-17 17:10 <REP> d-------- C:\Program Files\Skype
2008-05-17 17:10 . 2008-05-20 18:26 <REP> d-------- C:\Program Files\Common Files\Skype
2008-05-17 11:33 . 2008-05-17 11:33 188 --------- C:\Windows\x
2008-05-17 11:29 . 2007-03-15 03:45 390,144 --------- C:\Windows\System32\wlangpui.dll
2008-05-17 11:29 . 2007-03-15 03:43 225,792 --------- C:\Windows\System32\dot3gpui.dll
2008-05-17 11:29 . 2007-03-15 03:46 199,680 --------- C:\Windows\System32\wlanui.dll
2008-05-17 11:29 . 2007-03-15 03:45 162,816 --------- C:\Windows\System32\onex.dll
2008-05-17 11:29 . 2007-03-15 03:43 146,944 --------- C:\Windows\System32\dot3svc.dll
2008-05-17 11:29 . 2007-03-15 03:43 141,824 --------- C:\Windows\System32\dot3ui.dll
2008-05-17 11:29 . 2007-03-15 03:43 72,192 --------- C:\Windows\System32\dot3msm.dll
2008-05-17 11:29 . 2007-03-15 03:43 45,568 --------- C:\Windows\System32\dot3dlg.dll
2008-05-17 11:29 . 2007-03-15 03:43 26,112 --------- C:\Windows\System32\dot3api.dll
2008-05-17 11:07 . 2008-02-03 09:20 47,680 --------- C:\Windows\System32\drivers\tvtumon.sys
2008-05-17 10:43 . 2008-05-17 10:43 47 --------- C:\Windows\System32\drivers\IBM_6460_6XG.MRK
2008-05-17 09:55 . 2008-05-17 09:55 1,585,664 --------- C:\Windows\System32\setupapi.dll
2008-05-17 09:25 . 2008-05-17 09:25 694,784 --------- C:\Windows\System32\localspl.dll
2008-05-17 09:24 . 2008-05-17 09:24 2,923,520 --------- C:\Windows\explorer.exe
2008-05-17 09:22 . 2008-05-17 09:22 1,060,920 --------- C:\Windows\System32\drivers\ntfs.sys
2008-05-17 09:21 . 2008-05-17 09:21 8,147,968 --------- C:\Windows\System32\wmploc.DLL
2008-05-17 09:21 . 2008-05-17 09:21 356,864 --------- C:\Windows\System32\MediaMetadataHandler.dll
2008-05-17 09:21 . 2008-05-17 09:21 7,680 --------- C:\Windows\System32\spwmp.dll
2008-05-17 09:21 . 2008-05-17 09:21 4,096 --------- C:\Windows\System32\msdxm.ocx
2008-05-17 09:21 . 2008-05-17 09:21 4,096 --------- C:\Windows\System32\dxmasf.dll
2008-05-17 09:19 . 2008-05-17 09:19 803,328 --------- C:\Windows\System32\drivers\tcpip.sys
2008-05-17 09:19 . 2008-05-17 09:19 216,632 --------- C:\Windows\System32\drivers\netio.sys
2008-05-17 09:19 . 2008-05-17 09:19 167,424 --------- C:\Windows\System32\tcpipcfg.dll
2008-05-17 09:19 . 2008-05-17 09:19 24,064 --------- C:\Windows\System32\netcfg.exe
2008-05-17 09:19 . 2008-05-17 09:19 22,016 --------- C:\Windows\System32\netiougc.exe
2008-05-17 09:18 . 2008-05-17 09:18 1,327,104 --------- C:\Windows\System32\quartz.dll
2008-05-17 09:17 . 2008-05-17 09:17 2,027,008 --------- C:\Windows\System32\win32k.sys
2008-05-17 09:17 . 2008-05-17 09:17 296,448 --------- C:\Windows\System32\gdi32.dll
2008-05-17 09:17 . 2008-05-17 09:17 223,232 --------- C:\Windows\System32\WMASF.DLL
2008-05-17 09:17 . 2008-05-17 09:17 9,728 --------- C:\Windows\System32\LAPRXY.DLL
2008-05-17 09:17 . 2008-05-17 09:17 2,048 --------- C:\Windows\System32\asferror.dll
2008-05-17 09:16 . 2008-05-17 09:16 1,335,296 --------- C:\Windows\System32\msxml6.dll
2008-05-17 09:16 . 2008-05-17 09:16 2,048 --------- C:\Windows\System32\msxml6r.dll
2008-05-17 09:14 . 2008-05-17 09:14 737,792 --------- C:\Windows\System32\inetcomm.dll
2008-05-17 09:14 . 2008-05-17 09:14 84,480 --------- C:\Windows\System32\INETRES.dll
2008-05-17 09:14 . 2008-05-17 09:14 11,776 --------- C:\Windows\System32\sbunattend.exe
2008-05-17 09:13 . 2008-05-17 09:13 788,992 --------- C:\Windows\System32\rpcrt4.dll
2008-05-17 09:13 . 2008-05-17 09:13 130,048 --------- C:\Windows\System32\drivers\srv2.sys
2008-05-17 09:13 . 2008-05-17 09:13 101,888 --------- C:\Windows\System32\drivers\mrxsmb.sys
2008-05-17 09:13 . 2008-05-17 09:13 84,992 --------- C:\Windows\System32\drivers\srvnet.sys
2008-05-17 09:13 . 2008-05-17 09:13 83,968 --------- C:\Windows\System32\dnsrslvr.dll
2008-05-17 09:13 . 2008-05-17 09:13 58,368 --------- C:\Windows\System32\drivers\mrxsmb20.sys
2008-05-17 09:13 . 2008-05-17 09:13 24,576 --------- C:\Windows\System32\dnscacheugc.exe
2008-05-17 09:11 . 2008-05-17 09:11 <REP> d-------- C:\Program Files\MSXML 4.0
2008-05-17 09:08 . 2008-05-17 09:08 2,048 --------- C:\Windows\System32\tzres.dll
2008-05-17 09:07 . 2008-05-17 09:07 750,080 --------- C:\Windows\System32\qmgr.dll
2008-05-17 09:06 . 2008-05-17 09:06 1,244,672 --------- C:\Windows\System32\mcmde.dll
2008-05-17 08:53 . 2008-05-24 19:14 5,200 --a------ C:\Windows\System32\ICAutoUpdate.log.bak
2008-05-17 08:47 . 2008-05-18 23:43 38,291,469 --a------ C:\sysiclog.txt.bak
2008-05-17 08:39 . 2008-05-17 08:39 33,536 --------- C:\Windows\System32\drivers\tvtfilter.sys
2008-05-17 08:22 . 2008-05-17 08:22 21,376 --------- C:\Windows\System32\drivers\psadd.sys
2008-05-17 08:21 . 2008-05-17 08:21 <REP> d-------- C:\Icons
2008-05-17 07:42 . <REP> C:\RRbackups
2008-05-17 07:42 . 2007-02-07 02:04 158,456 --------- C:\Windows\System32\pxwma.dll
2008-05-17 07:42 . 2008-05-20 18:58 1,732 --a------ C:\tvtpktfilter.dat
2008-05-17 07:31 . 2008-05-17 08:34 <REP> d-------- C:\Windows\Downloaded Installations
2008-05-17 07:30 . 2008-05-17 07:30 <REP> d-------- C:\Users\All Users\PC-Doctor
2008-05-17 07:30 . 2008-05-17 07:30 <REP> d-------- C:\ProgramData\PC-Doctor
2008-05-17 07:29 . 2008-05-23 08:38 <REP> d-------- C:\Program Files\PCDR5
2008-05-17 07:18 . 2008-05-17 07:18 <REP> d-------- C:\Program Files\InterVideo
2008-05-17 07:18 . 2008-05-17 07:26 13,959,168 --------- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
2008-05-17 07:18 . 2002-11-22 11:57 204,800 --------- C:\Windows\System32\IVIresizeW7.dll
2008-05-17 07:18 . 2002-11-22 11:57 200,704 --------- C:\Windows\System32\IVIresizeA6.dll
2008-05-17 07:18 . 2008-05-17 07:26 196,608 --------- C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf
2008-05-17 07:18 . 2002-11-22 11:57 192,512 --------- C:\Windows\System32\IVIresizeP6.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-20 16:28 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-05-20 16:28 --------- d-----w C:\Program Files\Windows Mail
2008-05-20 16:28 --------- d-----w C:\Program Files\Windows Journal
2008-05-20 16:28 --------- d-----w C:\Program Files\Windows Collaboration
2008-05-20 16:28 --------- d-----w C:\Program Files\Windows Calendar
2008-05-17 07:54 54,784 ------w C:\Windows\system32\drivers\i8042prt.sys
2008-05-17 07:54 495,160 ------w C:\Windows\system32\drivers\Wdf01000.sys
2008-05-17 07:54 35,384 ------w C:\Windows\system32\drivers\WdfLdr.sys
2008-05-17 07:54 35,384 ------w C:\Windows\system32\drivers\kbdclass.sys
2008-05-17 07:54 34,360 ------w C:\Windows\system32\drivers\mouclass.sys
2008-05-17 07:54 19,968 ------w C:\Windows\system32\drivers\sermouse.sys
2008-05-17 07:54 15,872 ------w C:\Windows\system32\drivers\mouhid.sys
2008-05-17 07:33 174 --sh--w C:\Program Files\desktop.ini
2008-05-17 07:27 --------- d-----w C:\Program Files\Windows Sidebar
2008-05-17 07:25 70,144 ------w C:\Windows\system32\drivers\pacer.sys
2008-05-17 07:25 619,008 ------w C:\Windows\system32\drivers\dxgkrnl.sys
2008-05-17 07:25 61,952 ------w C:\Windows\system32\drivers\wanarp.sys
2008-05-17 07:25 48,640 ------w C:\Windows\system32\drivers\ndproxy.sys
2008-05-17 07:25 20,480 ------w C:\Windows\system32\drivers\ndistapi.sys
2008-05-17 07:24 28,344 ------w C:\Windows\system32\drivers\battc.sys
2008-05-17 07:24 258,232 ------w C:\Windows\system32\drivers\acpi.sys
2008-05-17 07:24 20,920 ------w C:\Windows\system32\drivers\compbatt.sys
2008-05-17 07:24 14,208 ------w C:\Windows\system32\drivers\CmBatt.sys
2008-05-17 07:24 110,080 ------w C:\Windows\system32\drivers\mrxdav.sys
2008-05-17 07:24 11,264 ------w C:\Windows\system32\drivers\wmiacpi.sys
2008-05-17 07:20 45,112 ------w C:\Windows\system32\drivers\pciidex.sys
2008-05-17 07:20 211,000 ------w C:\Windows\system32\drivers\volsnap.sys
2008-05-17 07:20 21,560 ------w C:\Windows\system32\drivers\atapi.sys
2008-05-17 07:20 17,464 ------w C:\Windows\system32\drivers\intelide.sys
2008-05-17 07:20 154,624 ------w C:\Windows\system32\drivers\nwifi.sys
2008-05-17 07:20 109,624 ------w C:\Windows\system32\drivers\ataport.sys
2008-05-17 07:15 537,600 ------w C:\Windows\AppPatch\AcLayers.dll
2008-05-17 07:15 449,536 ------w C:\Windows\AppPatch\AcSpecfc.dll
2008-05-17 07:15 320,000 ------w C:\Windows\system32\drivers\csc.sys
2008-05-17 07:15 2,560 ------w C:\Windows\AppPatch\AcRes.dll
2008-05-17 07:15 2,144,256 ------w C:\Windows\AppPatch\AcGenral.dll
2008-05-17 07:15 173,056 ------w C:\Windows\AppPatch\AcXtrnal.dll
2008-05-17 07:12 52,736 ------w C:\Windows\AppPatch\iebrshim.dll
2008-05-17 04:31 53,760 ------w C:\Windows\system32\drivers\hdaudbus.sys
2008-05-17 04:30 13,312 ------w C:\Windows\system32\drivers\sffdisk.sys
2008-05-17 04:30 12,800 ------w C:\Windows\system32\drivers\sffp_sd.sys
2008-05-17 04:30 12,800 ------w C:\Windows\system32\drivers\sffp_mmc.sys
2008-05-17 04:29 63,488 ------w C:\Windows\system32\drivers\mpsdrv.sys
2008-05-17 04:29 23,040 ------w C:\Windows\system32\drivers\tunnel.sys
2008-05-17 04:29 15,360 ------w C:\Windows\system32\drivers\TUNMP.SYS
2008-05-17 04:22 --------- d-----w C:\Program Files\Windows Defender
2008-05-17 04:12 5,888 ------w C:\Windows\system32\drivers\usbd.sys
2008-05-17 04:12 38,912 ------w C:\Windows\system32\drivers\hidclass.sys
2008-05-17 04:12 38,400 ------w C:\Windows\system32\drivers\usbehci.sys
2008-05-17 04:12 25,472 ------w C:\Windows\system32\drivers\hidparse.sys
2008-05-17 04:12 23,040 ------w C:\Windows\system32\drivers\usbuhci.sys
2008-05-17 04:12 224,768 ------w C:\Windows\system32\drivers\usbport.sys
2008-05-17 04:12 192,000 ------w C:\Windows\system32\drivers\usbhub.sys
2008-05-17 04:12 12,288 ------w C:\Windows\system32\drivers\hidusb.sys
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}]
2008-02-19 13:05 784960 --------- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-05-17 09:14 1232896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPHOTKEY"="C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe" [2008-01-24 10:21 66928]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-21 18:08 820520]
"PWMTRV"="C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2008-01-11 02:20 558368]
"BLOG"="C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL" [2008-01-11 02:20 214576]
"TpShocks"="TpShocks.exe" [2007-11-22 15:09 181536 C:\Windows\System32\TpShocks.exe]
"EZEJMNAP"="C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2007-04-27 02:33 243248]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-27 09:57 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-27 09:57 8433664]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-27 09:57 81920]
"TVT Scheduler Proxy"="C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 10:34 487424]
"DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-11-16 01:21 217176]
"AwaySch"="C:\Program Files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 12:51 91688]
"LPManager"="C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe" [2008-01-11 02:21 144728]
"ACTray"="C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe" [2008-03-17 13:37 431392]
"ACWLIcon"="C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2008-03-17 13:37 128288]
"LenovoOobeOffers"="c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe" [2006-12-29 19:01 28672]
"LPMailChecker"="C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2008-01-11 02:21 124248]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2007-12-07 10:13 1282048]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 11:45 222208]
"TPFNF7"="C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-03-26 03:06 59680]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]

C:\Users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-05-18 09:52:43 110592]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [2007-03-29 22:11:50 719664]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2008-05-17 01:10:11 50688]
Lancement rapide d'Adobe Acrobat.lnk - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2008-05-18 15:35:10 295606]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
C:\Windows\system32\psqlpwd.dll 2007-03-15 07:17 89600 C:\Windows\System32\psqlpwd.dll

[HKLM\~\startupfolder\C:^Users^greg^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LenovoWelcome.lnk]
path=C:\Users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LenovoWelcome.lnk
backup=C:\Windows\pss\LenovoWelcome.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]
--------- 2007-02-01 20:00 419376 C:\Program Files\ThinkVantage\AMSG\Amsg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
--------- 2007-11-29 18:36 2872632 C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
--------- 2008-03-26 03:06 59680 C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{31656E5A-22D0-436A-857A-7CD86485D68D}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{89326607-E7DD-45E0-8A0C-B3D3DBC892D2}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{EE2BBB68-C915-4B68-8659-EE17F6510740}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{A5CF1979-9612-439E-B2FE-CF2CB0890ED1}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{09B517E2-7819-4C14-AFD4-4DA797D972DD}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{D19BF4B0-714A-4C29-AECB-5ABC3ADCE1CD}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{B502816C-67C0-4BCD-BC55-7954170E976F}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{04C06AED-F3FF-40E1-9B99-8AED25D0703B}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{70348BAD-A40C-4A94-A588-49A56E68EF94}C:\\program files\\aim6\\aim6.exe"= UDP:C:\program files\aim6\aim6.exe:AIM
"UDP Query User{1FB05F3B-88D1-4862-8477-19943CC295B4}C:\\program files\\aim6\\aim6.exe"= TCP:C:\program files\aim6\aim6.exe:AIM

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R0 Shockprf;Shockprf;C:\Windows\system32\DRIVERS\Apsx86.sys [2007-10-16 18:33]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\system32\DRIVERS\ApsHM86.sys [2007-10-16 18:32]
R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\system32\DRIVERS\smiif32.sys [2006-08-30 12:04]
R1 TPPWRIF;TPPWRIF;C:\Windows\system32\drivers\Tppwr32v.sys [2008-01-11 02:20]
R1 tvtumon;tvtumon;C:\Windows\system32\DRIVERS\tvtumon.sys [2008-02-03 09:20]
R2 AEADIFilters;Andrea ADI Filters Service;C:\Windows\system32\AEADISRV.EXE [2007-02-05 23:44]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]
R2 smihlp;SMI Helper Driver (smihlp);C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [2007-03-15 07:10]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 14:36]
R3 TcUsb;TC USB Kernel Driver;C:\Windows\system32\Drivers\tcusb.sys [2007-03-15 06:50]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\system32\DRIVERS\Tvti2c.sys [2007-05-22 21:59]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 09:30]
S3 btwaudio;Bluetooth Audio Device Service;C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 20:46]
S3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 07:20]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 07:20]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-24 17:11:15 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
A voir également:

6 réponses

Réponse 1 / 6
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
26 mai 2008 à 08:56
Bonjour

C'est du n'importe quoi ...

http://www.commentcamarche.net/forum/affich 6580977 win32 vundo dll et rapport hijack
http://www.commentcamarche.net/forum/affich 6579984 win32 vundo dll trj

http://www.commentcamarche.net/forum/affich 6561325 win32 vundo dll

http://www.commentcamarche.net/forum/affich 6566474 virus win32vundo dll

4 sujets d'ouverts !!!
2
Réponse 2 / 6
gregrock Messages postés 60 Date d'inscription samedi 24 mai 2008 Statut Membre Dernière intervention 3 avril 2009
25 mai 2008 à 09:15
Je viens d'essayer les deux, le premier ne détecte rien et le second me dit que je n'ai pas les droits d'administrateur (ce qui n'est pas vrais) et que je ne peut donc pas utilisé le programme ...
0
Réponse 3 / 6
gregrock Messages postés 60 Date d'inscription samedi 24 mai 2008 Statut Membre Dernière intervention 3 avril 2009
25 mai 2008 à 09:27
malheureusement déjà essayé. Il ne le détecte pas...
0
Réponse 4 / 6
gregrock Messages postés 60 Date d'inscription samedi 24 mai 2008 Statut Membre Dernière intervention 3 avril 2009
25 mai 2008 à 09:42
je suis sur la page de f secure mais je ne sais pas ce que veux dire "Installe les active X en haut de ta page Internet et Analyse compléte du systéme." ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
gregrock Messages postés 60 Date d'inscription samedi 24 mai 2008 Statut Membre Dernière intervention 3 avril 2009
25 mai 2008 à 09:44
ok je lance le scan
0
Réponse 6 / 6
gregrock Messages postés 60 Date d'inscription samedi 24 mai 2008 Statut Membre Dernière intervention 3 avril 2009
25 mai 2008 à 10:54
voila analise terminée. Il n'a pas trouvé de virus mais un logiciel espion "antiprograme" le l'ai netoyé et voila le rapport :


Scanning Report
Sunday, May 25, 2008 09:49:26 - 10:52:04

Computer name: PC-DE-GREG
Scanning type: Scan system for malware, rootkits
Target: C:\ D:\
Result: 1 malware found
Tracking Cookie (spyware)

* System

Statistics
Scanned:

* Files: 57016
* System: 5168
* Not scanned: 15

Actions:

* Disinfected: 0
* Renamed: 0
* Deleted: 0
* None: 1
* Submitted: 0

Files not scanned:

* C:\PAGEFILE.SYS
* C:\WINDOWS\SYSTEM32\CONFIG\COMPONENTS
* C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
* C:\WINDOWS\SYSTEM32\CONFIG\SAM
* C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
* C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
* C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
* C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\COMPONENTS
* C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT
* C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM
* C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY
* C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE
* C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM
* C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB
* C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB

Options
Scanning engines:

* F-Secure USS: 2.30.0
* F-Secure Hydra: 2.8.8110, 2008-05-23
* F-Secure AVP: 7.0.171, 2008-05-23
* F-Secure Pegasus: 1.20.0, 2008-04-15

Scanning options:

* Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JPG LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
* Use Advanced heuristics
0

Discussions similaires

XINPUT1_3.dll manquant (missing)
Maxirugue -
dan -

39 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
Probleme d'installation jeu pc (il manquerait " XINPUT1_3.dll)
Rogerleraton -
Rogerleraton -

6 réponses