Tom's Guide > Forum > Sécurité - Virus > probleme de chargement rundll32.exe

probleme de chargement rundll32.exe

Forum Sécurité - Virus : probleme de chargement rundll32.exe

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
alex0101   24-05-2008 à 15:15:34

bonjour,

Depuis plusieurs, j'ai un message au chargement de xp : probleme avec rundll32.exe.
J'ai lancé le soft "Malwarebytes' Anti-Malware" qui a découvert plusieurs malwares qu'il a reussit à supprimer, seulement il a supprimé le fichier rundll32.exe que j'ai restauré par la suite.
Lorsque ce fichier se trouvait en quarantaine, je n'avais pas de message d'erreur, or depuis la restauration, rundll32.exe est à nouveau a son emplacement mais est toujours infecté.
Quelqu'un peut-il m'aider?

Cordialement
Alex

Voici le log de combofix:
ComboFix 08-05-21.3 - Administrateur 2008-05-24 14:52:24.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.501 [GMT 2:00]
Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
* Resident AV is active


[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\adzgalore-remove.exe
C:\WINDOWS\system32\cpmsky-uninst.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-24 to 2008-05-24 ))))))))))))))))))))))))))))))))))))
.

2008-05-24 14:50 . 2008-05-24 14:51 <REP> d-------- C:\327882R2FWJFW
2008-05-24 10:27 . 2008-05-24 10:27 33,792 --a------ C:\WINDOWS\system32\rundll32.exe
2008-05-24 10:27 . 2008-05-24 10:27 33,792 --a--c--- C:\WINDOWS\system32\dllcache\rundll32.exe
2008-05-23 17:13 . 2008-05-23 17:13 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-05-23 17:12 . 2008-05-23 17:12 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-23 17:12 . 2008-05-23 17:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-23 17:12 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-23 17:12 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-20 20:36 . 2008-05-20 21:08 <REP> d-------- C:\Program Files\RegCure
2008-05-18 20:15 . 2008-05-18 20:21 <REP> d-------- C:\Program Files\MIDIOX
2008-05-17 20:51 . 2008-05-17 20:54 <REP> d-------- C:\Program Files\Native Instruments
2008-05-17 20:51 . 2008-05-17 20:52 <REP> d-------- C:\Program Files\Fichiers communs\Native Instruments
2008-05-17 20:51 . 2008-05-17 20:51 <REP> d-------- C:\Program Files\Fichiers communs\Digidesign
2008-05-17 14:12 . 2008-05-17 14:12 354,560 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-05-17 14:12 . 2008-04-04 14:51 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-05-04 11:43 . 2008-05-04 11:43 <REP> d-------- C:\Program Files\Realtek AC97
2008-05-04 11:43 . 2006-08-01 15:02 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-05-04 11:38 . 2006-12-08 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2008-05-04 11:38 . 2006-10-18 02:53 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2008-05-02 20:48 . 2008-05-18 20:31 49 --a------ C:\WINDOWS\NeroDigital.ini
2008-04-28 21:22 . 2008-04-28 21:22 <REP> d-------- C:\Program Files\Kontakt Player 2
2008-04-28 21:22 . 2008-05-01 17:27 <REP> d-------- C:\Program Files\Garritan Instruments for Finale
2008-04-28 21:17 . 2008-04-28 21:17 <REP> d-------- C:\PSFONTS
2008-04-28 21:16 . 2008-05-01 17:19 <REP> d-------- C:\Program Files\Finale 2008
2008-04-28 21:05 . 2008-04-28 21:05 <REP> d-------- C:\Program Files\PowerISO
2008-04-25 20:38 . 2008-04-25 20:38 4,958,588 --a------ C:\WINDOWS\{00000000-00000000-00000009-00001102-00000008-40021102}.CDF
2008-04-25 20:37 . 2008-05-24 13:12 11,564 --a------ C:\WINDOWS\system32\DVCState-{00000000-00000000-00000009-00001102-00000008-40021102}.rfx
2008-04-25 20:37 . 2008-05-24 13:12 1,164 --a------ C:\WINDOWS\system32\BMXCtrlState-{00000000-00000000-00000009-00001102-00000008-40021102}.rfx
2008-04-25 20:37 . 2008-05-24 13:12 1,164 --a------ C:\WINDOWS\system32\BMXBkpCtrlState-{00000000-00000000-00000009-00001102-00000008-40021102}.rfx
2008-04-25 20:37 . 2008-05-24 13:12 64 --a------ C:\WINDOWS\system32\BMXStateBkp-{00000000-00000000-00000009-00001102-00000008-40021102}.rfx
2008-04-25 20:37 . 2008-05-24 13:12 64 --a------ C:\WINDOWS\system32\BMXState-{00000000-00000000-00000009-00001102-00000008-40021102}.rfx
2008-04-25 17:31 . 2008-04-25 17:40 <REP> d-------- C:\Temp\video
2008-04-25 17:21 . 2008-04-25 17:21 <REP> d-------- C:\Program Files\Fichiers communs\AIPTEK HD-DV
2008-04-24 19:48 . 2008-04-24 19:48 <REP> d-------- C:\Program Files\Shock Utility
2008-04-24 17:40 . 2008-04-24 19:48 65,536 --a------ C:\WINDOWS\IFinst27.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-20 19:04 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Azureus
2008-05-20 15:38 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Canon
2008-05-18 09:17 --------- d-----w C:\Program Files\Roland
2008-05-18 09:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-17 18:45 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\EmuPatchMixDSP
2008-05-17 12:12 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-05-17 09:05 --------- d-----w C:\Program Files\a-squared Free
2008-05-02 09:50 --------- d-----w C:\Program Files\LimeWire
2008-04-26 15:40 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Ahead
2008-04-25 18:33 409,600 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2008-04-25 18:33 114,688 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2008-04-23 17:57 --------- d-----w C:\Program Files\Azureus
2008-04-19 13:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-19 13:38 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-19 13:27 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-04-14 18:56 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-04-14 18:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-04-13 17:00 --------- d-----w C:\Program Files\Microsoft Bootvis
2008-04-13 16:56 --------- d-----w C:\Program Files\Micro Application
2008-04-13 08:26 --------- d-----w C:\Program Files\Simon Tools
2008-04-12 16:00 --------- d-----w C:\Program Files\Creative Professional
2008-04-12 14:14 --------- d-----w C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2008-04-12 14:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Corporation
2008-04-12 13:42 --------- d-----w C:\Program Files\eMule
2008-04-07 16:07 85,520 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-04-07 15:59 --------- d-----w C:\Program Files\Fichiers communs\BitDefender
2008-04-07 15:59 --------- d-----w C:\Program Files\BitDefender
2008-04-07 15:59 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Bitdefender
2008-04-07 15:58 --------- d-----w C:\Program Files\Lavasoft
2008-04-07 15:58 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Lavasoft
2008-04-07 15:51 --------- d-----w C:\Program Files\Softwin
2008-04-07 15:50 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-04-07 15:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\BitDefender
2008-03-30 09:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2008-03-30 08:59 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-03-30 08:55 --------- d-----w C:\Program Files\Nero
2008-03-30 08:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-08-14 11:48 76,784 ----a-w C:\Documents and Settings\Administrateur\Application Data\GDIPFONTCACHEV1.DAT
2006-08-03 13:43 461 ----a-w C:\Program Files\INSTALL.LOG
2005-11-21 16:33 37 ----a-w C:\Documents and Settings\Administrateur\getfile.dat
2003-11-13 15:31 1,388,544 ----a-w C:\Program Files\SFX Machine LT.dll
2003-11-05 20:37 11,838 ----a-w C:\Program Files\SFX Machine LT Read Me.rtf
2007-10-31 18:55 8 --sh--r C:\WINDOWS\system32\D23EF6AF2B.sys
2005-06-19 14:35 56 -csh--r C:\WINDOWS\system32\E6EEEE4070.sys
2007-11-02 16:34 15,022 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

------- Sigcheck -------

2004-08-19 17:09 30208 9686a2aee5b35a908d6f0cd118565f1e C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
2004-08-19 17:09 30208 9686a2aee5b35a908d6f0cd118565f1e C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ea2ca9bd-a60b-3f63-2182-bfb080596ed2}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 30208]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-11-15 20:21 1204224]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 10:21 153136]
"SetDefaultMIDI"="MIDIDef.exe" [2007-12-12 16:42 31232 C:\WINDOWS\system32\MIDIDEF.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-22 21:05 339968]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-08-01 01:14 684032]
"Ma44Pan"="Ma44Pan.Exe" [2002-09-26 19:55 311296 C:\WINDOWS\system32\Ma44Pan.exe]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 06:41 94208]
"SpeedTouch USB Diagnostics"="C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38 866816]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 10:50 19968 C:\WINDOWS\LOGI_MWX.EXE]
"Cloneur Expert Monitor"="C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" [2005-03-28 20:53 508582]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2005-03-28 20:53 65536]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 17:15 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 17:15 81920]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"SecurDisc"="C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-01 10:06 1629744]
"InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" [2007-06-01 10:05 1057328]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-04-07 18:06 360448]
"CTHelper"="CTHELPER.EXE" [2007-12-12 16:56 23040 C:\WINDOWS\system32\CtHelper.exe]
"CTxfiHlp"="CTXFIHLP.EXE" [2007-12-12 16:56 23552 C:\WINDOWS\system32\Ctxfihlp.exe]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 05:42 577536 C:\WINDOWS\soundman.exe]
"{b18f8afe-ea12-987f-887a-28a7a619b7d7}"="C:\WINDOWS\system32\{3a11a71c-3243-ba84-89bf-8b79a122596b}.dll" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 17:09 30208]

C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Pense-bˆte.lnk - C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE [2000-12-17 17:50:21 2344920]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2003-06-11 21:11:52 110592]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2002-01-01 02:51:14 98304]
Logitech Desktop Messenger.lnk - C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe [2003-10-08 19:55:31 156160]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):58,50,69,7a,65,5f,4c,6f,67,6f,6e,2e,65,78,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"= cbxt3usr.dll
"midi3"= RDDV1045.DLL
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll
"SENTINEL"= snti386.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Media Player Classic\\mplayerc.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\EDS\\Unigraphics NX 2.0\\UGII\\ugraf.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1104:UDP"= 1104:UDP:Windows Media Format SDK (iexplore.exe)
"1105:UDP"= 1105:UDP:Windows Media Format SDK (iexplore.exe)
"1106:UDP"= 1106:UDP:Windows Media Format SDK (iexplore.exe)
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"25:TCP"= 25:TCP:oe
"587:TCP"= 587:TCP:587

R0 rttmntr;R-TT Backup Archive Explorer;C:\WINDOWS\system32\DRIVERS\rttmntr.sys [2003-11-04 13:13]
R0 snaprtt;Acronis Snapshots Manager (R-TT);C:\WINDOWS\system32\DRIVERS\snaprtt.sys [2003-11-04 13:13]
R1 Klmc;Klmc;C:\WINDOWS\system32\drivers\klmc.sys [2004-11-26 14:38]
R2 cbxt3krn;YAMAHA CBX Driver;C:\WINDOWS\system32\drivers\cbxt3krn.sys [1999-09-15 08:05]
R2 rttfsfilt;R-TT FS Filter;C:\WINDOWS\system32\DRIVERS\rttfsfilt.sys [2003-11-04 13:13]
R2 RVIEG01;VSC Engine;C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys [2001-04-13 19:16]
R2 ugiipqd;Unigraphics Plot Server (ugiipqd);C:\WINDOWS\system32\spool\ugplot\ugiipqd.exe [2003-07-23 19:07]
R2 Unigraphics License Server (uglmd);Unigraphics License Server (uglmd);"C:\Program Files\EDS\License Servers\UGNXFLEXlm\lmgrd.exe" [2003-06-30 16:35]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-19 17:10]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-04-07 18:07]
R3 COMMONFX.SYS;COMMONFX.SYS;C:\WINDOWS\system32\drivers\COMMONFX.SYS [2007-12-12 18:35]
R3 CTEDSPFX.SYS;CTEDSPFX.SYS;C:\WINDOWS\system32\drivers\CTEDSPFX.SYS [2007-12-12 18:36]
R3 CTEDSPIO.SYS;CTEDSPIO.SYS;C:\WINDOWS\system32\drivers\CTEDSPIO.SYS [2007-12-12 18:37]
R3 CTEDSPSY.SYS;CTEDSPSY.SYS;C:\WINDOWS\system32\drivers\CTEDSPSY.SYS [2007-12-12 18:37]
S2 FILESpy;FILESpy;C:\Program Files\Softwin\BitDefender9\filespy.sys []
S3 ADSLAutoconnect;ADSLAutoconnect;"C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z []
S3 COMMONFX;COMMONFX;C:\WINDOWS\system32\drivers\COMMONFX.SYS [2007-12-12 18:35]
S3 CT20XUT.SYS;CT20XUT.SYS;C:\WINDOWS\system32\drivers\CT20XUT.SYS [2007-12-12 18:36]
S3 CT20XUT;CT20XUT;C:\WINDOWS\system32\drivers\CT20XUT.SYS [2007-12-12 18:36]
S3 CTAUDFX.SYS;CTAUDFX.SYS;C:\WINDOWS\system32\drivers\CTAUDFX.SYS [2007-12-12 18:35]
S3 CTAUDFX;CTAUDFX;C:\WINDOWS\system32\drivers\CTAUDFX.SYS [2007-12-12 18:35]
S3 CTEAPSFX.SYS;CTEAPSFX.SYS;C:\WINDOWS\system32\drivers\CTEAPSFX.SYS [2007-12-12 18:36]
S3 CTEAPSFX;CTEAPSFX;C:\WINDOWS\system32\drivers\CTEAPSFX.SYS [2007-12-12 18:36]
S3 CTEDSPFX;CTEDSPFX;C:\WINDOWS\system32\drivers\CTEDSPFX.SYS [2007-12-12 18:36]
S3 CTEDSPIO;CTEDSPIO;C:\WINDOWS\system32\drivers\CTEDSPIO.SYS [2007-12-12 18:37]
S3 CTEDSPSY;CTEDSPSY;C:\WINDOWS\system32\drivers\CTEDSPSY.SYS [2007-12-12 18:37]
S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\WINDOWS\system32\drivers\CTERFXFX.SYS [2007-12-12 18:36]
S3 CTERFXFX;CTERFXFX;C:\WINDOWS\system32\drivers\CTERFXFX.SYS [2007-12-12 18:36]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\WINDOWS\system32\drivers\CTEXFIFX.SYS [2007-12-12 18:37]
S3 CTEXFIFX;CTEXFIFX;C:\WINDOWS\system32\drivers\CTEXFIFX.SYS [2007-12-12 18:37]
S3 CTHWIUT.SYS;CTHWIUT.SYS;C:\WINDOWS\system32\drivers\CTHWIUT.SYS [2007-12-12 18:36]
S3 CTHWIUT;CTHWIUT;C:\WINDOWS\system32\drivers\CTHWIUT.SYS [2007-12-12 18:36]
S3 CTSBLFX.SYS;CTSBLFX.SYS;C:\WINDOWS\system32\drivers\CTSBLFX.SYS [2007-12-12 18:36]
S3 CTSBLFX;CTSBLFX;C:\WINDOWS\system32\drivers\CTSBLFX.SYS [2007-12-12 18:36]
S3 ids0004C;ids0004C;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys []
S3 ids0005c;ids0005c;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys []
S3 klstm;klstm;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\klstm.sys []
S3 MA44_01;Service for LUNNAR LR44-1;C:\WINDOWS\system32\drivers\Ma44wdm1.sys [2002-09-26 19:55]
S3 MA44_02;Service for LUNNAR LR44-2;C:\WINDOWS\system32\drivers\Ma44wdm2.sys [2002-09-26 19:55]
S3 MA44_03;Service for LUNNAR LR44-3;C:\WINDOWS\system32\drivers\Ma44wdm3.sys [2002-09-26 19:55]
S3 MA44_04;Service for LUNNAR LR44-4;C:\WINDOWS\system32\drivers\Ma44wdm4.sys [2002-09-26 19:55]
S3 MA44_05;Service for LUNNAR LR44 MIDI;C:\WINDOWS\system32\drivers\Ma44wdm5.sys [2002-09-26 19:55]
S3 MA44_AA;Service for LUNNAR LR44 Audio Driver;C:\WINDOWS\system32\drivers\Ma44.sys [2002-09-26 19:55]
S3 MA44_AB;Service for MIDITRAK Maya44;C:\WINDOWS\system32\drivers\mBridge.sys [2000-12-18 13:18]
S3 N100;Pilote de carte réseau Ethernet ou Fast Ethernet Compaq;C:\WINDOWS\system32\DRIVERS\n100325.sys [2001-08-23 17:09]
S3 RDID1045;Roland FANTOM-X;C:\WINDOWS\system32\Drivers\RDWM1045.SYS [2004-01-20 09:57]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-05-17 14:12]
S3 ZD1211U(Sitecom);Sitecom Wireless Network USB Adapter Driver(Sitecom);C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2004-07-05 23:38]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2003-11-19 20:09:09 C:\WINDOWS\Tasks\1 Copernic Intra-Daily ~PC-LH7TR4NHBQIZ Administrateur.job"
- C:\Program Files\Copernic Agent\CopernicAgent.exe
"2003-11-19 20:09:09 C:\WINDOWS\Tasks\2 Copernic Daily ~PC-LH7TR4NHBQIZ Administrateur.job"
- C:\Program Files\Copernic Agent\CopernicAgent.exe
"2003-11-19 20:09:09 C:\WINDOWS\Tasks\3 Copernic Weekly ~PC-LH7TR4NHBQIZ Administrateur.job"
- C:\Program Files\Copernic Agent\CopernicAgent.exe
"2003-11-19 20:09:10 C:\WINDOWS\Tasks\4 Copernic Monthly ~PC-LH7TR4NHBQIZ Administrateur.job"
- C:\Program Files\Copernic Agent\CopernicAgent.exe
"2008-05-16 16:02:32 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
"2008-05-24 12:49:22 C:\WINDOWS\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-05-20 18:36:46 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-24 14:57:45
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-24 15:01:59
ComboFix-quarantined-files.txt 2008-05-24 13:01:22

Pre-Run: 9,329,696,768 octets libres
Post-Run: 9,610,862,592 octets libres

268 --- E O F --- 2008-05-17 09:19:34

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > probleme de chargement rundll32.exe
Aller à :

Il y a 1245 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,394 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens