Vundo enregistrer dans la base de registre
Annie
-
totobetourne Messages postés 5677 Statut Membre -
totobetourne Messages postés 5677 Statut Membre -
Bonjour,
mon ordinateur est affecté par virtumonde.prx
j'ai essayé plusieurs programme comme spybot, virtumondebegone, mcAfee, ad-aware, mais aucun de ces programmes n'arrive a le supprimé. Voici mon log hijackthis si quelqu'un veut bien m'aider, porter une attention particulière à O4 - HKLM\..\Run: [BMe30bce98] Rundll32.exe "C:\Windows\system32\uipqnfga.dll",s
Merci d'avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:22:04, on 2008-10-01
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Users\OLSTL3\AppData\Local\Apps\2.0\72N6TY97.T88\9RQHCOCK.G92\rapi..tion_beb8bcbf36015e49_0000.0001_73ca99bd24db9b2a\RapidShareManager.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Lenovo\System Update\Tvsukernel.exe
C:\Users\OLSTL3\Desktop\Divers\HiJackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02C250B3-93BC-4B32-AFB3-D93126B9AA43} - (no file)
O2 - BHO: (no name) - {03367559-3CF4-4478-9F36-EAD98DA03C58} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {103D8C9F-4AE9-4EAD-9AC8-6C3110294C96} - (no file)
O2 - BHO: (no name) - {138F74DA-A5D8-4E04-8F68-43DD71C7B329} - (no file)
O2 - BHO: (no name) - {2607C63F-E08A-47BA-A324-5802FDCF07F3} - (no file)
O2 - BHO: (no name) - {27DC0296-4E0E-46AB-A366-836FB568A90C} - (no file)
O2 - BHO: (no name) - {31A5B6F4-0035-4C5E-ABBF-DD9D4BBE9B2A} - (no file)
O2 - BHO: (no name) - {3EDE08BC-2CA1-4E33-A60A-AEDDCD3FB854} - (no file)
O2 - BHO: (no name) - {43A3F5FE-E042-4942-B5F6-B5F10D920FF1} - (no file)
O2 - BHO: (no name) - {43ba1fc6-44f0-414f-a97e-20b55ec54388} - (no file)
O2 - BHO: (no name) - {46F16FF8-1605-4978-B57B-BF4190DF84AE} - (no file)
O2 - BHO: (no name) - {4D6FCA0E-E8CC-42E9-98FF-0204F4BC4D1C} - (no file)
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {673CBD50-8D2D-4337-B6F0-68AE8A9ED9AD} - (no file)
O2 - BHO: (no name) - {6A8426B8-DC24-4DE4-B176-9444EF1EB5FF} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {78eda505-d9a3-4d0b-87de-08199711660e} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8B772872-12E9-459E-A8CC-BF4E03E2AA81} - (no file)
O2 - BHO: (no name) - {90116AD2-E38C-4CFF-A697-49756C2D6E8D} - (no file)
O2 - BHO: (no name) - {96AECA7D-F2E0-46DF-AEA7-4EED8B533AB3} - (no file)
O2 - BHO: (no name) - {9D087DA8-D7BE-415F-9DF4-6DBB51DCE295} - (no file)
O2 - BHO: (no name) - {9DFE0349-8964-43A5-A9D5-4EFEC3E25500} - (no file)
O2 - BHO: (no name) - {9E0E3F0C-458F-4E5E-B6DA-035AA67EBCD5} - (no file)
O2 - BHO: (no name) - {9F113ACF-FD7E-4308-A6D8-1AD2858C5B5D} - (no file)
O2 - BHO: (no name) - {9FE1C424-EFEF-421F-B276-2C8CB6B76361} - (no file)
O2 - BHO: (no name) - {A6BAEBB1-5C27-4654-9D2C-AD57A1263645} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {BA375658-849F-49AC-B3F3-8B643D94BDF9} - (no file)
O2 - BHO: (no name) - {BB232496-152B-4DB4-A2F3-24F4158165BA} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: (no name) - {cc31d9e7-55e6-4f05-ad6d-8405d641a372} - (no file)
O2 - BHO: (no name) - {CD5C71E9-1E0B-4DEE-B721-71B90E6789EF} - (no file)
O2 - BHO: (no name) - {D1922975-6FC8-48B4-B22A-87F8346A3AB4} - (no file)
O2 - BHO: (no name) - {dc410b0c-95e4-4936-b72b-6c9e73da1c62} - (no file)
O2 - BHO: (no name) - {E389FAEF-61E3-449D-9BA3-E23C341F68EA} - (no file)
O2 - BHO: (no name) - {F1514910-1A7C-4808-B105-DCF8B359A3DE} - (no file)
O2 - BHO: (no name) - {FFD24ABB-F473-4B18-87AE-9DCA4D44580E} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Unattend0000000001{F6C91909-F4BA-49EC-A4D5-26268327D8BE}] c:\windows\idprop.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BMe30bce98] Rundll32.exe "C:\Windows\system32\uipqnfga.dll",s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DLD.EXE] C:\Program Files\Download Direct\DLD.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: https://www.montrealwebcam.com
O15 - Trusted Zone: http://www.webCT.ulaval.ca
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - https://support.lenovo.com/fr/en/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Universite Laval Cisco VPN Client VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\UnivLaval\VPN Client\cvpnd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\Windows\system32\IPSSVC.EXE
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: Incrustation (TPHKSVC) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
mon ordinateur est affecté par virtumonde.prx
j'ai essayé plusieurs programme comme spybot, virtumondebegone, mcAfee, ad-aware, mais aucun de ces programmes n'arrive a le supprimé. Voici mon log hijackthis si quelqu'un veut bien m'aider, porter une attention particulière à O4 - HKLM\..\Run: [BMe30bce98] Rundll32.exe "C:\Windows\system32\uipqnfga.dll",s
Merci d'avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:22:04, on 2008-10-01
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Users\OLSTL3\AppData\Local\Apps\2.0\72N6TY97.T88\9RQHCOCK.G92\rapi..tion_beb8bcbf36015e49_0000.0001_73ca99bd24db9b2a\RapidShareManager.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Lenovo\System Update\Tvsukernel.exe
C:\Users\OLSTL3\Desktop\Divers\HiJackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02C250B3-93BC-4B32-AFB3-D93126B9AA43} - (no file)
O2 - BHO: (no name) - {03367559-3CF4-4478-9F36-EAD98DA03C58} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {103D8C9F-4AE9-4EAD-9AC8-6C3110294C96} - (no file)
O2 - BHO: (no name) - {138F74DA-A5D8-4E04-8F68-43DD71C7B329} - (no file)
O2 - BHO: (no name) - {2607C63F-E08A-47BA-A324-5802FDCF07F3} - (no file)
O2 - BHO: (no name) - {27DC0296-4E0E-46AB-A366-836FB568A90C} - (no file)
O2 - BHO: (no name) - {31A5B6F4-0035-4C5E-ABBF-DD9D4BBE9B2A} - (no file)
O2 - BHO: (no name) - {3EDE08BC-2CA1-4E33-A60A-AEDDCD3FB854} - (no file)
O2 - BHO: (no name) - {43A3F5FE-E042-4942-B5F6-B5F10D920FF1} - (no file)
O2 - BHO: (no name) - {43ba1fc6-44f0-414f-a97e-20b55ec54388} - (no file)
O2 - BHO: (no name) - {46F16FF8-1605-4978-B57B-BF4190DF84AE} - (no file)
O2 - BHO: (no name) - {4D6FCA0E-E8CC-42E9-98FF-0204F4BC4D1C} - (no file)
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {673CBD50-8D2D-4337-B6F0-68AE8A9ED9AD} - (no file)
O2 - BHO: (no name) - {6A8426B8-DC24-4DE4-B176-9444EF1EB5FF} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {78eda505-d9a3-4d0b-87de-08199711660e} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8B772872-12E9-459E-A8CC-BF4E03E2AA81} - (no file)
O2 - BHO: (no name) - {90116AD2-E38C-4CFF-A697-49756C2D6E8D} - (no file)
O2 - BHO: (no name) - {96AECA7D-F2E0-46DF-AEA7-4EED8B533AB3} - (no file)
O2 - BHO: (no name) - {9D087DA8-D7BE-415F-9DF4-6DBB51DCE295} - (no file)
O2 - BHO: (no name) - {9DFE0349-8964-43A5-A9D5-4EFEC3E25500} - (no file)
O2 - BHO: (no name) - {9E0E3F0C-458F-4E5E-B6DA-035AA67EBCD5} - (no file)
O2 - BHO: (no name) - {9F113ACF-FD7E-4308-A6D8-1AD2858C5B5D} - (no file)
O2 - BHO: (no name) - {9FE1C424-EFEF-421F-B276-2C8CB6B76361} - (no file)
O2 - BHO: (no name) - {A6BAEBB1-5C27-4654-9D2C-AD57A1263645} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {BA375658-849F-49AC-B3F3-8B643D94BDF9} - (no file)
O2 - BHO: (no name) - {BB232496-152B-4DB4-A2F3-24F4158165BA} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: (no name) - {cc31d9e7-55e6-4f05-ad6d-8405d641a372} - (no file)
O2 - BHO: (no name) - {CD5C71E9-1E0B-4DEE-B721-71B90E6789EF} - (no file)
O2 - BHO: (no name) - {D1922975-6FC8-48B4-B22A-87F8346A3AB4} - (no file)
O2 - BHO: (no name) - {dc410b0c-95e4-4936-b72b-6c9e73da1c62} - (no file)
O2 - BHO: (no name) - {E389FAEF-61E3-449D-9BA3-E23C341F68EA} - (no file)
O2 - BHO: (no name) - {F1514910-1A7C-4808-B105-DCF8B359A3DE} - (no file)
O2 - BHO: (no name) - {FFD24ABB-F473-4B18-87AE-9DCA4D44580E} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Unattend0000000001{F6C91909-F4BA-49EC-A4D5-26268327D8BE}] c:\windows\idprop.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BMe30bce98] Rundll32.exe "C:\Windows\system32\uipqnfga.dll",s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DLD.EXE] C:\Program Files\Download Direct\DLD.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: https://www.montrealwebcam.com
O15 - Trusted Zone: http://www.webCT.ulaval.ca
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - https://support.lenovo.com/fr/en/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Universite Laval Cisco VPN Client VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\UnivLaval\VPN Client\cvpnd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\Windows\system32\IPSSVC.EXE
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: Incrustation (TPHKSVC) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
A voir également:
- Vundo enregistrer dans la base de registre
- Base de registre - Guide
- Audacity enregistrer son pc - Guide
- Comment enregistrer une conversation - Guide
- Formules mathématiques de base - Télécharger - Études & Formations
- Enregistrer son ecran - Guide
1 réponse
bonjour
1)pour vista si infection.
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html
2)Telecharges malwares bytes anti malwares :
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
fais comme indique,mise a jour , scan complet en mode sans echec et les rapports.
garde le et lance un scan tout les mois comme indique.
si tu as ad aware tu peux desinstalle car il ne reconnait plus grand chose.
1)pour vista si infection.
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html
2)Telecharges malwares bytes anti malwares :
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
fais comme indique,mise a jour , scan complet en mode sans echec et les rapports.
garde le et lance un scan tout les mois comme indique.
si tu as ad aware tu peux desinstalle car il ne reconnait plus grand chose.
