[Virus] Rapports Hijackthis et Combofix

Fermé

jtb Messages postés 152 Date d'inscription dimanche 10 mars 2002 Statut Membre Dernière intervention 12 septembre 2012 - 30 mai 2010 à 16:54
jtb Messages postés 152 Date d'inscription dimanche 10 mars 2002 Statut Membre Dernière intervention 12 septembre 2012 - 31 mai 2010 à 20:10

Bonjour à tous,

J'ai une machine infectée par VSBNTLO. Je crois l'avoir éradiqué. Pourriez vous analyser les rapports et me dire si vous voyez encore quelque chose de suspect ? Merci beaucoup à tous.

COMBOFIX

ComboFix 10-05-29.05 - florence 30/05/2010 16:25:31.1.2 - x86

Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6000.0.1252.32.1036.18.767.208 [GMT 2:00]

Lancé depuis: c:\users\florence\Desktop\ComboFix.exe

AV: Norton 360 *On-access scanning enabled* (Updated) {A5F1BC7C-EA33-4247-961C-0217208396C4}

FW: Norton 360 *enabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3}

SP: Norton 360 *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\florence\AppData\Roaming\avdrn.dat

c:\users\florence\AppData\Roaming\SystemProc

.

((((((((((((((((((((((((((((( Fichiers créés du 2010-04-28 au 2010-05-30 ))))))))))))))))))))))))))))))))))))

.

2010-05-30 14:36 . 2010-05-30 14:36 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-05-30 14:36 . 2010-05-30 14:36 -------- d-----w- c:\users\Adrien\AppData\Local\temp

2010-05-30 11:11 . 2010-05-30 11:11 -------- d--h--w- c:\windows\PIF

2010-05-30 10:19 . 2010-05-30 10:19 -------- d-----w- c:\users\florence\AppData\Roaming\Malwarebytes

2010-05-30 10:18 . 2010-05-30 10:18 -------- d-----w- c:\programdata\Malwarebytes

2010-05-30 10:18 . 2010-05-30 10:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-05-30 14:21 . 2007-10-05 08:25 700222 ----a-w- c:\windows\system32\perfh00C.dat

2010-05-30 14:21 . 2007-10-05 08:25 122020 ----a-w- c:\windows\system32\perfc00C.dat

2010-05-30 11:01 . 2010-02-12 12:00 1356 ----a-w- c:\users\florence\AppData\Local\d3d9caps.dat

2010-05-27 13:09 . 2010-05-27 13:09 12 ----a-w- c:\users\florence\AppData\Roaming\vlsfdq.dat

2010-05-19 06:14 . 2009-10-28 07:54 1 ----a-w- c:\users\florence\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys

2010-05-12 09:21 . 2009-10-03 09:22 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-04-16 06:07 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-03-09 16:54 . 2010-03-31 06:23 832512 ----a-w- c:\windows\system32\wininet.dll

2010-03-09 16:50 . 2010-03-31 06:23 56320 ----a-w- c:\windows\system32\iesetup.dll

2010-03-09 16:50 . 2010-03-31 06:23 78336 ----a-w- c:\windows\system32\ieencode.dll

2010-03-09 16:50 . 2010-03-31 06:23 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll

2010-03-09 16:48 . 2010-03-31 06:23 72704 ----a-w- c:\windows\system32\admparse.dll

2010-03-09 14:17 . 2010-03-31 06:23 26624 ----a-w- c:\windows\system32\ieUnatt.exe

2010-03-09 12:43 . 2010-03-31 06:23 48128 ----a-w- c:\windows\system32\mshtmler.dll

2006-05-03 10:06 . 2008-03-16 16:28 163328 --sh--r- c:\windows\System32\flvDX.dll

2007-02-21 11:47 . 2008-03-16 16:28 31232 --sh--r- c:\windows\System32\msfDX.dll

2007-12-17 13:43 . 2008-03-16 16:28 27648 --sh--w- c:\windows\System32\Smab0.dll

2008-02-04 19:26 . 2008-03-16 16:28 151040 --sh--w- c:\windows\System32\VistaUltm.dll

2007-10-05 08:32 . 2007-10-05 08:31 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-10-05 1006264]

"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648]

"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]

"MSPService"="c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-12 102400]

"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]

"lxdimon.exe"="c:\program files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-05-07 435120]

"lxdiamon"="c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 20480]

"FaxCenterServer"="c:\program files\\Lexmark Fax Solutions\fm3032.exe" [2007-05-07 312240]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"PhilipsDM\SA1916"="c:\program files\Philips\SA19XX\Philips Device Manager\Bin\LaunchDM.exe" [2008-05-11 47616]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

c:\users\florence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Notification de cadeaux MSN.lnk - c:\users\florence\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2010-2-22 135680]

OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

QLINK.lnk - c:\program files\Lexmark Applications\QLink\QLINK.EXE [2009-3-12 1346048]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1347002994-2086790049-3062189552-1002]

"EnableNotifications"=dword:00000001

"EnableNotificationsRef"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1347002994-2086790049-3062189552-1003]

"EnableNotificationsRef"=dword:00000001

R2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe [2007-04-26 99248]

S2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe [2007-04-26 517040]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Contenu du dossier 'Tâches planifiées'

2010-05-30 c:\windows\Tasks\Extension de garantie.job

- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-10-04 16:38]

2010-05-21 c:\windows\Tasks\Maintenance en 1 clic.job

- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 23:10]

.

.

------- Examen supplémentaire -------

.

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

FF - ProfilePath - c:\users\florence\AppData\Roaming\Mozilla\Firefox\Profiles\5kwg6ypb.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

FF - plugin: c:\users\florence\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-05-30 16:37

Windows 6.0.6000 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

c:\users\florence\AppData\Local\Temp\catchme.dll 53248 bytes executable

Scan terminé avec succès

Fichiers cachés: 1

**************************************************************************

.

Heure de fin: 2010-05-30 16:43:09

ComboFix-quarantined-files.txt 2010-05-30 14:43

Avant-CF: 46.139.174.912 octets libres

Après-CF: 46.804.443.136 octets libres

- - End Of File - - 1668CB1B7D664F9BC87C505949F2C09D

A voir également:

[Virus] Rapports Hijackthis et Combofix
Hijackthis windows 10 - Télécharger - Antivirus & Antimalwares
Youtu.be virus - Accueil - Guide virus
Svchost.exe virus - Guide
Faux message virus ordinateur - Accueil - Arnaque
Faux message virus iphone ✓ - Forum iPhone

4 réponses

Réponse 1 / 4

jtb Messages postés 152 Date d'inscription dimanche 10 mars 2002 Statut Membre Dernière intervention 12 septembre 2012 1
30 mai 2010 à 16:55

et voici le rapport HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:22:13, on 30/05/2010

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.17037)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe

C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe

C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Electronic Arts\EADM\Core.exe

C:\program files\Lexmark Applications\QLink\QLINK.EXE

C:\Users\florence\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Philips\SA19XX\Philips Device Manager\bin\DeviceManager.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\ComboFix\CF25319.cfxxe

C:\Users\florence\Desktop\HiJackThis.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\PEV.exe

C:\ComboFix\PEV.cfxxe

C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=BEFR&range=AD&phase=8&key=IESTART

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=BEFR&range=AD&phase=8&key=IESTART

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe

O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe

O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"

O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"

O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [PhilipsDM\SA1916] C:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\LaunchDM.exe OS_STARTUP

O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')

O4 - Startup: Notification de cadeaux MSN.lnk = florence\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: QLINK.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O13 - Gopher Prefix:

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: lmab_device - Unknown owner - C:\Windows\system32\LMabcoms.exe

O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe

O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

Réponse 2 / 4

jtb Messages postés 152 Date d'inscription dimanche 10 mars 2002 Statut Membre Dernière intervention 12 septembre 2012 1
31 mai 2010 à 07:49

Réponse 3 / 4

jtb Messages postés 152 Date d'inscription dimanche 10 mars 2002 Statut Membre Dernière intervention 12 septembre 2012 1
31 mai 2010 à 12:57

Up2

Réponse 4 / 4

jtb Messages postés 152 Date d'inscription dimanche 10 mars 2002 Statut Membre Dernière intervention 12 septembre 2012 1
31 mai 2010 à 20:10

Up3

Discussions similaires

Est ce que le site tlauncher est dangereux ?

Softonic,est-ce un virus ?

4 virus en raison d’un porno ????

problême Opéra est ce un virus??

Virus MSN Tinyurl