Sujet Précédent Sujet Suivant

PROBLEME DE VIRUS,PERTE DE CONNECTION

MEDOUN -  
moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,
JE VS SALUT ET VS PRESENTE MON RAPPORT INFO-NOTEPAD ET LOG-NOTEPAD, J'AI BESOIN D'AIDE CAR JE SUIS NOUVEAU , VEUILLEZ PARDONNER MON IGNORANCE.MON ORDINATEUR EST TROP LOURD ET JE PERD MA CONNECTION A INTERNET TRES SOUVENT, JE CROIS AVOIR DES VIRUS.AIDEZ MOI SI POSSIBLE.

info.txt logfile of random's system information tool 1.06 2009-12-27 22:49:12

======Uninstall list======

-->"C:\Program Files\CyberDefender\cdinstx.exe" /u "C:\Program Files\CyberDefender\earlySpam\cdinstx.log" /t "CyberDefender Early Detection Center - AntiSpam"
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}
AIM 7-->C:\Program Files\AIM\uninst.exe
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
C-Major Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Components Setup-->C:\Program Files\InstallShield Installation Information\{31187E06-E131-4709-9285-7D105D77AA89}\setup.exe -runfromtemp -l0x0009
CyberDefender Early Detection Center-->C:\Program Files\CyberDefender\cdinstx.exe /u
CyberDefender Registry Cleaner-->"C:\Program Files\CyberDefender\Registry Cleaner\unins000.exe"
Dell Wireless WLAN Card-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
Download Updater (AOL LLC)-->C:\Program Files\Common Files\Software Update Utility\uninstall.exe
Free_Radio_TV Toolbar-->C:\PROGRA~1\FREE_R~1\UNWISE.EXE /U C:\PROGRA~1\FREE_R~1\INSTALL.LOG
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
IM Magician-->C:\Program Files\InstallShield Installation Information\{2969CB97-DF91-4752-BE47-8A73AE810E6C}\setup.exe -runfromtemp -l0x0009 -removeonly
Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Linksys Updater-->MsiExec.exe /X{C15B6175-689A-4D97-A42C-7225353F60A7}
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft VC9 runtime libraries-->MsiExec.exe /I{C4124E95-5061-4776-8D5D-E3D931C778E1}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyIdentityDefender Toolbar (CyberDefender Corporation)-->C:\Documents and Settings\Madu\Local Settings\Application Data\CyberDefender\cdinstx.exe /u
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update for Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows XP Hotfix - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Security center information======

AV: CyberDefender Internet Security
AV: AVG Anti-Virus Free

======System event log======

Computer Name: MADU-D2F8FE9556
Event Code: 30013
Message: The DHCP allocator has disabled itself on IP address 192.168.1.104,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Record Number: 8175
Source Name: ipnathlp
Time Written: 20091025091846.000000-240
Event Type: error
User:

Computer Name: MADU-D2F8FE9556
Event Code: 7011
Message: Timeout (30000 milliseconds) waiting for a transaction response from the wscsvc service.

Record Number: 8148
Source Name: Service Control Manager
Time Written: 20091024232810.000000-240
Event Type: error
User:

Computer Name: MADU-D2F8FE9556
Event Code: 7011
Message: Timeout (30000 milliseconds) waiting for a transaction response from the RasAuto service.

Record Number: 8147
Source Name: Service Control Manager
Time Written: 20091024223433.000000-240
Event Type: error
User:

Computer Name: MADU-D2F8FE9556
Event Code: 30013
Message: The DHCP allocator has disabled itself on IP address 192.168.1.104,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Record Number: 8142
Source Name: ipnathlp
Time Written: 20091024223326.000000-240
Event Type: error
User:

Computer Name: MADU-D2F8FE9556
Event Code: 30013
Message: The DHCP allocator has disabled itself on IP address 192.168.1.104,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Record Number: 8114
Source Name: ipnathlp
Time Written: 20091024070739.000000-240
Event Type: error
User:

=====Application event log=====

Computer Name: MADU-D2F8FE9556
Event Code: 1517
Message: Windows saved user MADU-D2F8FE9556\Madu registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 691
Source Name: Userenv
Time Written: 20090227233310.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: MADU-D2F8FE9556
Event Code: 1517
Message: Windows saved user MADU-D2F8FE9556\Madu registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 685
Source Name: Userenv
Time Written: 20090225022617.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: MADU-D2F8FE9556
Event Code: 1517
Message: Windows saved user MADU-D2F8FE9556\Madu registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 679
Source Name: Userenv
Time Written: 20090224001927.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: MADU-D2F8FE9556
Event Code: 1517
Message: Windows saved user MADU-D2F8FE9556\Madu registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 673
Source Name: Userenv
Time Written: 20090222071533.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: MADU-D2F8FE9556
Event Code: 1517
Message: Windows saved user MADU-D2F8FE9556\Madu registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 667
Source Name: Userenv
Time Written: 20090221071345.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Logfile of random's system information tool 1.06 (written by random/random)
Run by Madu at 2009-12-27 22:55:14
Microsoft Windows XP Professional Service Pack 2
System drive C: has 32 GB (84%) free of 38 GB
Total RAM: 247 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:55:37 PM, on 12/27/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\java.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\IM Magician\Vicamon.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\CyberDefender\Registry Cleaner\CDregclean.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Madu\Local Settings\Temporary Internet Files\Content.IE5\4T8BGNG7\RSIT[1].exe
C:\Program Files\trend micro\Madu.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://safesearch.cyberdefender.com/smallsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2354614
R3 - URLSearchHook: (no name) - *~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *~9dbb9aeb-5a16-4989-a66f-c0f1c909d647} - (no file)
R3 - URLSearchHook: (no name) - *~A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - *~A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - (no file)
R3 - URLSearchHook: (no name) - ~A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Documents and Settings\Madu\Local Settings\Application Data\CyberDefender\cdmyidd.dll
R3 - URLSearchHook: (no name) - ~EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Free Radio TV Toolbar - {9dbb9aeb-5a16-4989-a66f-c0f1c909d647} - C:\Program Files\Free_Radio_TV\tbFree.dll
O2 - BHO: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Documents and Settings\Madu\Local Settings\Application Data\CyberDefender\cdmyidd.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Free Radio TV Toolbar - {9dbb9aeb-5a16-4989-a66f-c0f1c909d647} - C:\Program Files\Free_Radio_TV\tbFree.dll
O3 - Toolbar: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Documents and Settings\Madu\Local Settings\Application Data\CyberDefender\cdmyidd.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [IMMON] "C:\Program Files\IM Magician\Vicamon.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CyberDefender Registry Cleaner] C:\Program Files\CyberDefender\Registry Cleaner\CDregclean.exe
O4 - HKCU\..\Run: [CyberDefender Early Detection Center] "C:\Program Files\CyberDefender\AntiSpyware\cdas5.exe" /minimize
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 6858 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-12-20 1484056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dbb9aeb-5a16-4989-a66f-c0f1c909d647}]
Free Radio TV Toolbar - C:\Program Files\Free_Radio_TV\tbFree.dll [2009-11-09 2331672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}]
MyIdentityDefender - C:\Documents and Settings\Madu\Local Settings\Application Data\CyberDefender\cdmyidd.dll [2009-11-30 3851592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]

{9dbb9aeb-5a16-4989-a66f-c0f1c909d647} - Free Radio TV Toolbar - C:\Program Files\Free_Radio_TV\tbFree.dll [2009-11-09 2331672]
{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - MyIdentityDefender - C:\Documents and Settings\Madu\Local Settings\Application Data\CyberDefender\cdmyidd.dll [2009-11-30 3851592]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2004-02-13 155648]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2007-03-16 1392640]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-06-06 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-06-06 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-06-06 118784]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2009-12-20 2033432]
"IMMON"=C:\Program Files\IM Magician\Vicamon.exe [2008-09-18 143360]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"CyberDefender Registry Cleaner"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim"=C:\Program Files\AIM\aim.exe [2009-10-01 3634024]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336]
"CyberDefender Registry Cleaner"=C:\Program Files\CyberDefender\Registry Cleaner\CDregclean.exe [2009-11-04 6908744]
"CyberDefender Early Detection Center"=C:\Program Files\CyberDefender\AntiSpyware\cdas5.exe [2009-11-30 664904]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-11-20 12464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-06-06 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-11 239496]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AIM"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\CyberDefender\AntiSpyware\cdas5.exe"="C:\Program Files\CyberDefender\AntiSpyware\cdas5.exe:*:Enabled:CyberDefender Internet Security"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2009-12-27 22:48:33 ----D---- C:\Program Files\trend micro
2009-12-27 22:48:28 ----D---- C:\rsit
2009-12-27 22:44:09 ----D---- C:\Documents and Settings\Madu\Application Data\Yahoo!
2009-12-27 22:44:09 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-12-27 22:44:00 ----D---- C:\Program Files\Yahoo!
2009-12-27 22:43:46 ----D---- C:\Program Files\CCleaner
2009-12-11 09:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-11 09:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 03:06:22 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-09 03:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 03:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 03:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-11-30 10:21:25 ----D---- C:\Documents and Settings\Madu\Application Data\CyberDefender
2009-11-30 10:21:01 ----D---- C:\Program Files\CyberDefender
2009-11-29 00:01:08 ----D---- C:\Documents and Settings\Madu\Application Data\Ahead
2009-11-25 02:00:10 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 01:59:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-21 23:17:17 ----D---- C:\Program Files\MSXML 4.0
2009-11-21 21:33:26 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-11-21 00:30:06 ----D---- C:\WINDOWS\Minidump
2009-11-20 22:53:05 ----D---- C:\Documents and Settings\Madu\Application Data\Vimisoft Studio
2009-11-20 22:52:49 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2009-11-20 22:52:43 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2009-11-20 22:52:07 ----A---- C:\WINDOWS\system32\vgf.dll
2009-11-20 22:52:06 ----D---- C:\Program Files\Common Files\Vimisoft Studio
2009-11-20 22:52:06 ----A---- C:\WINDOWS\system32\newlistview2.dll
2009-11-20 22:51:29 ----D---- C:\Program Files\Vimicro Corporation
2009-11-20 22:50:40 ----D---- C:\Program Files\IM Magician
2009-11-20 22:48:25 ----D---- C:\Documents and Settings\Madu\Application Data\InstallShield
2009-11-20 22:08:01 ----HD---- C:\$AVG
2009-11-20 08:06:31 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2009-11-20 08:05:26 ----D---- C:\WINDOWS\SxsCaPendDel
2009-11-20 07:33:54 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-11-15 20:18:11 ----D---- C:\Program Files\Conduit
2009-11-15 20:18:07 ----D---- C:\Program Files\Free_Radio_TV
2009-11-12 21:51:06 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-10 22:10:51 ----D---- C:\Program Files\Common Files\Skype
2009-11-06 10:19:41 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
2009-10-17 21:57:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2009-10-17 21:56:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-17 21:56:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-17 21:56:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-17 21:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-17 21:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-17 21:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-17 21:55:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-17 21:55:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-17 21:55:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-09 20:42:49 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-10-09 20:41:56 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-10-09 20:41:31 ----D---- C:\Program Files\AVG
2009-10-09 09:40:52 ----D---- C:\Documents and Settings\Madu\Application Data\acccore
2009-10-09 09:39:37 ----D---- C:\Documents and Settings\All Users\Application Data\AIM
2009-10-09 09:37:45 ----D---- C:\Program Files\AIM
2009-10-09 09:33:38 ----D---- C:\Program Files\Common Files\Software Update Utility
2009-10-09 09:33:30 ----D---- C:\Program Files\Common Files\AOL

======List of files/folders modified in the last 3 months======

2009-12-27 22:53:06 ----D---- C:\Documents and Settings\Madu\Application Data\Skype
2009-12-27 22:52:43 ----D---- C:\WINDOWS\Prefetch
2009-12-27 22:48:33 ----RD---- C:\Program Files
2009-12-27 22:28:46 ----D---- C:\WINDOWS\system32
2009-12-27 22:28:46 ----D---- C:\WINDOWS
2009-12-27 22:28:45 ----D---- C:\WINDOWS\system32\drivers
2009-12-27 21:22:23 ----D---- C:\Documents and Settings\Madu\Application Data\skypePM
2009-12-27 21:18:44 ----D---- C:\WINDOWS\Temp
2009-12-27 10:42:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-27 09:48:33 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-21 21:52:29 ----HD---- C:\WINDOWS\inf
2009-12-21 21:52:27 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-11 10:29:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-11 09:33:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-11 09:32:11 ----A---- C:\WINDOWS\imsins.BAK
2009-12-09 03:07:10 ----D---- C:\Program Files\Internet Explorer
2009-12-09 03:04:18 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-30 22:56:57 ----A---- C:\WINDOWS\win.ini
2009-11-25 00:18:50 ----SHD---- C:\WINDOWS\Installer
2009-11-25 00:18:47 ----D---- C:\WINDOWS\WinSxS
2009-11-21 21:34:09 ----SD---- C:\WINDOWS\Tasks
2009-11-20 22:52:06 ----D---- C:\Program Files\Common Files
2009-11-20 22:51:47 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-11-20 22:51:28 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-20 22:18:48 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-11-10 22:11:41 ----RD---- C:\Program Files\Skype
2009-11-10 22:10:32 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-10-29 00:48:04 ----A---- C:\WINDOWS\system32\wininet.dll
2009-10-29 00:48:04 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-10-29 00:48:04 ----A---- C:\WINDOWS\system32\shdocvw.dll
2009-10-29 00:48:04 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-10-29 00:48:04 ----A---- C:\WINDOWS\system32\mstime.dll
2009-10-29 00:48:04 ----A---- C:\WINDOWS\system32\msrating.dll
2009-10-29 00:48:04 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-10-29 00:48:03 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-29 00:48:03 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-10-29 00:48:03 ----A---- C:\WINDOWS\system32\inseng.dll
2009-10-29 00:48:03 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-10-29 00:48:03 ----A---- C:\WINDOWS\system32\extmgr.dll
2009-10-29 00:48:03 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-10-29 00:48:03 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-10-29 00:48:02 ----A---- C:\WINDOWS\system32\cdfview.dll
2009-10-29 00:48:02 ----A---- C:\WINDOWS\system32\browseui.dll
2009-10-28 10:07:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-27 05:45:14 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2009-10-21 01:00:55 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-10-21 01:00:55 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-10-19 19:46:47 ----D---- C:\WINDOWS\Help
2009-10-13 05:53:29 ----A---- C:\WINDOWS\system32\oakley.dll
2009-10-12 08:54:17 ----A---- C:\WINDOWS\system32\rastls.dll
2009-10-12 08:54:17 ----A---- C:\WINDOWS\system32\raschap.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-11-20 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-11-20 28424]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-11-20 360584]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-04 88448]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-04 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-04 55936]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-03-16 604928]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-02-10 154112]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-06-06 1168860]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2004-08-04 163584]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2005-03-10 273168]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 CDAVFS;CDAVFS; C:\WINDOWS\system32\DRIVERS\CDAVFS.sys [2009-11-30 67424]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-11-20 285392]
R2 LinksysUpdater;Linksys Updater; C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-01-15 204800]
R2 NWCWorkstation;Client Service for NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2007-03-16 20480]

-----------------EOF-----------------
Configuration: Windows XP Internet Explorer 6.0

1 réponse

Réponse 1 / 1
moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
bonjour

Télécharge rkill
https://download.bleepingcomputer.com/grinler/rkill.exe
Enregistre-le sur ton Bureau
Double-clique sur l'icone rkill ( pour Vista/Seven clic-droit Exécuter en tant qu'Administrateur)
Un bref écran noir t'indiquera que le tool s'est correctement exécuter, s'il ne lance pas
change de lien de téléchargement en utilisant le suivant à partir d'ici:
http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com

une fois qu'il aura terminé

Téléchargez MalwareByte's Anti-Malware

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller

Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam

0

Discussions similaires

Chrome://newtab
Nova -
snoopy35_ -

14 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
le pc me dit : check cable connection
chrispet -
chrispet -

5 réponses
lsc smart connect
Roselyne47310 -
Roselyne -

2 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses