Se connecter / S'enregistrer
Votre question

infection pc par virtumonde

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Septembre 2008 11:52:31

bonjour,
depuis hier soir j'ai des pop up qui s'ouvrent regulierement avec IE
j'ai donc lancé une recherche avec spybot et il me trouve virtumonde ,virtumonde.dll et virtumonde.prx
je le nettoie mais il revient qqs instants plus tard
j'ai vu en regardant les sujets precedents que je ne suis pas le seul :-(
mais je suis un noob dans la desinfection de ce genre de virus et j'ai besoin d'aide d'un expert
merci

Autres pages sur : infection virtumonde

10 Septembre 2008 12:09:24

j'ai scanné avec combo.fix
je ne sais pas s'il fallait le faire...

j'envoie quand meme le rapport



ComboFix 08-09-05.14 - nono 2008-09-10 11:55:09.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1072 [GMT 2:00]
Endroit: C:\Users\nono\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
* Resident AV is active

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\nono\AppData\Local\Temp\vnuaakpu.dll
C:\Users\nono\AppData\Roaming\inst.exe

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-08-10 to 2008-09-10 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier cr‚‚ dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-10 07:56 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-10 07:53 --------- d-----w C:\Program Files\Microsoft Works
2008-09-09 22:02 69,689 ----a-w C:\Windows\UNZIP.DLL
2008-09-09 22:02 507,904 ----a-w C:\Windows\TMUPDATE.DLL
2008-09-09 22:02 286,720 ----a-w C:\Windows\PATCH.EXE
2008-09-09 19:56 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-09-09 15:37 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-09 12:51 --------- d---a-w C:\ProgramData\TEMP
2008-09-09 09:42 --------- d-----w C:\ProgramData\PC Tools
2008-09-08 14:44 --------- d-----w C:\Users\nono\AppData\Roaming\InstallShield
2008-09-08 14:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-08 14:42 --------- d-----w C:\ProgramData\UDL
2008-09-08 14:42 --------- d-----w C:\Program Files\epson
2008-09-08 14:41 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-08 14:11 --------- d-----w C:\Users\nono\AppData\Roaming\My Games
2008-09-08 14:11 --------- d-----w C:\Program Files\Firaxis Games
2008-09-08 11:58 --------- d-----w C:\Program Files\AIDA32 - Personal System Information
2008-09-07 15:23 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-09-07 12:47 163,644 ----a-w C:\Windows\system32\drivers\SECDRV.SYS
2008-09-07 12:26 --------- d-----w C:\ProgramData\LightScribe
2008-09-07 12:26 --------- d-----w C:\ProgramData\Droppix
2008-09-07 12:25 --------- d-----w C:\Users\nono\AppData\Roaming\Droppix
2008-09-07 12:25 --------- d-----w C:\Program Files\Common Files\Droppix
2008-09-07 12:24 --------- d-----w C:\Program Files\Droppix
2008-09-07 09:19 --------- d-----w C:\Program Files\CCleaner
2008-09-05 05:37 --------- d-----w C:\Program Files\McAfee
2008-09-02 12:56 --------- d-----w C:\Program Files\mp3DirectCut
2008-08-30 10:19 --------- d-----w C:\Program Files\Common Files\xing shared
2008-08-30 10:19 --------- d-----w C:\Program Files\Common Files\Real
2008-08-30 10:18 --------- d-----w C:\Program Files\Real
2008-08-24 17:36 --------- d-----w C:\Users\nono\AppData\Roaming\TomTom
2008-08-24 17:36 --------- d-----w C:\Program Files\TomTom HOME 2
2008-08-24 17:35 --------- d-----w C:\Program Files\TomTom HOME
2008-08-19 08:24 --------- d-----w C:\Users\nono\AppData\Roaming\SiteAdvisor
2008-08-14 18:53 --------- d-----w C:\Program Files\Windows Mail
2008-08-14 14:23 --------- d-----w C:\Users\nono\AppData\Roaming\PC Suite
2008-08-14 11:21 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-08-14 11:20 --------- d-----w C:\Users\nono\AppData\Roaming\NSeries
2008-08-14 10:48 --------- d-----w C:\Program Files\GigaTribe
2008-08-14 10:15 --------- d-----w C:\Users\nono\AppData\Roaming\GigaTribe
2008-08-13 15:20 --------- d-----w C:\Program Files\Nokia
2008-08-13 15:18 --------- d-----w C:\Program Files\Common Files\Nokia
2008-08-13 15:17 --------- d-----w C:\ProgramData\Installations
2008-08-13 15:09 --------- d-----w C:\ProgramData\PC Suite
2008-08-11 17:01 --------- d-----w C:\Users\nono\AppData\Roaming\Nokia
2008-08-11 16:47 --------- d-----w C:\ProgramData\Nokia
2008-08-11 16:43 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-08-11 16:42 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-07-31 03:34 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-07-31 03:34 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:34 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:34 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-30 23:32 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-07-19 11:17 --------- d-----w C:\Program Files\Java
2008-07-10 07:51 174 --sha-w C:\Program Files\desktop.ini
2008-06-27 03:54 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-04-16 12:51 47,360 ----a-w C:\Users\nono\AppData\Roaming\pcouffin.sys
2008-03-22 16:51 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-03-22 16:51 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-03-22 16:51 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2007-08-24 36640]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-08-30 185896]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-10 C:\Windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= C:\PROGRA~1\CYBERL~1\PowerDV\Kernel\Burner\MKDMP3Enc.ACM

