Virus dans services.Exe
Résolu/Fermé
A voir également:
- Virus dans services.Exe
- Svchost.exe virus - Guide
- Lien virus à envoyer - Forum Virus
- Faux message virus iphone - Forum iPhone
- Vérificateur de lien virus - Guide
- Produkey virus ✓ - Forum Windows 10
25 oct. 2008 à 01:34
Scan Time: 25/10/2008 01:31:21 length: 110 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 40727 (Critical:2)
Filter: No System items, No Safe items, No Invalid items
Running Processes
BlueSoleilCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
BsMobileCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
NMSAccessU.exe : C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe
StarWindServiceAE.exe [Rocket Division Software] : C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
WLService.exe [GEMTEKS] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
WUSB54GC.exe [Linksys] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
BsHelpCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
services.exe : C:\WINDOWS\services.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://fr.yahoo.com/
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = localhost
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
Toolbars
03 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run, DirectX For Microsoft® Windows : : C:\WINDOWS\system32\fservice.exe
04 - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, GinaDLL : [Gemtek] : C:\WINDOWS\system32\GTGina.dll
Shell Extensions
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
IEProtocolHandler Class - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - [Skype Technologies] : C:\WINDOWS\system32\skype4com.dll
Services
23 - [Andrea Electronics Corporation] : C:\WINDOWS\system32\drivers\aeaudio.sys
23 - [Meetinghouse Data Communications] : C:\WINDOWS\system32\DRIVERS\AegisP.sys
23 - [Pinnacle Systems GmbH] : C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\BtHidBus.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\IvtBtBus.sys
23 - : C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe
23 - [Ralink Technology, Corp.] : C:\WINDOWS\system32\DRIVERS\rt73.sys
23 - [Sensaura] : C:\WINDOWS\system32\drivers\senfilt.sys
23 - [Analog Devices, Inc.] : C:\WINDOWS\system32\drivers\smwdm.sys
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Rocket Division Software] : C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23 - [IVT Corporation.] : C:\WINDOWS\system32\DRIVERS\VComm.sys
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\VcommMgr.sys
23 - [GEMTEKS] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
23 - [Printing Communications Assoc., Inc. (PCAUSA)] : C:\WINDOWS\system32\GTNDIS5.SYS
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\WINDOWS\system32\igfxsrvc.dll
System Policies
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, HomePage : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, ConnectionsTab : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, Proxy : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, ResetWebSettings : :
Threat Files
<Trojan.Dloader.Agent.ZFG> : C:\WINDOWS\services.exe
<Backdoor.Prorat.bj> : C:\WINDOWS\system32\winkey.dll
Advanced Files Report
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [BlueSoleilCS Module] MD5=236308422E6773D7E939D721EF0A4131 SIZE=778240
%SYSDIR%\bstrace.dll [ivt] [ivt BsTrace] MD5=C09F55892B3D089AC4CE149568BE4112 SIZE=28760
%PROGRAMFILES%\IVT Corporation\BlueSoleil\setup.dll MD5=6ACC26C49EEBA9DF6578F106E8ED956E SIZE=102520
%SYSDIR%\BsHelpCSps.dll [IVT Corporation] [BlueSoleil] MD5=0AF6BFCE166E427B0215DFAE361D1966 SIZE=94314
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BsMobileCS.exe [BsMobileCS Module] MD5=9C2600C566BA40953FDF4D886D47FB94 SIZE=143467
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\svrpack.dll [IVT Software Technology lnc.] [Svrpack] MD5=3E49F44E7A2E94AB5EEE79353FE9062A SIZE=176206
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\BaseLib.dll MD5=37EB8B79B8973192C837FB5216930494 SIZE=237568
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\ExtraLib.dll MD5=9613E9DC9C30F4319342FAD2814A9C3C SIZE=61440
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\cscvt.dll MD5=E8335D896DECD1C1B7AD583411EC9F5D SIZE=41472
%PROGRAMFILES%\ALO SOFT\ALO CD BURNER\NMSAccessU.exe MD5=FD306FBCCE7ADB1077B709742E7148E9 SIZE=71096
%PROGRAMFILES%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [Rocket Division Software] [StarWind Alcohol Edition] MD5=B1691AF4A072CB674D600DB16DD7308E SIZE=275968
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe [GEMTEKS] [GEMTEKS WLService] MD5=CCFDECD6060EA8EB0F8466782A97FF21 SIZE=53307
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe [Linksys] [WUSB54GC] MD5=FF6A6CBA6EAFE6A2FD3D50B2364D9194 SIZE=5247488
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\Security.dll MD5=2DB998638EAE8055E5397C380D24EA62 SIZE=45056
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ProcNICs.dll [GemTek] [GemTek ProcNICs] MD5=9F7E762DAE91A8D01D9B1EDD6F034BB6 SIZE=36864
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\resWUSB54GC_US.dll [Linksys] [WUSB54GC] MD5=7C8E26F7B5EC39C405A44D74029D1104 SIZE=966656
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\aviWUSB54GC.dll [Linksys] [Version 1.0] MD5=EFEB0215329B1EB6D1B4135774CF4674 SIZE=429056
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\GEMWEP.DLL [WEP Dynamic Link Library] MD5=D59795CA678B7259917AE4EFE152C000 SIZE=110592
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\Ralinktek.DLL [GemTK] [GemTK Dynamic Link Library] MD5=9FC62518F5EED0B37582B61EBD366DC7 SIZE=81920
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\RM_DEV_CODE.dll [GEMTEKS] [GEMTEKS RM_DEV_CODE] MD5=C825A2C2C2FDE8E4D21D13B70AE2FFEB SIZE=40960
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\SES.dll [Linksys] [Linksys SES] MD5=D89F25194AB44961D980F87CA568691B SIZE=77824
%SYSDIR%\GTW32N50.dll MD5=3FBEF477816CEE3E1B67C18727837BF9 SIZE=94208
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ez54g.dll [ez54g Dynamic Link Library] MD5=6831C35A1B65BCD3813C9AE4AAA742E5 SIZE=122880
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ses_cl.dll MD5=7149A4A6431304C60757A3A65B42F96F SIZE=102400
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\0004\AegisE5.dll [Meetinghouse Data Communications] [AEGIS Client API] MD5=B308A8D9AC375D87320133E101288132 SIZE=1417307
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BsHelpCS.exe [BsHelpCS Module] MD5=76762D169FFC6727359FD58C8FC00487 SIZE=69735
%SYSDIR%\reginv.dll MD5=D4A3F90E159FFBCBC4F9740DE4B7F171 SIZE=36864
%PROGRAMFILES%\Analog Devices\SoundMAX\SMWDMIF.dll [Analog Devices, Inc.] [Audio Driver Interface Module] MD5=1A1446A35D0AB4D9CA462FCDF51CBF9D SIZE=266240
%PROGRAMFILES%\Opera\Opera.dll [Opera Software] [Opera Internet Browser] MD5=ED01B58CC963123D770701ECFC4A938E SIZE=3739648
deskpan.dll
%PROGRAMFILES%\WinRAR\rarext.dll MD5=023707D932BA31314210E6844D33D500 SIZE=129024
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=461F66F25460703B0F9A766A54DA7836 SIZE=344064
%SYSDIR%\drivers\aeaudio.sys [Andrea Electronics Corporation] [Andrea Audio Driver] MD5=9F59AE2DE835641FBB0C6AFD80D8FA9B SIZE=127872
%SYSDIR%\DRIVERS\AegisP.sys [Meetinghouse Data Communications] [AEGIS Client 3.4.3.0] MD5=2F7F3E8DA380325866E566F5D5EC23D5 SIZE=20747
%SYSDIR%\Drivers\ASAPIW2K.sys [Pinnacle Systems GmbH] [asapi] MD5=4F9CBBF95E8F7A0D4C0EDCFE3B78102E SIZE=11264
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\Drivers\BtHidBus.sys [IVT Corporation.] [Bluetooth HID BUS Driver] MD5=FCF500C9E89E193E038DCFCDBA6AA032 SIZE=21512
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\ialmnt5.sys [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows NT(R)] MD5=0ACEBB31989CBF9A5663FE4A33D28D21 SIZE=737874
%SYSDIR%\Drivers\IvtBtBus.sys [IVT Corporation.] [IVT Bluetooth Bus Device Driver] MD5=D53D7ED7D85A18B0CD4626B88B6DA52A SIZE=26248
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\svchost -k rpcss
%SYSDIR%\DRIVERS\rt73.sys [Ralink Technology, Corp.] [Ralink 802.11 Wireless Adapters] MD5=7436BFD3A542CF6FF55097200031B293 SIZE=245248
%SYSDIR%\drivers\senfilt.sys [Sensaura] MD5=BB596A578330AD794C6769B588AF6BB4 SIZE=392704
%SYSDIR%\drivers\smwdm.sys [Analog Devices, Inc.] [SoundMAX Digital Audio Driver] MD5=1319EA66A96250D59665D133C0FF7CD0 SIZE=220992
%SYSDIR%\Drivers\sptd.sys SIZE=717296
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\DRIVERS\VComm.sys [IVT Corporation.] [Bluetooth Serial Port Driver] MD5=0955553090E0A88614E5B8A02AF9324C SIZE=14856
%SYSDIR%\Drivers\VcommMgr.sys [IVT Corporation.] [Bluetooth VcommMgr Driver] MD5=EBF022EC5B0E15B4C225F28031E4123A SIZE=29960
%SYSDIR%\GTNDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=FC80052194D5708254A346568F0E77C0 SIZE=15872
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%SYSDIR%\skype4com.dll [Skype Technologies] [Skype4COM] MD5=5FA82F81EE911AD73B358D0B03371635 SIZE=1717848
%PROGRAMFILES%\Java\jre1.6.0_07\bin\JdbcOdbc.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=F708430AE09C4102933E24CD6D12780D SIZE=36352
%PROGRAMFILES%\Java\jre1.6.0_07\bin\dcpr.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=D6E7FFCD38ECDFE4BD8DCE29D8D1A654 SIZE=143360
%PROGRAMFILES%\Java\jre1.6.0_07\bin\ioser12.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=5CF15BC4493299F6645DB27B51278D2A SIZE=12800
%PROGRAMFILES%\Java\jre1.6.0_07\bin\javacpl.cpl [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=370716E3CA99E6A4346F272DA56017C1 SIZE=73728
%PROGRAMFILES%\Java\jre1.6.0_07\bin\policytool.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=1C0C6888952D9EC22A7B5C6FAD0E8160 SIZE=25600
%SYSDIR%\MFC71DEU.DLL [Microsoft Corporation] [Microsoft® Visual Studio .NET] MD5=C94D9D5B96D385586063093BAAD8F206 SIZE=65536
%SYSDIR%\tabctl32.ocx [Microsoft Corporation] [TabCtl32 Object Library] MD5=DC925B6D77BA9ECB532E2F6750BE943B SIZE=224016
End of Report
Suppression:
Préparation…
Supprimer Trojan.Dloader.Agent.ZFG
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
voila le rapport du scab
25 oct. 2008 à 01:35
Scan Time: 25/10/2008 01:31:21 length: 110 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 40727 (Critical:2)
Filter: No System items, No Safe items, No Invalid items
Running Processes
BlueSoleilCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
BsMobileCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
NMSAccessU.exe : C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe
StarWindServiceAE.exe [Rocket Division Software] : C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
WLService.exe [GEMTEKS] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
WUSB54GC.exe [Linksys] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
BsHelpCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
services.exe : C:\WINDOWS\services.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://fr.yahoo.com/
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = localhost
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
Toolbars
03 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run, DirectX For Microsoft® Windows : : C:\WINDOWS\system32\fservice.exe
04 - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, GinaDLL : [Gemtek] : C:\WINDOWS\system32\GTGina.dll
Shell Extensions
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
IEProtocolHandler Class - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - [Skype Technologies] : C:\WINDOWS\system32\skype4com.dll
Services
23 - [Andrea Electronics Corporation] : C:\WINDOWS\system32\drivers\aeaudio.sys
23 - [Meetinghouse Data Communications] : C:\WINDOWS\system32\DRIVERS\AegisP.sys
23 - [Pinnacle Systems GmbH] : C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\BtHidBus.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\IvtBtBus.sys
23 - : C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe
23 - [Ralink Technology, Corp.] : C:\WINDOWS\system32\DRIVERS\rt73.sys
23 - [Sensaura] : C:\WINDOWS\system32\drivers\senfilt.sys
23 - [Analog Devices, Inc.] : C:\WINDOWS\system32\drivers\smwdm.sys
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Rocket Division Software] : C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23 - [IVT Corporation.] : C:\WINDOWS\system32\DRIVERS\VComm.sys
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\VcommMgr.sys
23 - [GEMTEKS] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
23 - [Printing Communications Assoc., Inc. (PCAUSA)] : C:\WINDOWS\system32\GTNDIS5.SYS
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\WINDOWS\system32\igfxsrvc.dll
System Policies
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, HomePage : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, ConnectionsTab : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, Proxy : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, ResetWebSettings : :
Threat Files
<Trojan.Dloader.Agent.ZFG> : C:\WINDOWS\services.exe
<Backdoor.Prorat.bj> : C:\WINDOWS\system32\winkey.dll
Advanced Files Report
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [BlueSoleilCS Module] MD5=236308422E6773D7E939D721EF0A4131 SIZE=778240
%SYSDIR%\bstrace.dll [ivt] [ivt BsTrace] MD5=C09F55892B3D089AC4CE149568BE4112 SIZE=28760
%PROGRAMFILES%\IVT Corporation\BlueSoleil\setup.dll MD5=6ACC26C49EEBA9DF6578F106E8ED956E SIZE=102520
%SYSDIR%\BsHelpCSps.dll [IVT Corporation] [BlueSoleil] MD5=0AF6BFCE166E427B0215DFAE361D1966 SIZE=94314
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BsMobileCS.exe [BsMobileCS Module] MD5=9C2600C566BA40953FDF4D886D47FB94 SIZE=143467
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\svrpack.dll [IVT Software Technology lnc.] [Svrpack] MD5=3E49F44E7A2E94AB5EEE79353FE9062A SIZE=176206
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\BaseLib.dll MD5=37EB8B79B8973192C837FB5216930494 SIZE=237568
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\ExtraLib.dll MD5=9613E9DC9C30F4319342FAD2814A9C3C SIZE=61440
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\cscvt.dll MD5=E8335D896DECD1C1B7AD583411EC9F5D SIZE=41472
%PROGRAMFILES%\ALO SOFT\ALO CD BURNER\NMSAccessU.exe MD5=FD306FBCCE7ADB1077B709742E7148E9 SIZE=71096
%PROGRAMFILES%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [Rocket Division Software] [StarWind Alcohol Edition] MD5=B1691AF4A072CB674D600DB16DD7308E SIZE=275968
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe [GEMTEKS] [GEMTEKS WLService] MD5=CCFDECD6060EA8EB0F8466782A97FF21 SIZE=53307
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe [Linksys] [WUSB54GC] MD5=FF6A6CBA6EAFE6A2FD3D50B2364D9194 SIZE=5247488
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\Security.dll MD5=2DB998638EAE8055E5397C380D24EA62 SIZE=45056
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ProcNICs.dll [GemTek] [GemTek ProcNICs] MD5=9F7E762DAE91A8D01D9B1EDD6F034BB6 SIZE=36864
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\resWUSB54GC_US.dll [Linksys] [WUSB54GC] MD5=7C8E26F7B5EC39C405A44D74029D1104 SIZE=966656
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\aviWUSB54GC.dll [Linksys] [Version 1.0] MD5=EFEB0215329B1EB6D1B4135774CF4674 SIZE=429056
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\GEMWEP.DLL [WEP Dynamic Link Library] MD5=D59795CA678B7259917AE4EFE152C000 SIZE=110592
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\Ralinktek.DLL [GemTK] [GemTK Dynamic Link Library] MD5=9FC62518F5EED0B37582B61EBD366DC7 SIZE=81920
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\RM_DEV_CODE.dll [GEMTEKS] [GEMTEKS RM_DEV_CODE] MD5=C825A2C2C2FDE8E4D21D13B70AE2FFEB SIZE=40960
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\SES.dll [Linksys] [Linksys SES] MD5=D89F25194AB44961D980F87CA568691B SIZE=77824
%SYSDIR%\GTW32N50.dll MD5=3FBEF477816CEE3E1B67C18727837BF9 SIZE=94208
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ez54g.dll [ez54g Dynamic Link Library] MD5=6831C35A1B65BCD3813C9AE4AAA742E5 SIZE=122880
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ses_cl.dll MD5=7149A4A6431304C60757A3A65B42F96F SIZE=102400
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\0004\AegisE5.dll [Meetinghouse Data Communications] [AEGIS Client API] MD5=B308A8D9AC375D87320133E101288132 SIZE=1417307
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BsHelpCS.exe [BsHelpCS Module] MD5=76762D169FFC6727359FD58C8FC00487 SIZE=69735
%SYSDIR%\reginv.dll MD5=D4A3F90E159FFBCBC4F9740DE4B7F171 SIZE=36864
%PROGRAMFILES%\Analog Devices\SoundMAX\SMWDMIF.dll [Analog Devices, Inc.] [Audio Driver Interface Module] MD5=1A1446A35D0AB4D9CA462FCDF51CBF9D SIZE=266240
%PROGRAMFILES%\Opera\Opera.dll [Opera Software] [Opera Internet Browser] MD5=ED01B58CC963123D770701ECFC4A938E SIZE=3739648
deskpan.dll
%PROGRAMFILES%\WinRAR\rarext.dll MD5=023707D932BA31314210E6844D33D500 SIZE=129024
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=461F66F25460703B0F9A766A54DA7836 SIZE=344064
%SYSDIR%\drivers\aeaudio.sys [Andrea Electronics Corporation] [Andrea Audio Driver] MD5=9F59AE2DE835641FBB0C6AFD80D8FA9B SIZE=127872
%SYSDIR%\DRIVERS\AegisP.sys [Meetinghouse Data Communications] [AEGIS Client 3.4.3.0] MD5=2F7F3E8DA380325866E566F5D5EC23D5 SIZE=20747
%SYSDIR%\Drivers\ASAPIW2K.sys [Pinnacle Systems GmbH] [asapi] MD5=4F9CBBF95E8F7A0D4C0EDCFE3B78102E SIZE=11264
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\Drivers\BtHidBus.sys [IVT Corporation.] [Bluetooth HID BUS Driver] MD5=FCF500C9E89E193E038DCFCDBA6AA032 SIZE=21512
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\ialmnt5.sys [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows NT(R)] MD5=0ACEBB31989CBF9A5663FE4A33D28D21 SIZE=737874
%SYSDIR%\Drivers\IvtBtBus.sys [IVT Corporation.] [IVT Bluetooth Bus Device Driver] MD5=D53D7ED7D85A18B0CD4626B88B6DA52A SIZE=26248
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\svchost -k rpcss
%SYSDIR%\DRIVERS\rt73.sys [Ralink Technology, Corp.] [Ralink 802.11 Wireless Adapters] MD5=7436BFD3A542CF6FF55097200031B293 SIZE=245248
%SYSDIR%\drivers\senfilt.sys [Sensaura] MD5=BB596A578330AD794C6769B588AF6BB4 SIZE=392704
%SYSDIR%\drivers\smwdm.sys [Analog Devices, Inc.] [SoundMAX Digital Audio Driver] MD5=1319EA66A96250D59665D133C0FF7CD0 SIZE=220992
%SYSDIR%\Drivers\sptd.sys SIZE=717296
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\DRIVERS\VComm.sys [IVT Corporation.] [Bluetooth Serial Port Driver] MD5=0955553090E0A88614E5B8A02AF9324C SIZE=14856
%SYSDIR%\Drivers\VcommMgr.sys [IVT Corporation.] [Bluetooth VcommMgr Driver] MD5=EBF022EC5B0E15B4C225F28031E4123A SIZE=29960
%SYSDIR%\GTNDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=FC80052194D5708254A346568F0E77C0 SIZE=15872
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%SYSDIR%\skype4com.dll [Skype Technologies] [Skype4COM] MD5=5FA82F81EE911AD73B358D0B03371635 SIZE=1717848
%PROGRAMFILES%\Java\jre1.6.0_07\bin\JdbcOdbc.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=F708430AE09C4102933E24CD6D12780D SIZE=36352
%PROGRAMFILES%\Java\jre1.6.0_07\bin\dcpr.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=D6E7FFCD38ECDFE4BD8DCE29D8D1A654 SIZE=143360
%PROGRAMFILES%\Java\jre1.6.0_07\bin\ioser12.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=5CF15BC4493299F6645DB27B51278D2A SIZE=12800
%PROGRAMFILES%\Java\jre1.6.0_07\bin\javacpl.cpl [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=370716E3CA99E6A4346F272DA56017C1 SIZE=73728
%PROGRAMFILES%\Java\jre1.6.0_07\bin\policytool.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=1C0C6888952D9EC22A7B5C6FAD0E8160 SIZE=25600
%SYSDIR%\MFC71DEU.DLL [Microsoft Corporation] [Microsoft® Visual Studio .NET] MD5=C94D9D5B96D385586063093BAAD8F206 SIZE=65536
%SYSDIR%\tabctl32.ocx [Microsoft Corporation] [TabCtl32 Object Library] MD5=DC925B6D77BA9ECB532E2F6750BE943B SIZE=224016
End of Report
Suppression:
Préparation…
Supprimer Trojan.Dloader.Agent.ZFG
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
voila le rapport du scab
25 oct. 2008 à 01:35
Scan Time: 25/10/2008 01:31:21 length: 110 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 40727 (Critical:2)
Filter: No System items, No Safe items, No Invalid items
Running Processes
BlueSoleilCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
BsMobileCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
NMSAccessU.exe : C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe
StarWindServiceAE.exe [Rocket Division Software] : C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
WLService.exe [GEMTEKS] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
WUSB54GC.exe [Linksys] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
BsHelpCS.exe : C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
services.exe : C:\WINDOWS\services.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://fr.yahoo.com/
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = localhost
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
Toolbars
03 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - [Microsoft Corporation] : C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run, DirectX For Microsoft® Windows : : C:\WINDOWS\system32\fservice.exe
04 - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, GinaDLL : [Gemtek] : C:\WINDOWS\system32\GTGina.dll
Shell Extensions
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
IEProtocolHandler Class - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - [Skype Technologies] : C:\WINDOWS\system32\skype4com.dll
Services
23 - [Andrea Electronics Corporation] : C:\WINDOWS\system32\drivers\aeaudio.sys
23 - [Meetinghouse Data Communications] : C:\WINDOWS\system32\DRIVERS\AegisP.sys
23 - [Pinnacle Systems GmbH] : C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
23 - : C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\BtHidBus.sys
23 - [Intel Corporation] : C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\IvtBtBus.sys
23 - : C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe
23 - [Ralink Technology, Corp.] : C:\WINDOWS\system32\DRIVERS\rt73.sys
23 - [Sensaura] : C:\WINDOWS\system32\drivers\senfilt.sys
23 - [Analog Devices, Inc.] : C:\WINDOWS\system32\drivers\smwdm.sys
23 - : C:\WINDOWS\system32\Drivers\sptd.sys
23 - [Rocket Division Software] : C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23 - [IVT Corporation.] : C:\WINDOWS\system32\DRIVERS\VComm.sys
23 - [IVT Corporation.] : C:\WINDOWS\system32\Drivers\VcommMgr.sys
23 - [GEMTEKS] : C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
23 - [Printing Communications Assoc., Inc. (PCAUSA)] : C:\WINDOWS\system32\GTNDIS5.SYS
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\WINDOWS\system32\igfxsrvc.dll
System Policies
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, HomePage : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, ConnectionsTab : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, Proxy : :
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\, ResetWebSettings : :
Threat Files
<Trojan.Dloader.Agent.ZFG> : C:\WINDOWS\services.exe
<Backdoor.Prorat.bj> : C:\WINDOWS\system32\winkey.dll
Advanced Files Report
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [BlueSoleilCS Module] MD5=236308422E6773D7E939D721EF0A4131 SIZE=778240
%SYSDIR%\bstrace.dll [ivt] [ivt BsTrace] MD5=C09F55892B3D089AC4CE149568BE4112 SIZE=28760
%PROGRAMFILES%\IVT Corporation\BlueSoleil\setup.dll MD5=6ACC26C49EEBA9DF6578F106E8ED956E SIZE=102520
%SYSDIR%\BsHelpCSps.dll [IVT Corporation] [BlueSoleil] MD5=0AF6BFCE166E427B0215DFAE361D1966 SIZE=94314
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BsMobileCS.exe [BsMobileCS Module] MD5=9C2600C566BA40953FDF4D886D47FB94 SIZE=143467
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\svrpack.dll [IVT Software Technology lnc.] [Svrpack] MD5=3E49F44E7A2E94AB5EEE79353FE9062A SIZE=176206
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\BaseLib.dll MD5=37EB8B79B8973192C837FB5216930494 SIZE=237568
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\ExtraLib.dll MD5=9613E9DC9C30F4319342FAD2814A9C3C SIZE=61440
%PROGRAMFILES%\IVT CORPORATION\BLUESOLEIL\MOBILE\cscvt.dll MD5=E8335D896DECD1C1B7AD583411EC9F5D SIZE=41472
%PROGRAMFILES%\ALO SOFT\ALO CD BURNER\NMSAccessU.exe MD5=FD306FBCCE7ADB1077B709742E7148E9 SIZE=71096
%PROGRAMFILES%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [Rocket Division Software] [StarWind Alcohol Edition] MD5=B1691AF4A072CB674D600DB16DD7308E SIZE=275968
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe [GEMTEKS] [GEMTEKS WLService] MD5=CCFDECD6060EA8EB0F8466782A97FF21 SIZE=53307
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe [Linksys] [WUSB54GC] MD5=FF6A6CBA6EAFE6A2FD3D50B2364D9194 SIZE=5247488
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\Security.dll MD5=2DB998638EAE8055E5397C380D24EA62 SIZE=45056
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ProcNICs.dll [GemTek] [GemTek ProcNICs] MD5=9F7E762DAE91A8D01D9B1EDD6F034BB6 SIZE=36864
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\resWUSB54GC_US.dll [Linksys] [WUSB54GC] MD5=7C8E26F7B5EC39C405A44D74029D1104 SIZE=966656
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\aviWUSB54GC.dll [Linksys] [Version 1.0] MD5=EFEB0215329B1EB6D1B4135774CF4674 SIZE=429056
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\GEMWEP.DLL [WEP Dynamic Link Library] MD5=D59795CA678B7259917AE4EFE152C000 SIZE=110592
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\Ralinktek.DLL [GemTK] [GemTK Dynamic Link Library] MD5=9FC62518F5EED0B37582B61EBD366DC7 SIZE=81920
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\RM_DEV_CODE.dll [GEMTEKS] [GEMTEKS RM_DEV_CODE] MD5=C825A2C2C2FDE8E4D21D13B70AE2FFEB SIZE=40960
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\SES.dll [Linksys] [Linksys SES] MD5=D89F25194AB44961D980F87CA568691B SIZE=77824
%SYSDIR%\GTW32N50.dll MD5=3FBEF477816CEE3E1B67C18727837BF9 SIZE=94208
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ez54g.dll [ez54g Dynamic Link Library] MD5=6831C35A1B65BCD3813C9AE4AAA742E5 SIZE=122880
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\ses_cl.dll MD5=7149A4A6431304C60757A3A65B42F96F SIZE=102400
%PROGRAMFILES%\Compact Wireless-G USB Adapter Wireless Network Monitor\0004\AegisE5.dll [Meetinghouse Data Communications] [AEGIS Client API] MD5=B308A8D9AC375D87320133E101288132 SIZE=1417307
%PROGRAMFILES%\IVT Corporation\BlueSoleil\BsHelpCS.exe [BsHelpCS Module] MD5=76762D169FFC6727359FD58C8FC00487 SIZE=69735
%SYSDIR%\reginv.dll MD5=D4A3F90E159FFBCBC4F9740DE4B7F171 SIZE=36864
%PROGRAMFILES%\Analog Devices\SoundMAX\SMWDMIF.dll [Analog Devices, Inc.] [Audio Driver Interface Module] MD5=1A1446A35D0AB4D9CA462FCDF51CBF9D SIZE=266240
%PROGRAMFILES%\Opera\Opera.dll [Opera Software] [Opera Internet Browser] MD5=ED01B58CC963123D770701ECFC4A938E SIZE=3739648
deskpan.dll
%PROGRAMFILES%\WinRAR\rarext.dll MD5=023707D932BA31314210E6844D33D500 SIZE=129024
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=461F66F25460703B0F9A766A54DA7836 SIZE=344064
%SYSDIR%\drivers\aeaudio.sys [Andrea Electronics Corporation] [Andrea Audio Driver] MD5=9F59AE2DE835641FBB0C6AFD80D8FA9B SIZE=127872
%SYSDIR%\DRIVERS\AegisP.sys [Meetinghouse Data Communications] [AEGIS Client 3.4.3.0] MD5=2F7F3E8DA380325866E566F5D5EC23D5 SIZE=20747
%SYSDIR%\Drivers\ASAPIW2K.sys [Pinnacle Systems GmbH] [asapi] MD5=4F9CBBF95E8F7A0D4C0EDCFE3B78102E SIZE=11264
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\Drivers\BtHidBus.sys [IVT Corporation.] [Bluetooth HID BUS Driver] MD5=FCF500C9E89E193E038DCFCDBA6AA032 SIZE=21512
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\ialmnt5.sys [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows NT(R)] MD5=0ACEBB31989CBF9A5663FE4A33D28D21 SIZE=737874
%SYSDIR%\Drivers\IvtBtBus.sys [IVT Corporation.] [IVT Bluetooth Bus Device Driver] MD5=D53D7ED7D85A18B0CD4626B88B6DA52A SIZE=26248
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\svchost -k rpcss
%SYSDIR%\DRIVERS\rt73.sys [Ralink Technology, Corp.] [Ralink 802.11 Wireless Adapters] MD5=7436BFD3A542CF6FF55097200031B293 SIZE=245248
%SYSDIR%\drivers\senfilt.sys [Sensaura] MD5=BB596A578330AD794C6769B588AF6BB4 SIZE=392704
%SYSDIR%\drivers\smwdm.sys [Analog Devices, Inc.] [SoundMAX Digital Audio Driver] MD5=1319EA66A96250D59665D133C0FF7CD0 SIZE=220992
%SYSDIR%\Drivers\sptd.sys SIZE=717296
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\DRIVERS\VComm.sys [IVT Corporation.] [Bluetooth Serial Port Driver] MD5=0955553090E0A88614E5B8A02AF9324C SIZE=14856
%SYSDIR%\Drivers\VcommMgr.sys [IVT Corporation.] [Bluetooth VcommMgr Driver] MD5=EBF022EC5B0E15B4C225F28031E4123A SIZE=29960
%SYSDIR%\GTNDIS5.SYS [Printing Communications Assoc., Inc. (PCAUSA)] [PCAUSA Rawether for Windows] MD5=FC80052194D5708254A346568F0E77C0 SIZE=15872
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%SYSDIR%\skype4com.dll [Skype Technologies] [Skype4COM] MD5=5FA82F81EE911AD73B358D0B03371635 SIZE=1717848
%PROGRAMFILES%\Java\jre1.6.0_07\bin\JdbcOdbc.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=F708430AE09C4102933E24CD6D12780D SIZE=36352
%PROGRAMFILES%\Java\jre1.6.0_07\bin\dcpr.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=D6E7FFCD38ECDFE4BD8DCE29D8D1A654 SIZE=143360
%PROGRAMFILES%\Java\jre1.6.0_07\bin\ioser12.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=5CF15BC4493299F6645DB27B51278D2A SIZE=12800
%PROGRAMFILES%\Java\jre1.6.0_07\bin\javacpl.cpl [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=370716E3CA99E6A4346F272DA56017C1 SIZE=73728
%PROGRAMFILES%\Java\jre1.6.0_07\bin\policytool.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=1C0C6888952D9EC22A7B5C6FAD0E8160 SIZE=25600
%SYSDIR%\MFC71DEU.DLL [Microsoft Corporation] [Microsoft® Visual Studio .NET] MD5=C94D9D5B96D385586063093BAAD8F206 SIZE=65536
%SYSDIR%\tabctl32.ocx [Microsoft Corporation] [TabCtl32 Object Library] MD5=DC925B6D77BA9ECB532E2F6750BE943B SIZE=224016
End of Report
Suppression:
Préparation…
Supprimer Trojan.Dloader.Agent.ZFG
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
Fin du processus: 772
voila le rapport du scan
25 oct. 2008 à 02:22