Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Je me suis prise un Virus > Internet antivirus Pro....Peut

sarahb

Par sarahb
dans Analyses et éradication malwares

 Partager

Messages recommandés

angelique Devil Member !

angelique

Posté(e)
Posté(e)

donc si je comprends bien , dans C:\Documents and Settings\JPR\Local Settings\Application Data\Microsoft\Windows\ tu as 2 fichiers ;

 

log.txt et pguard.ini (Internet Antivirus Pro est un rogue (faux anti-spyware) qui s'installe sans permission) ??

 

•Télécharger SystemLook à partir d'un des liens ci dessous sur ton Bureau.

Download Mirror

Download Mirror #2

  • Double-click SystemLook.exe pour le lançer.
  • Clic droit|copier le contenu du cadre ci dessous ,et clic droit|coller dans le cadre blanc de SystemLook:
     
    :dir
C:\Documents and Settings\JPR\Local Settings\Application Data\Microsoft\Windows /s
:reg
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services


     

  • Click le bouton Look pour commencer le scan.
  • opie-colle dans ta prochaine réponse le rapport\contenu du fichier texte qui s'affiche

Note: Le rapport peut aussi être trouvé sur ton Bureau nommé SystemLook.txt

sarahb Junior Member

sarahb

Posté(e)
  • Auteur
Posté(e)

Voici le rapport, il y a 4 fichiers comme mis ci-dessous!

 

 

SystemLook v1.0 by jpshortstuff (02.03.09)

Log created at 10:58 on 14/04/2009 by JPR (Administrator - Elevation successful)

 

========== dir ==========

 

C:\Documents and Settings\JPR\Local Settings\Application Data\Microsoft\Windows - Parameters: "/s"

 

---Files---

log.txt --a--- 691779 bytes [13:16 08/04/2009] [07:46 10/04/2009]

pguard.ini ---h-- 149 bytes [13:16 08/04/2009] [07:21 10/04/2009]

UsrClass.dat --ah-- 262144 bytes [14:44 24/01/2007] [14:08 10/04/2009]

UsrClass.dat.LOG --ah-- 1024 bytes [14:44 24/01/2007] [08:57 14/04/2009]

 

No folders found.

 

========== reg ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

(No values found)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\.NET CLR Data]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\.NET CLR Networking]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\.NET Data Provider for Oracle]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\.NET Data Provider for SqlServer]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\.NETFramework]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Abiosdsk]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\abp480n5]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ACPI]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ACPIEC]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Adobe Version Cue CS3]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adpu160m]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aec]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AegisP]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\agp440]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\agpCPQ]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Aha154x]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aic78u2]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aic78xx]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aksfridge]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\akshasp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\akshhl]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aksusb]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALG]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AliIde]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\alim1541]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdagp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amsint]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ApfiltrService]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APPDRV]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Arp1394]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3350p]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3550]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ASP.NET]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ASP.NET_1.1.4322]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ASP.NET_2.0.50727]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspnet_state]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aswTdi]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AsyncMac]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Atdisk]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Atmarpc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AudioSrv]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\audstub]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVG]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avg8emc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avg8wd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgLdx86]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgMfx86]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgTdiX]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\b57w2k]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BattC]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Beep]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bonjour Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cbidf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cbidf2k]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cd20xrnt]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdaudio]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdfs]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Changer]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CiSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ClipSrv]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clr_optimization_v2.0.50727_32]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmBatt]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmdIde]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Compbatt]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\COMSysApp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ContentFilter]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ContentIndex]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cpqarray]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Crypkey License]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dac2w2k]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dac960nt]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DcomLaunch]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Disk]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DLABOIOM]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DLACDBHM]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DLADResN]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DLAIFS_M]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DLAOPIOM]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DLAPoolM]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DLARTL_N]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DLAUDFAM]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DLAUDF_M]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmadmin]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmboot]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmio]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmload]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmserver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DMusic]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dot3svc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dpti2o]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\drmkaud]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DRVMCDB]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DRVNDDM]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DSproct]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\E100B]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EapHost]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventSystem]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EvtEng]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Fastfat]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FastUserSwitchingCompatibility]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Fax]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Fdc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Fips]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FLEXnet Licensing Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Flpydisk]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FltMgr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache3.0.0.0]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Fs_Rec]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ftdisk]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Gpc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Hardlock]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hasplms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HDAudBus]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\helpsvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidServ]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidUsb]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hkmsvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hpn]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HSF_DPV]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HSXHWAZL]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTPFilter]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i2omgmt]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i2omp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ialm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\idsvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Imapi]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ImapiService]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\inetaccs]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ini910u]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Inport]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IntelIde]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ip6Fw]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IpFilterDriver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IpInIp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IpNat]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IRENUM]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ISAPISearch]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\isapnp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Kbdclass]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KLIF]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kmixer]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KSecDD]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lbrtfdc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ldap]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LicenseService]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LmHosts]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LPDSVC]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mdmxsdk]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mnmdd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mnmsrvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Modem]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mouclass]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mouhid]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MountMgr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mraid35x]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MRxDAV]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MRxSmb]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSDTC]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSDTC Bridge 3.0.0.0]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Msfs]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSIServer]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSKSSRV]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSPCLOCK]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSPQM]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mssmbios]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSSQL$SQLEXPRESS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSSQLServerADHelper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mup]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\napagent]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NBService]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NDIS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisTapi]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ndisuio]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisWan]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NDProxy]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBIOS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDE]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDEdsdm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netman]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetTcpPortSharing]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetworkX]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NIC1394]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NICCONFIGSVC]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Nla]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NMIndexingService]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Npfs]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ntfs]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtLmSsp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtmsSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Null]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nv]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NwlnkFlt]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NwlnkFwd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\odserv]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ohci1394]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ose]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Parport]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PartMgr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ParVdm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCI]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCIDump]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCIIde]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pcmcia]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PDCOMP]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PDFRAME]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PDRELI]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PDRFRAME]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\perc2]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\perc2hib]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PerfDisk]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PerfNet]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PerfOS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PerfProc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PlugPlay]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PptpMiniport]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ProtectedStorage]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PSched]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ptilink]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PxHelp20]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ql1080]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ql10wnt]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ql12160]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ql1240]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ql1280]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAcd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAuto]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rasl2tp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasPppoe]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Raspti]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rdbss]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPCDD]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPDD]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdpdr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPNP]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPWD]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDSessMgr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\redbook]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RegSrvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcLocator]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RSVP]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\S24EventMonitor]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s24trans]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SamSs]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCardSvr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ScsiPort]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Secdrv]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SENS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\serenum]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Serial]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ServiceModelEndpoint 3.0.0.0]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ServiceModelOperation 3.0.0.0]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ServiceModelService 3.0.0.0]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sfloppy]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShellHWDetection]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Simbad]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sisagp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SMSvcHost 3.0.0.0]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sparrow]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\splitter]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Spooler]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SQLBrowser]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SQLWriter]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srescan]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srservice]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Srv]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSDPSRV]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\STHDA]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\stisvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swenum]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swmidi]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SwPrv]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swwd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\symc810]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\symc8xx]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sym_hi]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sym_u3]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysaudio]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysmonLog]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TapiSrv]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcsd_win32.exe]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDPIPE]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDTCP]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermDD]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TMCClearCanvasServer]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmcomm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TMCSocketServer]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TosIde]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrkWks]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TSDDD]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Udfs]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ultra]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UMWdf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\upnphost]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UPS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usb]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBCCID]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbehci]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbhub]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbuhci]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VgaSave]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\viaagp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ViaIde]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VolSnap]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vsdatant]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vsmon]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\w32time]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\w39n51]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wanarp]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDICA]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wdmaud]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winachsf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Workflow Foundation 3.0.0.0]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winmgmt]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinTrust]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WLANKEEPER]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmdmPmSN]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wmi]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiAcpi]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiApRpl]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiApSrv]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WS2IFSL]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WZCSVC]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xmlprov]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{5765F3CC-450E-47FA-808B-02C0D6D3B7BA}]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{F7C10EB9-4A0B-4193-8A59-445E72846C5B}]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{FE9568C1-0ABD-466E-91E0-A98B21490A26}]

 

 

-=End Of File=-

angelique Devil Member !

angelique

Posté(e)
Posté(e)

• ok tu supprimes les 2 fichiers là uniquement:

 

log.txt --a--- 691779 bytes [13:16 08/04/2009] [07:46 10/04/2009]

pguard.ini ---h-- 149 bytes [13:16 08/04/2009] [07:21 10/04/2009]

 

• et pour supprimer le service O23 - Service: Guard Service (ITGrdEngine) - Unknown owner - C:\Documents and Settings\JPR\Local Settings\Application Data\Microsoft\Windows\services.exe (file missing)

 

correspondant à [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine]

 

tu telecharges http://mail.ustc.edu.cn/~jfpan/download/IceSword122en.zip

 

dezippe le fichier , lance IceSword.exe , onglet registry , deroule le registre

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine <-- clic droit dessus et choisi delete

 

ATTENTION , ne supprime que la valeur en gras /!\ ci dessus

 

1239697957-ices.jpg

http://imagesup.org/images/1239697957-ices.jpg

 

la ligne O23 dans HijackThis aura donc disparu.

sarahb Junior Member

sarahb

Posté(e)
  • Auteur
Posté(e) (modifié)

Merci!!

 

J'ai fait ce que tu as dit et voici le rapport hijackthis,

 

Logfile of HijackThis v1.99.1

Scan saved at 11:26:51, on 14/04/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\crypserv.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\system32\hasplms.exe

C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Medipattern\B-CAD\Server\Release\ClearCanvas.ImageServer.ShredHostService.exe

C:\Program Files\Medipattern\B-CAD\Server\Release\SocoService.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Apoint\HidFind.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe

C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

c:\program files\fichiers communs\installshield\updateservice\isuspm.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\ESTsoft\ALZip\ALZip.exe

C:\Documents and Settings\JPR\Local Settings\temp\_AZTMP0_\Exec\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=5070103

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=5070103

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://configuration.adsl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1193390215718

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {B0A2C7FC-8666-44D6-A990-2FCE3B933341} (ING Bank Autorisatiescherm) - https://secure.ingbank.nl/download/DigiSign.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Adobe Version Cue CS3 - Unknown owner - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing)

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe

O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: NTRU Hybrid TSS v2.0.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe

O23 - Service: B-CAD's ClearCanvas Image Server Shred Host Service (TMCClearCanvasServer) - Unknown owner - C:\Program Files\Medipattern\B-CAD\Server\Release\ClearCanvas.ImageServer.ShredHostService.exe

O23 - Service: B-CAD Socket Service (TMCSocketServer) - The Medipattern Corporation - C:\Program Files\Medipattern\B-CAD\Server\Release\SocoService.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

 

je vais terminer en passant le cleaner et en supprimant combo fix! ya -t-il encore quelquechose de louche?

Modifié par sarahb
angelique Devil Member !

angelique

Posté(e)
Posté(e)

Tu peux terminer comme j'ai dis précedemment .

 

et supprime: c:\documents and settings\JPR\Application Data\VirusRemover2009

 

2 points important/!\

 

• mettre à jour ta console javasun:

 

Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.

 

Tuto:

http://www.libellules.ch/dotclear/index.ph.../13/2689-javara

 

http://switch.dl.sourceforge.net/sourcefor...vara/JavaRa.zip

 

 

http://raproducts.org/click/click.php?id=1

 

* Décompresse le fichier sur le bureau (clic droit > Extraire tout)

* Double-cliquer sur le répertoire JavaRa.

* Puis double-cliquer sur le fichier JavaRa.exe (le exe peut ne pas s'afficher)

* Clique sur Search For Updates.

* Sélectionner Update Using jucheck.exe puis cliquer sur Search.

* Autorise le processus à se connecter s'il le demande, cliquer sur Install et suivre les instructions d'installation qui prennent quelques minutes.

* L'installation est terminée, revenez à l'écran de JavaRa et clique sur Remove Older Versions.

* Clique sur Oui pour confirmer. Laisse travailler et cliquez ensuite sur Ok, puis une deuxième fois sur Ok.

* Un rapport va s'ouvrir à copier-coller dans la prochaine réponse.

* Fermer l'application

 

 

Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log .

 

• acrobat pas à jour=danger si tu ouvres des pdf piégés sur internet:

http://forum.malekal.com/viewtopic.php?f=33&t=13629

sarahb Junior Member

sarahb

Posté(e)
  • Auteur
Posté(e)

tout va bien \o/ pas une detection dans AVG! merci!

 

voici le rapport JavaRa:

 

JavaRa 1.13 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Tue Apr 14 12:13:03 2009

 

Found and removed: C:\Program Files\Java\jre1.5.0_06

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...