| PC infecté et virus persistants, ralentissement | |
|
|
Auteur | Message |
---|
cyrilledouk Membre
Nombre de messages : 6 Age : 52 Localisation : paris Système d\'exploitation * : windows XP Date d'inscription : 16/04/2009
| Sujet: PC infecté et virus persistants, ralentissement Ven 17 Avr - 11:49:13 | |
| Un grand Merci pour ce forum d'aide, qui résolvera peut-être mon problème : en dépit de mon antivirus à jour MacAfee, deux virus ne sont pas supprimables : Prc Viewer et Generic PUP. J'ai suivi à la lettre les instructions (claires et nettes!) pour le téléchargement et la renomination de HjackThis, et le rapport de Hijack semble excéder la limite de la taille autorisée des messages??? Que faire? cordialement. C.D. | |
|
| |
geoffrey5 Admin
Nombre de messages : 1849 Age : 43 Localisation : Liège - Belgique Système d\'exploitation * : XP IBM processeur Intel Celeron 2.4ghz 1.5GB RAM Date d'inscription : 28/07/2008
| Sujet: Re: PC infecté et virus persistants, ralentissement Ven 17 Avr - 11:51:47 | |
| Bonjour Cyril, Essaye de l'envoyer dans ton prochain message... Et si il ne passe pas, envois-le en 2 fois ++ | |
|
| |
cyrilledouk Membre
Nombre de messages : 6 Age : 52 Localisation : paris Système d\'exploitation * : windows XP Date d'inscription : 16/04/2009
| Sujet: pc infecté, la suite... 1ère partie. Ven 17 Avr - 13:06:13 | |
| merci encore de ton attention et de ces premiers conseils : ci après le rapport, en espérant qu'il passe - 1ère partie - ? très cordialement. C.D.
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:16:34, on 16/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal
Running processes: C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\smss.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\winlogon.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\services.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\lsass.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\svchost.exe C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\svchost.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\svchost.exe C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\EvtEng.exe C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\S24EvMon.exe C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\WLKeeper.exe C:\\\\\\\\WINDOWS\\\\\\\\Explorer.EXE C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\ctfmon.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\spoolsv.exe C:\\\\\\\\Program Files\\\\\\\\Common Files\\\\\\\\Apple\\\\\\\\Mobile Device Support\\\\\\\\bin\\\\\\\\AppleMobileDeviceService.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\AvidSDMService.exe C:\\\\\\\\Program Files\\\\\\\\Bonjour\\\\\\\\mDNSResponder.exe C:\\\\\\\\Program Files\\\\\\\\Wave Systems Corp\\\\\\\\Common\\\\\\\\DataServer.exe C:\\\\\\\\Program Files\\\\\\\\Digidesign\\\\\\\\Drivers\\\\\\\\MMERefresh.exe C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Norton Ghost 2003\\\\\\\\GhostStartService.exe
| |
|
| |
cyrilledouk Membre
Nombre de messages : 6 Age : 52 Localisation : paris Système d\'exploitation * : windows XP Date d'inscription : 16/04/2009
| Sujet: Re: PC infecté et virus persistants, ralentissement Ven 17 Avr - 13:07:38 | |
| 2ème partie...
C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\jqs.exe C:\\\\\\\\Program Files\\\\\\\\McAfee\\\\\\\\SiteAdvisor\\\\\\\\McSACore.exe C:\\\\\\\\PROGRA~1\\\\\\\\McAfee\\\\\\\\MSC\\\\\\\\mcmscsvc.exe c:\\\\\\\\PROGRA~1\\\\\\\\COMMON~1\\\\\\\\mcafee\\\\\\\\mna\\\\\\\\mcnasvc.exe c:\\\\\\\\PROGRA~1\\\\\\\\COMMON~1\\\\\\\\mcafee\\\\\\\\mcproxy\\\\\\\\mcproxy.exe C:\\\\\\\\PROGRA~1\\\\\\\\McAfee\\\\\\\\VIRUSS~1\\\\\\\\mcshield.exe C:\\\\\\\\Program Files\\\\\\\\McAfee\\\\\\\\MPF\\\\\\\\MPFSrv.exe C:\\\\\\\\Program Files\\\\\\\\Dell\\\\\\\\QuickSet\\\\\\\\NICCONFIGSVC.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\nvsvc32.exe C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\RegSrvc.exe C:\\\\\\\\Program Files\\\\\\\\Dell Support Center\\\\\\\\bin\\\\\\\\sprtsvc.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\svchost.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\Tablet.exe C:\\\\\\\\Program Files\\\\\\\\NTRU Cryptosystems\\\\\\\\NTRU Hybrid TSS v2.0.25\\\\\\\\bin\\\\\\\\tcsd_win32.exe c:\\\\\\\\PROGRA~1\\\\\\\\mcafee.com\\\\\\\\agent\\\\\\\\mcagent.exe C:\\\\\\\\Program Files\\\\\\\\Apoint\\\\\\\\Apoint.exe C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\rundll32.exe C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\jusched.exe C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\bin\\\\\\\\ZCfgSvc.exe C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\ifrmewrk.exe C:\\\\\\\\WINDOWS\\\\\\\\stsystra.exe C:\\\\\\\\Program Files\\\\\\\\Wave Systems Corp\\\\\\\\Services Manager\\\\\\\\DocMgr\\\\\\\\bin\\\\\\\\docmgr.exe C:\\\\\\\\Program Files\\\\\\\\Dell\\\\\\\\QuickSet\\\\\\\\quickset.exe C:\\\\\\\\Program Files\\\\\\\\CyberLink\\\\\\\\PowerDVD\\\\\\\\DVDLauncher.exe C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\DLA\\\\\\\\DLACTRLW.EXE C:\\\\\\\\Program Files\\\\\\\\Apoint\\\\\\\\HidFind.exe C:\\\\\\\\Program Files\\\\\\\\Apoint\\\\\\\\Apntex.exe C:\\\\\\\\Program Files\\\\\\\\Common Files\\\\\\\\InstallShield\\\\\\\\UpdateService\\\\\\\\issch.exe C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Norton Ghost 2003\\\\\\\\GhostStartTrayApp.exe C:\\\\\\\\Program Files\\\\\\\\Google\\\\\\\\Google Desktop Search\\\\\\\\GoogleDesktop.exe C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\spool\\\\\\\\DRIVERS\\\\\\\\W32X86\\\\\\\\3\\\\\\\\E_S4I2S1.EXE C:\\\\\\\\PROGRA~1\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\Dot1XCfg.exe C:\\\\\\\\Program Files\\\\\\\\Prolific\\\\\\\\One Button\\\\\\\\OneBtn.exe C:\\\\\\\\Program Files\\\\\\\\Dell Support Center\\\\\\\\bin\\\\\\\\sprtcmd.exe C:\\\\\\\\Program Files\\\\\\\\Philips\\\\\\\\Philips Device Manager\\\\\\\\Bin\\\\\\\\DeviceManager.exe C:\\\\\\\\Program Files\\\\\\\\Common Files\\\\\\\\Real\\\\\\\\Update_OB\\\\\\\\realsched.exe C:\\\\\\\\Program Files\\\\\\\\iTunes\\\\\\\\iTunesHelper.exe C:\\\\\\\\Program Files\\\\\\\\NetWaiting\\\\\\\\netWaiting.exe C:\\\\\\\\Program Files\\\\\\\\Google\\\\\\\\Google Desktop Search\\\\\\\\GoogleDesktop.exe C:\\\\\\\\Program Files\\\\\\\\Google\\\\\\\\GoogleToolbarNotifier\\\\\\\\GoogleToolbarNotifier.exe C:\\\\\\\\Program Files\\\\\\\\Veoh Networks\\\\\\\\Veoh\\\\\\\\VeohClient.exe C:\\\\\\\\Program Files\\\\\\\\Veoh Networks\\\\\\\\VeohWebPlayer\\\\\\\\veohwebplayer.exe C:\\\\\\\\Program Files\\\\\\\\Digital Line Detect\\\\\\\\DLG.exe C:\\\\\\\\Program Files\\\\\\\\Wave Systems Corp\\\\\\\\Services Manager\\\\\\\\Secure Update\\\\\\\\AutoUpdate.exe C:\\\\\\\\Program Files\\\\\\\\Wacom\\\\\\\\TabUserW.exe C:\\\\\\\\Program Files\\\\\\\\WinZip\\\\\\\\WZQKPICK.EXE C:\\\\\\\\Program Files\\\\\\\\OpenOffice.org 3\\\\\\\\program\\\\\\\\soffice.exe C:\\\\\\\\Program Files\\\\\\\\OpenOffice.org 3\\\\\\\\program\\\\\\\\soffice.bin C:\\\\\\\\Program Files\\\\\\\\Mozilla Firefox\\\\\\\\firefox.exe C:\\\\\\\\Program Files\\\\\\\\iPod\\\\\\\\bin\\\\\\\\iPodService.exe C:\\\\\\\\PROGRA~1\\\\\\\\McAfee\\\\\\\\VIRUSS~1\\\\\\\\mcsysmon.exe C:\\\\\\\\Program Files\\\\\\\\Trend Micro\\\\\\\\HijackThis\\\\\\\\HJT.exe
| |
|
| |
cyrilledouk Membre
Nombre de messages : 6 Age : 52 Localisation : paris Système d\'exploitation * : windows XP Date d'inscription : 16/04/2009
| Sujet: 3ème partie Ven 17 Avr - 13:09:11 | |
| R0 - HKCU\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Internet Explorer\\\\\\\\Main,Start Page = http://www.google.fr/ R1 - HKLM\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Internet Explorer\\\\\\\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Internet Explorer\\\\\\\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Internet Explorer\\\\\\\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Internet Explorer\\\\\\\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\\\\\\\\Software\\\\\\\\Microsoft\\\\\\\\Windows\\\\\\\\CurrentVersion\\\\\\\\Internet Settings,ProxyOverride = *.local O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\\\\\\\Program Files\\\\\\\\Common Files\\\\\\\\Adobe\\\\\\\\Acrobat\\\\\\\\ActiveX\\\\\\\\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\\\\\\\\Program Files\\\\\\\\Real\\\\\\\\RealPlayer\\\\\\\\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {44218730-94E0-4b24-BBF0-C3D8B2BCE2C3} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\DLA\\\\\\\\DLASHX_W.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\\\\\\\\PROGRA~1\\\\\\\\mcafee\\\\\\\\VIRUSS~1\\\\\\\\scriptsn.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\\\\\\\\program files\\\\\\\\google\\\\\\\\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\\\\\\\\Program Files\\\\\\\\Google\\\\\\\\GoogleToolbarNotifier\\\\\\\\5.1.1309.3572\\\\\\\\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\\\\\\\\PROGRA~1\\\\\\\\mcafee\\\\\\\\SITEAD~1\\\\\\\\mcieplg.dll O2 - BHO: (no name) - {D763F18B-996D-444E-AC45-1149E9FE2767} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\lib\\\\\\\\deploy\\\\\\\\jqs\\\\\\\\ie\\\\\\\\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\\\\\\\\Program Files\\\\\\\\EPSON\\\\\\\\EPSON Web-To-Page\\\\\\\\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\\\\\\\\program files\\\\\\\\google\\\\\\\\googletoolbar1.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\\\\\\\\Program Files\\\\\\\\EPSON\\\\\\\\EPSON Web-To-Page\\\\\\\\EPSON Web-To-Page.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\\\\\\\\Program Files\\\\\\\\Veoh Networks\\\\\\\\Veoh\\\\\\\\Plugins\\\\\\\\reg\\\\\\\\VeohToolbar.dll O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\\\\\\\\Program Files\\\\\\\\Veoh Networks\\\\\\\\VeohWebPlayer\\\\\\\\VeohIEToolbar.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\\\\\\\\PROGRA~1\\\\\\\\mcafee\\\\\\\\SITEAD~1\\\\\\\\mcieplg.dll O4 - HKLM\\\\\\\\..\\\\\\\\Run: [Apoint] C:\\\\\\\\Program Files\\\\\\\\Apoint\\\\\\\\Apoint.exe O4 - HKLM\\\\\\\\..\\\\\\\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\NvCpl.dll,NvStartup O4 - HKLM\\\\\\\\..\\\\\\\\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\\\\\\\\..\\\\\\\\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\\\\\\\\..\\\\\\\\Run: [SunJavaUpdateSched] "C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\jusched.exe" O4 - HKLM\\\\\\\\..\\\\\\\\Run: [IntelZeroConfig] "C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\bin\\\\\\\\ZCfgSvc.exe" O4 - HKLM\\\\\\\\..\\\\\\\\Run: [IntelWireless] "C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\\\\\\\\..\\\\\\\\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\\\\\\\\..\\\\\\\\Run: [Document Manager] C:\\\\\\\\Program Files\\\\\\\\Wave Systems Corp\\\\\\\\Services Manager\\\\\\\\DocMgr\\\\\\\\bin\\\\\\\\docmgr.exe O4 - HKLM\\\\\\\\..\\\\\\\\Run: [Dell QuickSet] C:\\\\\\\\Program Files\\\\\\\\Dell\\\\\\\\QuickSet\\\\\\\\quickset.exe O4 - HKLM\\\\\\\\..\\\\\\\\Run: [DVDLauncher] "C:\\\\\\\\Program Files\\\\\\\\CyberLink\\\\\\\\PowerDVD\\\\\\\\DVDLauncher.exe" O4 - HKLM\\\\\\\\..\\\\\\\\Run: [DLA] C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\DLA\\\\\\\\DLACTRLW.EXE
| |
|
| |
cyrilledouk Membre
Nombre de messages : 6 Age : 52 Localisation : paris Système d\'exploitation * : windows XP Date d'inscription : 16/04/2009
| Sujet: Re: PC infecté et virus persistants, ralentissement Ven 17 Avr - 13:09:42 | |
| O4 - HKLM\\\\\\\\..\\\\\\\\Run: [ISUSPM Startup] C:\\\\\\\\PROGRA~1\\\\\\\\COMMON~1\\\\\\\\INSTAL~1\\\\\\\\UPDATE~1\\\\\\\\ISUSPM.exe -startup O4 - HKLM\\\\\\\\..\\\\\\\\Run: [ISUSScheduler] "C:\\\\\\\\Program Files\\\\\\\\Common Files\\\\\\\\InstallShield\\\\\\\\UpdateService\\\\\\\\issch.exe" -start O4 - HKLM\\\\\\\\..\\\\\\\\Run: [GhostStartTrayApp] C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Norton Ghost 2003\\\\\\\\GhostStartTrayApp.exe O4 - HKLM\\\\\\\\..\\\\\\\\Run: [Google Desktop Search] "C:\\\\\\\\Program Files\\\\\\\\Google\\\\\\\\Google Desktop Search\\\\\\\\GoogleDesktop.exe" /startup O4 - HKLM\\\\\\\\..\\\\\\\\Run: [DigidesignMMERefresh] C:\\\\\\\\Program Files\\\\\\\\Digidesign\\\\\\\\Drivers\\\\\\\\MMERefresh.exe O4 - HKLM\\\\\\\\..\\\\\\\\Run: [EPSON Stylus C66 Series] C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\spool\\\\\\\\DRIVERS\\\\\\\\W32X86\\\\\\\\3\\\\\\\\E_S4I2S1.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB001" /M "Stylus C66" O4 - HKLM\\\\\\\\..\\\\\\\\Run: [UserFaultCheck] %systemroot%\\\\\\\\system32\\\\\\\\dumprep 0 -u O4 - HKLM\\\\\\\\..\\\\\\\\Run: [NeroFilterCheck] C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\NeroCheck.exe O4 - HKLM\\\\\\\\..\\\\\\\\Run: [dscactivate] "C:\\\\\\\\Program Files\\\\\\\\Dell Support Center\\\\\\\\gs_agent\\\\\\\\custom\\\\\\\\dsca.exe" O4 - HKLM\\\\\\\\..\\\\\\\\Run: [Prolific_OneButton] C:\\\\\\\\Program Files\\\\\\\\Prolific\\\\\\\\One Button\\\\\\\\OneBtn.exe O4 - HKLM\\\\\\\\..\\\\\\\\Run: [Adobe Reader Speed Launcher] "C:\\\\\\\\Program Files\\\\\\\\Adobe\\\\\\\\Reader 8.0\\\\\\\\Reader\\\\\\\\Reader_sl.exe" O4 - HKLM\\\\\\\\..\\\\\\\\Run: [DellSupportCenter] "C:\\\\\\\\Program Files\\\\\\\\Dell Support Center\\\\\\\\bin\\\\\\\\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\\\\\\\\..\\\\\\\\Run: [PhilipsDM] "C:\\\\\\\\Program Files\\\\\\\\Philips\\\\\\\\Philips Device Manager\\\\\\\\Bin\\\\\\\\DeviceManager.exe" O4 - HKLM\\\\\\\\..\\\\\\\\Run: [TkBellExe] "C:\\\\\\\\Program Files\\\\\\\\Common Files\\\\\\\\Real\\\\\\\\Update_OB\\\\\\\\realsched.exe" -osboot O4 - HKLM\\\\\\\\..\\\\\\\\Run: [QuickTime Task] "C:\\\\\\\\Program Files\\\\\\\\QuickTime\\\\\\\\QTTask.exe" -atboottime O4 - HKLM\\\\\\\\..\\\\\\\\Run: [iTunesHelper] "C:\\\\\\\\Program Files\\\\\\\\iTunes\\\\\\\\iTunesHelper.exe" O4 - HKLM\\\\\\\\..\\\\\\\\Run: [mcagent_exe] "C:\\\\\\\\Program Files\\\\\\\\McAfee.com\\\\\\\\Agent\\\\\\\\mcagent.exe" /runkey O4 - HKCU\\\\\\\\..\\\\\\\\Run: [ModemOnHold] C:\\\\\\\\Program Files\\\\\\\\NetWaiting\\\\\\\\netWaiting.exe O4 - HKCU\\\\\\\\..\\\\\\\\Run: [swg] C:\\\\\\\\Program Files\\\\\\\\Google\\\\\\\\GoogleToolbarNotifier\\\\\\\\GoogleToolbarNotifier.exe O4 - HKCU\\\\\\\\..\\\\\\\\Run: [MSMSGS] "C:\\\\\\\\Program Files\\\\\\\\Messenger\\\\\\\\msmsgs.exe" /background O4 - HKCU\\\\\\\\..\\\\\\\\Run: [ctfmon.exe] C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\ctfmon.exe O4 - HKCU\\\\\\\\..\\\\\\\\Run: [DellSupportCenter] "C:\\\\\\\\Program Files\\\\\\\\Dell Support Center\\\\\\\\bin\\\\\\\\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\\\\\\\\..\\\\\\\\Run: [Veoh] "C:\\\\\\\\Program Files\\\\\\\\Veoh Networks\\\\\\\\Veoh\\\\\\\\VeohClient.exe" /VeohHide O4 - HKCU\\\\\\\\..\\\\\\\\Run: [VeohPlugin] "C:\\\\\\\\Program Files\\\\\\\\Veoh Networks\\\\\\\\VeohWebPlayer\\\\\\\\veohwebplayer.exe" O4 - HKUS\\\\\\\\S-1-5-18\\\\\\\\..\\\\\\\\Run: [CTFMON.EXE] C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\\\\\\\\.DEFAULT\\\\\\\\..\\\\\\\\Run: [CTFMON.EXE] C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\\\\\\\\Program Files\\\\\\\\Common Files\\\\\\\\Adobe\\\\\\\\Calibration\\\\\\\\Adobe Gamma Loader.exe O4 - Startup: OpenOffice.org 3.0.lnk = C:\\\\\\\\Program Files\\\\\\\\OpenOffice.org 3\\\\\\\\program\\\\\\\\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\\\\\\\\Program Files\\\\\\\\Common Files\\\\\\\\Adobe\\\\\\\\Calibration\\\\\\\\Adobe Gamma Loader.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: EMBASSY Trust Suite Secure Update.lnk = C:\\\\\\\\Program Files\\\\\\\\Wave Systems Corp\\\\\\\\Services Manager\\\\\\\\Secure Update\\\\\\\\AutoUpdate.exe O4 - Global Startup: TabUserW.lnk = C:\\\\\\\\Program Files\\\\\\\\Wacom\\\\\\\\TabUserW.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\\\\\\\\Program Files\\\\\\\\WinZip\\\\\\\\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\\\\\\\\PROGRA~1\\\\\\\\MICROS~2\\\\\\\\OFFICE11\\\\\\\\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\\\\\\\PROGRA~1\\\\\\\\MICROS~2\\\\\\\\OFFICE11\\\\\\\\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\\\\\\\WINDOWS\\\\\\\\Network Diagnostic\\\\\\\\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\\\\\\\WINDOWS\\\\\\\\Network Diagnostic\\\\\\\\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\\\\\\\Program Files\\\\\\\\Messenger\\\\\\\\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\\\\\\\Program Files\\\\\\\\Messenger\\\\\\\\msmsgs.exe O15 - Trusted Zone: http://*.mcafee.com O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\\\\\\\\PROGRA~1\\\\\\\\mcafee\\\\\\\\SITEAD~1\\\\\\\\mcieplg.dll O20 - AppInit_DLLs: wxvault.dll C:\\\\\\\\PROGRA~1\\\\\\\\Google\\\\\\\\GOOGLE~3\\\\\\\\GOEC62~1.DLL O20 - Winlogon Notify: winrkq32 - winrkq32.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\\\\\\\\Program Files\\\\\\\\Common Files\\\\\\\\Adobe Systems Shared\\\\\\\\Service\\\\\\\\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\\\\\\\\Program Files\\\\\\\\Common Files\\\\\\\\Apple\\\\\\\\Mobile Device Support\\\\\\\\bin\\\\\\\\AppleMobileDeviceService.exe O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\AvidSDMService.exe O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\AvidStartup.exe (file missing) O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\\\\\\\\Program Files\\\\\\\\Bonjour\\\\\\\\mDNSResponder.exe O23 - Service: DataSvr2 - Wave Systems Corp. - C:\\\\\\\\Program Files\\\\\\\\Wave Systems Corp\\\\\\\\Common\\\\\\\\DataServer.exe O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\\\\\\\\Program Files\\\\\\\\Digidesign\\\\\\\\Drivers\\\\\\\\MMERefresh.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\EvtEng.exe O23 - Service: GhostStartService - Symantec Corporation - C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Norton Ghost 2003\\\\\\\\GhostStartService.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\\\\\\\\Program Files\\\\\\\\Google\\\\\\\\Google Desktop Search\\\\\\\\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\\\\\\\\Program Files\\\\\\\\Google\\\\\\\\Common\\\\\\\\Google Updater\\\\\\\\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\\\\\\\\Program Files\\\\\\\\iPod\\\\\\\\bin\\\\\\\\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\\\\\\\\Program Files\\\\\\\\Java\\\\\\\\jre6\\\\\\\\bin\\\\\\\\jqs.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\\\\\\\\Program Files\\\\\\\\McAfee\\\\\\\\SiteAdvisor\\\\\\\\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\\\\\\\\PROGRA~1\\\\\\\\McAfee\\\\\\\\MSC\\\\\\\\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\\\\\\\\PROGRA~1\\\\\\\\COMMON~1\\\\\\\\mcafee\\\\\\\\mna\\\\\\\\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\\\\\\\\PROGRA~1\\\\\\\\McAfee\\\\\\\\VIRUSS~1\\\\\\\\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\\\\\\\\PROGRA~1\\\\\\\\COMMON~1\\\\\\\\mcafee\\\\\\\\mcproxy\\\\\\\\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\\\\\\\\PROGRA~1\\\\\\\\McAfee\\\\\\\\VIRUSS~1\\\\\\\\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\\\\\\\\PROGRA~1\\\\\\\\McAfee\\\\\\\\VIRUSS~1\\\\\\\\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\\\\\\\\Program Files\\\\\\\\McAfee\\\\\\\\MPF\\\\\\\\MPFSrv.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\\\\\\\\Program Files\\\\\\\\Dell\\\\\\\\QuickSet\\\\\\\\NICCONFIGSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\nvsvc32.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\S24EvMon.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\\\\\\\\Program Files\\\\\\\\Dell Support Center\\\\\\\\bin\\\\\\\\sprtsvc.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\\\\\\\\WINDOWS\\\\\\\\system32\\\\\\\\Tablet.exe O23 - Service: NTRU Hybrid TSS v2.0.25 TCS (tcsd_win32.exe) - Unknown owner - C:\\\\\\\\Program Files\\\\\\\\NTRU Cryptosystems\\\\\\\\NTRU Hybrid TSS v2.0.25\\\\\\\\bin\\\\\\\\tcsd_win32.exe O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\\\\\\\\Program Files\\\\\\\\Intel\\\\\\\\Wireless\\\\\\\\Bin\\\\\\\\WLKeeper.exe
| |
|
| |
cyrilledouk Membre
Nombre de messages : 6 Age : 52 Localisation : paris Système d\'exploitation * : windows XP Date d'inscription : 16/04/2009
| Sujet: Re: PC infecté et virus persistants, ralentissement Ven 17 Avr - 13:10:32 | |
| c'était la dernière partie du rapport... Merci encore de ton attention Geoffrey. Très cordialement. C.D. | |
|
| |
geoffrey5 Admin
Nombre de messages : 1849 Age : 43 Localisation : Liège - Belgique Système d\'exploitation * : XP IBM processeur Intel Celeron 2.4ghz 1.5GB RAM Date d'inscription : 28/07/2008
| Sujet: Re: PC infecté et virus persistants, ralentissement Ven 17 Avr - 13:22:56 | |
| Il y a un souci d'affichage avec ton rapport
- Télécharge Smitfraudfix et enregistre le sur le bureau
(c est le numéro 2 en bas de la page) :
- Ensuite double clique sur smitfraudfix puis exécuter
* Sous Vista : clic droit sur SmitfraudFix et sélectionner "Exécuter en tant qu'administrateur"
- Sélectionner 1 pour créer un rapport des fichiers responsables de l'infection.
(attention : N utilises pas l option 2 si je ne te l ai pas demandé !!)
- copier/coller le rapport dans la réponse.
Voici un [url=http://pagesperso-orange.fr/rginformatique/section virus/smitfraudfix.htm]tutoriel[/url] sonore et animé en cas de problème d'utilisation(Attention : "process.exe", un composant de l'outil, est détecté par certains antivirus comme étant un "RiskTool". Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité.) | |
|
| |
bluestyle Contributeur
Nombre de messages : 158 Age : 53 Localisation : canada Système d\'exploitation * : Windows Date d'inscription : 23/11/2008
| Sujet: Re: PC infecté et virus persistants, ralentissement Sam 18 Avr - 1:35:38 | |
| bonjours,
Y a des possibilités que le message de McAfee vienne d'un fichier de Smitfraudfix, msnfix.. genre : process.exe
Par contre avec 45 processus de démarrage et 29 services,. Ouf.., y a du stock la. | |
|
| |
Contenu sponsorisé
| Sujet: Re: PC infecté et virus persistants, ralentissement | |
| |
|
| |
| PC infecté et virus persistants, ralentissement | |
|