[HKLM\~\startupfolder\C:^Users^nono^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GigaTribe.lnk]
path=C:\Users\nono\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GigaTribe.lnk
backup=C:\Windows\pss\GigaTribe.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^nono^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk]
path=C:\Users\nono\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk
backup=C:\Windows\pss\OneNote 2007 - Capture d'écran et lancement.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-02-26 20:46 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]
--a------ 2007-09-07 14:44 3100672 C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-09-04 05:00 1006264 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9429798D-135D-4CE5-9BAC-C5F9A0880813}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4B94F182-700E-4F74-BA83-0ECA480C83CB}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6AB9A789-79C1-4100-BCBB-31BF455AD935}"= C:\Program Files\CyberLink\PowerDV\PowerDV.exe:CyberLink PowerDV
"{EF26A40F-2E4C-4E4A-82B5-11EB4FF6B38B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{246DADE4-5E36-4DC6-A2D4-C561D7CF0C24}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{06EE6276-0A2A-4C9C-910C-4FDB3B695922}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-04-11 2589696]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys [2007-04-04 46592]
S3 Droppix Service;Droppix Service;C:\Program Files\Common Files\Droppix\DxService.exe [2008-02-01 151552]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{12b5b120-0656-11dd-81f7-00030d7325fa}]
\shell\AutoRun\command - F:\InstallTomTomHOME.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.lequipe.fr/
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-10 12:00:40
Windows 6.0.6000 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\Windows\Explorer.exe
-> C:\Program Files\SiteAdvisor\6261\saHook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\Ati2evxx.exe
C:\Windows\System32\audiodg.exe
C:\Windows\System32\Ati2evxx.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\McAfee\MSK\msksrver.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Windows\System32\conime.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
C:\Windows\System32\wbem\WMIADAP.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\msfeedssync.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-09-10 12:05:26 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-10 10:05:11

Pre-Run: Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Post-Run: 61,101,346,816 octets libres

196 --- E O F --- 2008-09-10 07:57:36
10 Septembre 2008 12:21:15

autre scan ...
Logfile of HijackThis v1.99.1
Scan saved at 12:19:12, on 10/09/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)

Running processes:
C:\Windows\system32\Dwm.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\nono\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lequipe.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - (no file)
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS