Winexplore.exe et updater.exe
cRL
-
cRL -
cRL -
Bonjour,
Hier en faisant une connerie j'ai eu le malheur d'ouvrir un spyware, détecté immédiatement par Avast.
La connerie est que je croyais le programme, un programme de confiance et comme un *** j'ai débloqué.
Là le résident spybot m'a demandé des modifications de registre et étant donné que j'ai vu que j'avais fais une connerie j'ai tout refusé.
Les modifications était pour un programme dit winexpore.exe
08.03.2008 01:59:16 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:22 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:22 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:24 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:25 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:38 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:39 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:54 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:55 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:57 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:57 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 02:00:03 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 02:00:03 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 02:00:11 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 02:00:11 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
Pensant que le spyware n'ait pu s'installer grâce à ce bloquage, je me suis sentis rassuré...
Mais depuis, quand je navigue sur le web, 1 page sur 4 affiche cette erreur :
>Serveur introuvable
>
>Firefox ne peut trouver le serveur à l'adresse www._____.com.
>
> * Veuillez vérifier la syntaxe de l'adresse
> (saisie de ww.exemple.com au lieu de
> www.exemple.com par exemple) ;
>
> * Si vous n'arrivez à naviguer sur aucun site, vérifiez la connexion
> au réseau de votre ordinateur ;
>
> * Si votre ordinateur ou votre réseau est protégé par un pare-feu ou un proxy,
> assurez-vous que Firefox a l'autorisation d'accéder au Web.
Je pense que ces problèmes viennent de ce fameux winexplore.
J'ai vérifié toute la base de registre et supprimé tous les restes... mais apparemment cela n'a pas suffi.
J'ai lancé Avast en scan minutieux, spybot et regcleaner, sans succès...
J'ai fais un log Hijackthis en pensant que ça pourrais vous aider à trouver le problème :
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [DownloadStudio] D:\Program Files\Conceiva\DownloadStudio\DownloadStudioScheduleMonitor.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [IDMan] D:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: &Download All with FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all links with IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - D:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download Image Using DownloadStudio... - D:\Program Files\Conceiva\DownloadStudio\ds_img.htm
O8 - Extra context menu item: Download Page Using DownloadStudio... - D:\Program Files\Conceiva\DownloadStudio\ds_all.htm
O8 - Extra context menu item: Download Selection Using DownloadStudio... - D:\Program Files\Conceiva\DownloadStudio\ds_sel.htm
O8 - Extra context menu item: Download Target Using DownloadStudio... - D:\Program Files\Conceiva\DownloadStudio\ds_file.htm
O8 - Extra context menu item: Download with IDM - D:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Show Page Links Using DownloadStudio... - D:\Program Files\Conceiva\DownloadStudio\ds_link.htm
O8 - Extra context menu item: Subscribe To RSS Feed... - D:\Program Files\Conceiva\DownloadStudio\ds_rss.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {4D0C4820-53F7-4d79-A2E1-5252683CF69C} - D:\Program Files\Conceiva\DownloadStudio\DownloadStudio.exe
O9 - Extra 'Tools' menuitem: &DownloadStudio - {4D0C4820-53F7-4d79-A2E1-5252683CF69C} - D:\Program Files\Conceiva\DownloadStudio\DownloadStudio.exe
O9 - Extra button: DownloadStudio - {7FCA7BD7-8F4D-4a81-BE72-A470F4E517D5} - D:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "D:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "D:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
Hier en faisant une connerie j'ai eu le malheur d'ouvrir un spyware, détecté immédiatement par Avast.
La connerie est que je croyais le programme, un programme de confiance et comme un *** j'ai débloqué.
Là le résident spybot m'a demandé des modifications de registre et étant donné que j'ai vu que j'avais fais une connerie j'ai tout refusé.
Les modifications était pour un programme dit winexpore.exe
08.03.2008 01:59:16 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:22 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:22 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:24 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:25 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:38 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:39 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:54 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:55 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:57 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 01:59:57 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 02:00:03 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 02:00:03 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 02:00:11 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
08.03.2008 02:00:11 Refusé(e) (based on user decision) value "Windows Updater" (new data: "winExplore.exe") ajouté(e) in System Startup global entry!
Pensant que le spyware n'ait pu s'installer grâce à ce bloquage, je me suis sentis rassuré...
Mais depuis, quand je navigue sur le web, 1 page sur 4 affiche cette erreur :
>Serveur introuvable
>
>Firefox ne peut trouver le serveur à l'adresse www._____.com.
>
> * Veuillez vérifier la syntaxe de l'adresse
> (saisie de ww.exemple.com au lieu de
> www.exemple.com par exemple) ;
>
> * Si vous n'arrivez à naviguer sur aucun site, vérifiez la connexion
> au réseau de votre ordinateur ;
>
> * Si votre ordinateur ou votre réseau est protégé par un pare-feu ou un proxy,
> assurez-vous que Firefox a l'autorisation d'accéder au Web.
Je pense que ces problèmes viennent de ce fameux winexplore.
J'ai vérifié toute la base de registre et supprimé tous les restes... mais apparemment cela n'a pas suffi.
J'ai lancé Avast en scan minutieux, spybot et regcleaner, sans succès...
J'ai fais un log Hijackthis en pensant que ça pourrais vous aider à trouver le problème :
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [DownloadStudio] D:\Program Files\Conceiva\DownloadStudio\DownloadStudioScheduleMonitor.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [IDMan] D:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: &Download All with FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all links with IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - D:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download Image Using DownloadStudio... - D:\Program Files\Conceiva\DownloadStudio\ds_img.htm
O8 - Extra context menu item: Download Page Using DownloadStudio... - D:\Program Files\Conceiva\DownloadStudio\ds_all.htm
O8 - Extra context menu item: Download Selection Using DownloadStudio... - D:\Program Files\Conceiva\DownloadStudio\ds_sel.htm
O8 - Extra context menu item: Download Target Using DownloadStudio... - D:\Program Files\Conceiva\DownloadStudio\ds_file.htm
O8 - Extra context menu item: Download with IDM - D:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Show Page Links Using DownloadStudio... - D:\Program Files\Conceiva\DownloadStudio\ds_link.htm
O8 - Extra context menu item: Subscribe To RSS Feed... - D:\Program Files\Conceiva\DownloadStudio\ds_rss.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {4D0C4820-53F7-4d79-A2E1-5252683CF69C} - D:\Program Files\Conceiva\DownloadStudio\DownloadStudio.exe
O9 - Extra 'Tools' menuitem: &DownloadStudio - {4D0C4820-53F7-4d79-A2E1-5252683CF69C} - D:\Program Files\Conceiva\DownloadStudio\DownloadStudio.exe
O9 - Extra button: DownloadStudio - {7FCA7BD7-8F4D-4a81-BE72-A470F4E517D5} - D:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "D:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "D:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
A voir également:
- Winexplore.exe et updater.exe
- Updater.exe - Télécharger - Édition & Programmation
3 réponses
J'ai oublié de spécifié, dans la minute du drame il y avait aussi :
08.03.2008 01:58:49 Refusé(e) (based on user decision) value "wextract_cleanup0" (new data: "rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Sylvain\LOCALS~1\Temp\IXP001.TMP\"") ajouté(e) in System Startup global entry!
08.03.2008 01:59:03 Refusé(e) (based on user decision) value "wextract_cleanup0" (new data: "rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Sylvain\LOCALS~1\Temp\IXP001.TMP\"") ajouté(e) in System Startup global entry!
08.03.2008 01:58:49 Refusé(e) (based on user decision) value "wextract_cleanup0" (new data: "rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Sylvain\LOCALS~1\Temp\IXP001.TMP\"") ajouté(e) in System Startup global entry!
08.03.2008 01:59:03 Refusé(e) (based on user decision) value "wextract_cleanup0" (new data: "rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Sylvain\LOCALS~1\Temp\IXP001.TMP\"") ajouté(e) in System Startup global entry!
