Partager vos
astuces Déco
Posez votre question Signaler

Virus.. encore

athys - Dernière réponse le 9 juin 2008 à 09:54
Bonjour,
Ce n'est pas un Hoax: un virus tojan VB-IUC[Trj] dont je n'ai pu trouver la référence que sur un site Japonais (!!) a été décelé sur mon ordi par Avast. Le logiciel DicoRime en est infecté.
Lire la suite 

Virus.. encore »

3 réponses
Réponse
+0
moins plus
DllD 14758Messages postés 18 novembre 2007Date d'inscription 15 avril 2010Dernière intervention 4 juin 2008 à 18:58
Salut,

Fais voir ça !

> Télécharge DSS (Deckard's System Scanner de Deckard) sur ton Bureau : http://www.techsupportforum.com/sectools/Deckard/dss.exe
- Choisis <enregistrer> et <Bureau> pour l'emplacement.
- Ferme toutes les applications en cours (même internet). C'est important car sinon le PC peut planter.
- Double-clique sur dss.exe pour lancer l'outil.
- S'il ne trouve pas HijackThis, clique sur Oui.
- Clique sur OK à chaque fois que cela te sera demandé.
- Une fois l'analyse finie un rapport s'affichera. Poste son contenu dans ta réponse stp.
NB : Le rapport se trouve aussi ici : C:\Deckard\System Scanner\main.txt
PS : Si tu obtiens deux rapports (main.txt + extra.txt) alors poste les deux stp.
Attention : les rapports peuvent être long donc envoie chacun d'eux dans un poste différent (sinon il risque de manquer la fin).

Bon courage,

A+

:-)

Ajouter un commentaire
athys - 9 juin 2008 à 09:48
Je ne sais pas si quelque chose va apparaître. Je l'avais détruit mais l'ai récupéré par S.V.info_restore et n'ai pas vraiment envie de le remettre en place :-)

Voilà ce qu'il en dit:
Nom de fichier original: A0085744.exe
Dossier d'origine donc Restore
Description du virus Win32:VB-IUC

_________________________________________
Hijack main tx:


Deckard's System Scanner v20071014.68
Run by William on 2008-06-09 09:18:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
16: 2008-06-09 07:18:05 UTC - RP218 - Deckard's System Scanner Restore Point
15: 2008-06-09 06:52:08 UTC - RP217 - Opération de restauration
14: 2008-06-09 06:48:07 UTC - RP216 - Mettre à jour vers un pilote non signé
13: 2008-06-09 06:23:29 UTC - RP215 - Lundi9
12: 2008-06-08 12:03:12 UTC - RP214 - Made by Registry Mechanic O


-- First Restore Point --
1: 2008-06-06 14:57:47 UTC - RP203 - Point de vérification système


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as William.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:21:03, on 09/06/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\tlntsvr.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\William\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\William.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll (disabled by BHODemon)
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - Startup: ClocX.lnk = C:\Program Files\ClocX\ClocX.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - http://www.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection_2_0_4_12.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NoiseCtl - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens\Xontrol\NoiseCtl.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/William/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg
athys - 9 juin 2008 à 09:54
Extra.txt

tiens je vois qu'il faut que je règle l'onduleur ! .... :-)

___________________________________

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professionnel (build 2600) SP 3.0
Architecture: X86; Language: French

CPU 0: Intel(R) Pentium(R) 4 CPU 3.20GHz
Percentage of Memory in Use: 32%
Physical Memory (total/avail): 1022.42 MiB / 687.97 MiB
Pagefile Memory (total/avail): 2512.04 MiB / 2209.55 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1924.9 MiB

C: is Fixed (NTFS) - 20 GiB total, 9.03 GiB free.
D: is Fixed (NTFS) - 212.88 GiB total, 200.97 GiB free.
E: is CDROM (No Media)
F: is Fixed (NTFS) - 465.76 GiB total, 456.83 GiB free.

\\.\PHYSICALDRIVE0 - SAMSUNG SP2504C - 232.88 GiB - 2 partitions
\PARTITION0 (bootable) - Système de fichiers installable - 20 GiB - C:
\PARTITION1 - Système de fichiers installable - 212.88 GiB - D:

\\.\PHYSICALDRIVE1 - SAMSUNG HD501LJ USB Device - 465.76 GiB - 1 partition
\PARTITION0 - Système de fichiers installable - 465.76 GiB - F:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\William\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=MUSIQUE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\William
LOGONSERVER=\\MUSIQUE
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\Support Tools\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0403
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\William\LOCALS~1\Temp
TMP=C:\DOCUME~1\William\LOCALS~1\Temp
USERDOMAIN=MUSIQUE
USERNAME=William
USERPROFILE=C:\Documents and Settings\William
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

William [I](admin)/I


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\NuNInst.exe /UNINSTALL
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe SVG Viewer --> C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu"
Antares Auto-Tune 3 DirectX --> C:\PROGRA~1\ANTARE~1\ANTARE~1\UNWISE.EXE C:\PROGRA~1\ANTARE~1\ANTARE~1\INSTALL.LOG
APC PowerChute Personal Edition --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A0C892E-FD1C-4203-941E-0956AED20A6A}\Setup.exe" -l0x40c
ASAPI Update --> C:\WINDOWS\system32\IWUNIN~1.EXE -uninstall C:\WINDOWS\ISUNINST.EXE -fC:\PROGRA~1\VOB\ASAPIU~1\ASAPI.isu
Avanquest update --> C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x040c -removeonly
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BBE Sonic Maximizer Plugin --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BBE\BBE Sonic Maximizer Plugin\Uninst.isu"
Canon iX4000 --> "C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iX4000\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iX4000 /L0x000c
Canon PhotoRecord --> MsiExec.exe /X{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}
Canon Setup Utility 2.1 --> "C:\Program Files\Canon\Canon Setup Utility 2.1\Maint.exe" /Uninstall C:\Program Files\Canon\Canon Setup Utility 2.1\uninst.ini
Canon Utilities Easy-PhotoPrint --> D:\Program Files\Easy-PhotoPrint\uninst.exe uninst.ini
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
ClocX (1.5b2) --> "C:\Program Files\ClocX\Uninstall.exe"
Coffret de pilotes Logitech QuickCam --> "C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Debut --> C:\Program Files\NCH Software\Debut\uninst.exe
Delta --> C:\Program Files\InstallShield Installation Information\{A4810699-E859-43A6-8F40-1743873E72AB}\setup.exe -runfromtemp -l0x0009 -removeonly
Earope 1.5e --> C:\audio\Earope\UNWISE.EXE C:\audio\Earope\INSTALL.LOG
EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Event Manager --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\Setup.exe" -l0x40c -u
EPSON File Manager --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Scan Assistant --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
FLV Player 1.3.3 --> "C:\Program Files\FLVPlayer\uninstall.exe"
GIMP 2.4.5 --> "D:\Programs saved\GIMP-2.0\setup\unins000.exe"
Glary Utilities 2.5.1 --> "C:\Program Files\Glary Utilities\unins000.exe"
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Japanese Fonts Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5760-0000-800000000003}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Codec Pack 3.9.0 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Logitech QuickCam --> MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
Ma-Config.com --> MsiExec.exe /X{D1874C3B-A0A5-446F-B76C-5265F11D8A1A}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{9112040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Motorola Driver Installation 3.4.0 --> MsiExec.exe /I{81B3BEF9-5D97-4096-86E9-5B48A5BC32D0}
Motorola Phone Tools --> C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe -runfromtemp -l0x0009 -removeonly
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MVision --> MsiExec.exe /I{5FE1E412-D114-46E8-A891-5BE087B256A5}
Native Instruments B4 --> C:\audio\B4\UNWISE.EXE C:\audio\B4\INSTALL.LOG
NCH Toolbox --> C:\Program Files\NCH Swift Sound\ToolBox\uninst.exe
Nero Suite --> C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Outil de mise à jour Google --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
PDFCreator --> C:\Program Files\PDFCreator\unins000.exe
PerfectDisk 2008 Professional --> MsiExec.exe /I{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}
PerfV350 Guide d'utilisation --> C:\Program Files\EPSON\TPMANUAL\PerfV350\USE_G\DOCUNINS.EXE
Prism Video Converter --> C:\Program Files\NCH Software\Prism\uninst.exe
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Recuva (remove only) --> "C:\Program Files\Recuva\uninst.exe"
Registry Mechanic 7.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
RunAlyzer --> "C:\Program Files\Safer Networking\RunAlyzer\unins000.exe"
Sauvegarde des Dossiers personnels Microsoft Outlook --> MsiExec.exe /X{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}
SC Develop Drums Instrument v2.0 - ZONE --> C:\PROGRA~1\STEINB~1\CUBASE~2\VSTPLU~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~2\VSTPLU~1\INSTALL.LOG
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Series II MIDI --> C:\Program Files\InstallShield Installation Information\{379BD39E-F13E-458F-96D8-56BD7F2CC516}\setup.exe -runfromtemp -l0x0009 -removeonly
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sonic Foundry XFX1 v1.0c --> C:\WINDOWS\UNWISE.EXE C:\audio\SONICF~1\xfx1\INSTALL.LOG
Sonic Foundry XFX2 v1.0c --> C:\WINDOWS\UNWISE.EXE C:\audio\SONICF~1\xfx2\INSTALL.LOG
Sonic Foundry XFX3 v1.0c --> C:\WINDOWS\UNWISE.EXE C:\audio\SONICF~1\xfx3\INSTALL.LOG
Sony Ericsson PC Suite 3.207.00 --> C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x040c -removeonly
Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spybot - Search & Destroy --> "D:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steinberg Cubase SX v2.01 --> C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG
Steinberg LM4 - ZONE --> C:\PROGRA~1\STEINB~1\VSTPLU~1\LM4-UN~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\LM4-UN~1\INSTALL.LOG
Steinberg WaveLab 5.01b --> C:\PROGRA~1\STEINB~1\WaveLab\UNWISE.EXE C:\PROGRA~1\STEINB~1\WaveLab\INSTALL.LOG
Switch Sound File Converter --> C:\Program Files\NCH Swift Sound\Switch\uninst.exe
TC Native Bundle v2.01 DX- Zone --> C:\PROGRA~1\TCWorks\TCNATI~1\UNWISE.EXE C:\PROGRA~1\TCWorks\TCNATI~1\INSTALL.LOG
TC Native Bundle v2.01 VST- Zone --> C:\PROGRA~1\audio\STEINB~1\CUBASE~1\VSTPLU~1\UNWISE.EXE C:\PROGRA~1\audio\STEINB~1\CUBASE~1\VSTPLU~1\INSTALL.LOG
TC Native EQ v1.01 (DNV) --> C:\audio\tcnative\tceq\UNWISE.EXE C:\audio\tcnative\tceq\install.log
TC Native Essentials v2.0 OxYGeN --> C:\audio\TCESSE~1\UNWISE.EXE C:\audio\TCESSE~1\INSTALL.LOG
TimeWorks Mastering EQ --> C:\PROGRA~1\TIMEWO~1\MASTER~1\UNWISE.EXE C:\PROGRA~1\TIMEWO~1\MASTER~1\INSTALL.LOG
timeworks Reverb 4080L --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\timeworks\Reverb 4080L\Uninst.isu"
Timeworks ReverbX --> C:\PROGRA~1\TIMEWO~1\ReverbX\UNWISE.EXE C:\PROGRA~1\TIMEWO~1\ReverbX\INSTALL.LOG
Tweak-XP Pro 4 --> C:\WINDOWS\iun6002.exe "C:\Program Files\Tweak-XP Pro 4\irunin.ini"
Twelve Keys --> C:\Program Files\NCH Swift Sound\TwelveKeys\uninst.exe
Ultralingua 6.1 --> "C:\Program Files\Ultralingua\Ultralingua 6\unins000.exe"
VB:Plug-in Pack 1 --> C:\Program Files\VB\Pack_1\uninst.exe C:\Program Files\VB\Pack_1
Waldorf Attack VSTi v1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\Waldorf\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\Waldorf\INSTALL.LOG
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime --> C:\WINDOWS\$hf_mig$\KB834707\spuninst.exe
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Support Tools --> MsiExec.exe /I{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xilisoft DVD Ripper Standard 5 --> C:\Program Files\Xilisoft\DVD Ripper Standard 5\Uninstall.exe
XML Paper Specification Shared Components Pack 1.0 -->
Xontrol --> MsiExec.exe /I{6A2C4E31-F3A8-4C1C-8246-F59D433ECD94}


-- Application Event Log -------------------------------------------------------

Event Record #/Type14450 / Success
Event Submitted/Written: 06/08/2008 07:54:01 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type14401 / Success
Event Submitted/Written: 06/07/2008 07:33:30 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type14400 / Error
Event Submitted/Written: 06/07/2008 07:30:25 PM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante Browser.exe, version 2.0.0.0, module défaillant MFC71.dll, version 7.10.3077.0, adresse de défaillance 0x000660f8.
Traitement de l'événement propre au support pour [Browser.exe!ws!]

Event Record #/Type14387 / Error
Event Submitted/Written: 06/07/2008 02:28:40 PM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante dvdrip.exe, version 5.0.35.508, module défaillant mpeg2lib.dll, version 1.0.2.428, adresse de défaillance 0x0003e966.
Traitement de l'événement propre au support pour [dvdrip.exe!ws!]

Event Record #/Type14359 / Error
Event Submitted/Written: 06/06/2008 10:08:03 PM
Event ID/Source: 10005 / MsiInstaller
Event Description:
Product: Windows Movie Maker 2.6 -- This product only runs on Windows Vista



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type14459 / Error
Event Submitted/Written: 06/09/2008 08:56:03 AM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Le service Onduleur s'est arrêté avec l'erreur :
%%2481

Event Record #/Type14458 / Error
Event Submitted/Written: 06/09/2008 08:56:03 AM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Le service Accès du périphérique d'interface utilisateur s'est arrêté avec l'erreur :
%%126

Event Record #/Type14457 / Error
Event Submitted/Written: 06/09/2008 08:56:03 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Le service MAPMEM n'a pas pu démarrer en raison de l'erreur :
%%3

Event Record #/Type14456 / Error
Event Submitted/Written: 06/09/2008 08:56:03 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Le service BCMNTIO n'a pas pu démarrer en raison de l'erreur :
%%3

Event Record #/Type14454 / Error
Event Submitted/Written: 06/09/2008 08:55:48 AM
Event ID/Source: 2481 / UPS
Event Description:
Le service Onduleur n'est pas configuré convenablement.



-- End of Deckard's System Scanner: finished at 2008-06-09 09:23:11 ------------
Ajouter un commentaire
Posez votre question
Ce document intitulé « virus.. encore » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.
Dossier à la une
5 extensions si vous voulez revenir à l'ancien Facebook