Isass.exe et Update.exe, désespéré :(
Résolu/Fermé
Gpowaaa
Messages postés
29
Date d'inscription
dimanche 8 novembre 2009
Statut
Membre
Dernière intervention
25 janvier 2010
-
9 nov. 2009 à 12:38
Utilisateur anonyme - 7 avril 2010 à 21:10
Utilisateur anonyme - 7 avril 2010 à 21:10
A voir également:
- Isass.exe et Update.exe, désespéré :(
- Windows10-22h2-update.exe - Guide
- Isass.exe - Forum Windows
- Isass.exe - Forum Virus
- Update.exe - Forum Virus
- Application Updater.exe ✓ - Forum logiciel systeme
54 réponses
Gpowaaa
Messages postés
29
Date d'inscription
dimanche 8 novembre 2009
Statut
Membre
Dernière intervention
25 janvier 2010
10 nov. 2009 à 16:13
10 nov. 2009 à 16:13
VT ?
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 272
11 nov. 2009 à 03:38
11 nov. 2009 à 03:38
Rends toi sur ce site :
https://www.virustotal.com/gui/
Clique sur parcourir et cherche ce fichier : C:\Program Files (x86)\Razer\Reclusa\razerhid.exe
Clique sur Send File.
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta réponse.
https://www.virustotal.com/gui/
Clique sur parcourir et cherche ce fichier : C:\Program Files (x86)\Razer\Reclusa\razerhid.exe
Clique sur Send File.
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta réponse.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Gpowaaa
Messages postés
29
Date d'inscription
dimanche 8 novembre 2009
Statut
Membre
Dernière intervention
25 janvier 2010
11 nov. 2009 à 07:27
11 nov. 2009 à 07:27
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.41 2009.11.11 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.10 -
Antiy-AVL 2.0.3.7 2009.11.11 -
Authentium 5.2.0.5 2009.11.11 -
Avast 4.8.1351.0 2009.11.10 -
AVG 8.5.0.423 2009.11.11 -
BitDefender 7.2 2009.11.11 -
CAT-QuickHeal 10.00 2009.11.10 -
ClamAV 0.94.1 2009.11.10 -
Comodo 2913 2009.11.11 -
DrWeb 5.0.0.12182 2009.11.10 -
eSafe 7.0.17.0 2009.11.10 -
eTrust-Vet 35.1.7113 2009.11.10 -
F-Prot 4.5.1.85 2009.11.10 -
F-Secure 9.0.15370.0 2009.11.09 -
Fortinet 3.120.0.0 2009.11.10 -
GData 19 2009.11.11 -
Ikarus T3.1.1.74.0 2009.11.11 -
Jiangmin 11.0.800 2009.11.11 -
K7AntiVirus 7.10.893 2009.11.10 -
Kaspersky 7.0.0.125 2009.11.11 -
McAfee 5798 2009.11.10 -
McAfee+Artemis 5798 2009.11.10 -
McAfee-GW-Edition 6.8.5 2009.11.11 -
Microsoft 1.5202 2009.11.10 -
NOD32 4594 2009.11.11 -
Norman 6.03.02 2009.11.10 -
nProtect 2009.1.8.0 2009.11.10 -
Panda 10.0.2.2 2009.11.10 -
PCTools 7.0.3.5 2009.11.10 -
Prevx 3.0 2009.11.11 -
Rising 22.21.02.01 2009.11.11 -
Sophos 4.47.0 2009.11.11 -
Sunbelt 3.2.1858.2 2009.11.11 -
Symantec 1.4.4.12 2009.11.11 -
TheHacker 6.5.0.2.065 2009.11.11 -
TrendMicro 9.0.0.1003 2009.11.10 -
VBA32 3.12.10.11 2009.11.10 -
ViRobot 2009.11.11.2030 2009.11.11 -
VirusBuster 4.6.5.0 2009.11.10 -
Information additionnelle
File size: 151552 bytes
MD5...: 2a9feacb2fd643b0810ab0dd41d40adb
SHA1..: 44068109d6ee7b827583a6e6e619df217e864db9
SHA256: d55833e4eced1dff88087b03e9ccfa0818174c16b1a98094702a2ad2e06ad5c1
ssdeep: 3072:DIVK0vknnDXY9SsEcrUpaLae/yq2sPAQiH1oLhv/jOfeI:DIVLZ4xAavqfP
V/j
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x585f
timedatestamp.....: 0x4a82782e (Wed Aug 12 08:07:10 2009)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x124fe 0x13000 6.39 712c94adcaa043689e784706376f733d
.rdata 0x14000 0x5010 0x6000 4.03 78d4f5d68842a7409e2eca3fde6a9d4c
.data 0x1a000 0x51e0 0x2000 3.36 f64c5ec253fb962b6ecf4ece4e66a8b0
.rsrc 0x20000 0x8a28 0x9000 3.61 2b928728d3d0241802bea7e709f37f91
( 10 imports )
> PSAPI.DLL: GetModuleBaseNameA, EnumProcesses, EnumProcessModules
> WINMM.dll: mciSendCommandA
> SHFOLDER.dll: SHGetFolderPathA
> KERNEL32.dll: LocalAlloc, TlsAlloc, GlobalHandle, TlsFree, GlobalReAlloc, TlsSetValue, LocalReAlloc, TlsGetValue, GlobalFlags, GetProcessVersion, GetCPInfo, GetOEMCP, SetErrorMode, GetCurrentProcess, WriteFile, SetFilePointer, FlushFileBuffers, RtlUnwind, GetStartupInfoA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, GetACP, HeapReAlloc, HeapSize, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, HeapDestroy, HeapCreate, VirtualFree, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadCodePtr, SetStdHandle, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetModuleHandleA, GlobalDeleteAtom, lstrcmpA, GetCurrentThread, GetCurrentThreadId, SetLastError, LocalFree, MultiByteToWideChar, WideCharToMultiByte, InterlockedDecrement, InterlockedIncrement, lstrlenA, lstrcpynA, OpenProcess, lstrcmpiA, LoadLibraryA, CreateSemaphoreA, CreateThread, ReleaseSemaphore, FreeLibrary, GetProcAddress, CreateFileA, WaitForSingleObject, DeviceIoControl, GetCurrentDirectoryA, Sleep, lstrcpyA, ExpandEnvironmentStringsA, WinExec, ReleaseMutex, CreateMutexA, GetLastError, CloseHandle, OpenFile, OutputDebugStringA, FindFirstFileA, FindClose, CreateDirectoryA, GetModuleFileNameA, CopyFileA, GetPrivateProfileIntA, GetPrivateProfileStructA, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalFree, WritePrivateProfileStringA, GetPrivateProfileStringA, GetCommandLineA
> USER32.dll: CopyRect, GetClientRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, LoadIconA, SetWindowTextA, ShowWindow, LoadCursorA, ClientToScreen, GetClassNameA, PtInRect, GetDC, ReleaseDC, TabbedTextOutA, DrawTextA, GrayStringA, GetSysColorBrush, DestroyMenu, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetDlgItem, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, DestroyWindow, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetWindow, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetWindowRect, GetSystemMetrics, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, EnableWindow, SetWindowLongA, MapVirtualKeyA, GetMessageA, KillTimer, SendMessageA, LoadStringA, SetTimer, FindWindowA, GetForegroundWindow, GetWindowThreadProcessId, AttachThreadInput, SetForegroundWindow, PostMessageA, keybd_event, mouse_event, GetMenu, GetTopWindow, TranslateMessage, UnregisterClassA
> GDI32.dll: SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, RestoreDC, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SaveDC, DeleteDC, DeleteObject, GetObjectA, SetBkColor, GetStockObject, SetTextColor, GetClipBox, CreateBitmap, SelectObject
> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA
> ADVAPI32.dll: RegSetValueExA, RegCreateKeyA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegCreateKeyExA
> SHELL32.dll: StrStrIA, ShellExecuteA
> COMCTL32.dll: -
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win64 Executable Generic (54.6%)
Win32 Executable MS Visual C++ (generic) (24.0%)
Windows Screen Saver (8.3%)
Win32 Executable Generic (5.4%)
Win32 Dynamic Link Library (generic) (4.8%)
sigcheck:
publisher....: Razer USA Ltd.
copyright....: Copyright (C) 2004
product......: razerhid Application
description..: razerhid MFC Application
original name: razerhid.EXE
internal name: razerhid
file version.: 1, 0, 0, 1
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
a-squared 4.5.0.41 2009.11.11 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.10 -
Antiy-AVL 2.0.3.7 2009.11.11 -
Authentium 5.2.0.5 2009.11.11 -
Avast 4.8.1351.0 2009.11.10 -
AVG 8.5.0.423 2009.11.11 -
BitDefender 7.2 2009.11.11 -
CAT-QuickHeal 10.00 2009.11.10 -
ClamAV 0.94.1 2009.11.10 -
Comodo 2913 2009.11.11 -
DrWeb 5.0.0.12182 2009.11.10 -
eSafe 7.0.17.0 2009.11.10 -
eTrust-Vet 35.1.7113 2009.11.10 -
F-Prot 4.5.1.85 2009.11.10 -
F-Secure 9.0.15370.0 2009.11.09 -
Fortinet 3.120.0.0 2009.11.10 -
GData 19 2009.11.11 -
Ikarus T3.1.1.74.0 2009.11.11 -
Jiangmin 11.0.800 2009.11.11 -
K7AntiVirus 7.10.893 2009.11.10 -
Kaspersky 7.0.0.125 2009.11.11 -
McAfee 5798 2009.11.10 -
McAfee+Artemis 5798 2009.11.10 -
McAfee-GW-Edition 6.8.5 2009.11.11 -
Microsoft 1.5202 2009.11.10 -
NOD32 4594 2009.11.11 -
Norman 6.03.02 2009.11.10 -
nProtect 2009.1.8.0 2009.11.10 -
Panda 10.0.2.2 2009.11.10 -
PCTools 7.0.3.5 2009.11.10 -
Prevx 3.0 2009.11.11 -
Rising 22.21.02.01 2009.11.11 -
Sophos 4.47.0 2009.11.11 -
Sunbelt 3.2.1858.2 2009.11.11 -
Symantec 1.4.4.12 2009.11.11 -
TheHacker 6.5.0.2.065 2009.11.11 -
TrendMicro 9.0.0.1003 2009.11.10 -
VBA32 3.12.10.11 2009.11.10 -
ViRobot 2009.11.11.2030 2009.11.11 -
VirusBuster 4.6.5.0 2009.11.10 -
Information additionnelle
File size: 151552 bytes
MD5...: 2a9feacb2fd643b0810ab0dd41d40adb
SHA1..: 44068109d6ee7b827583a6e6e619df217e864db9
SHA256: d55833e4eced1dff88087b03e9ccfa0818174c16b1a98094702a2ad2e06ad5c1
ssdeep: 3072:DIVK0vknnDXY9SsEcrUpaLae/yq2sPAQiH1oLhv/jOfeI:DIVLZ4xAavqfP
V/j
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x585f
timedatestamp.....: 0x4a82782e (Wed Aug 12 08:07:10 2009)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x124fe 0x13000 6.39 712c94adcaa043689e784706376f733d
.rdata 0x14000 0x5010 0x6000 4.03 78d4f5d68842a7409e2eca3fde6a9d4c
.data 0x1a000 0x51e0 0x2000 3.36 f64c5ec253fb962b6ecf4ece4e66a8b0
.rsrc 0x20000 0x8a28 0x9000 3.61 2b928728d3d0241802bea7e709f37f91
( 10 imports )
> PSAPI.DLL: GetModuleBaseNameA, EnumProcesses, EnumProcessModules
> WINMM.dll: mciSendCommandA
> SHFOLDER.dll: SHGetFolderPathA
> KERNEL32.dll: LocalAlloc, TlsAlloc, GlobalHandle, TlsFree, GlobalReAlloc, TlsSetValue, LocalReAlloc, TlsGetValue, GlobalFlags, GetProcessVersion, GetCPInfo, GetOEMCP, SetErrorMode, GetCurrentProcess, WriteFile, SetFilePointer, FlushFileBuffers, RtlUnwind, GetStartupInfoA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, GetACP, HeapReAlloc, HeapSize, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, HeapDestroy, HeapCreate, VirtualFree, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadCodePtr, SetStdHandle, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetModuleHandleA, GlobalDeleteAtom, lstrcmpA, GetCurrentThread, GetCurrentThreadId, SetLastError, LocalFree, MultiByteToWideChar, WideCharToMultiByte, InterlockedDecrement, InterlockedIncrement, lstrlenA, lstrcpynA, OpenProcess, lstrcmpiA, LoadLibraryA, CreateSemaphoreA, CreateThread, ReleaseSemaphore, FreeLibrary, GetProcAddress, CreateFileA, WaitForSingleObject, DeviceIoControl, GetCurrentDirectoryA, Sleep, lstrcpyA, ExpandEnvironmentStringsA, WinExec, ReleaseMutex, CreateMutexA, GetLastError, CloseHandle, OpenFile, OutputDebugStringA, FindFirstFileA, FindClose, CreateDirectoryA, GetModuleFileNameA, CopyFileA, GetPrivateProfileIntA, GetPrivateProfileStructA, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalFree, WritePrivateProfileStringA, GetPrivateProfileStringA, GetCommandLineA
> USER32.dll: CopyRect, GetClientRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, LoadIconA, SetWindowTextA, ShowWindow, LoadCursorA, ClientToScreen, GetClassNameA, PtInRect, GetDC, ReleaseDC, TabbedTextOutA, DrawTextA, GrayStringA, GetSysColorBrush, DestroyMenu, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetDlgItem, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, DestroyWindow, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetWindow, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetWindowRect, GetSystemMetrics, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, EnableWindow, SetWindowLongA, MapVirtualKeyA, GetMessageA, KillTimer, SendMessageA, LoadStringA, SetTimer, FindWindowA, GetForegroundWindow, GetWindowThreadProcessId, AttachThreadInput, SetForegroundWindow, PostMessageA, keybd_event, mouse_event, GetMenu, GetTopWindow, TranslateMessage, UnregisterClassA
> GDI32.dll: SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, RestoreDC, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SaveDC, DeleteDC, DeleteObject, GetObjectA, SetBkColor, GetStockObject, SetTextColor, GetClipBox, CreateBitmap, SelectObject
> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA
> ADVAPI32.dll: RegSetValueExA, RegCreateKeyA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegCreateKeyExA
> SHELL32.dll: StrStrIA, ShellExecuteA
> COMCTL32.dll: -
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win64 Executable Generic (54.6%)
Win32 Executable MS Visual C++ (generic) (24.0%)
Windows Screen Saver (8.3%)
Win32 Executable Generic (5.4%)
Win32 Dynamic Link Library (generic) (4.8%)
sigcheck:
publisher....: Razer USA Ltd.
copyright....: Copyright (C) 2004
product......: razerhid Application
description..: razerhid MFC Application
original name: razerhid.EXE
internal name: razerhid
file version.: 1, 0, 0, 1
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
Gpowaaa
Messages postés
29
Date d'inscription
dimanche 8 novembre 2009
Statut
Membre
Dernière intervention
25 janvier 2010
11 nov. 2009 à 07:29
11 nov. 2009 à 07:29
Heu, je vois mal comment le driver de mon clavier Razer Reclusa pourrait être un virus à part entière, à moins qu'il ait été contaminé, ce qui n'est sensiblement pas la même chose ?
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 272
11 nov. 2009 à 07:33
11 nov. 2009 à 07:33
il est propre
un reste à enlever
▶ Télécharge OTM (OldTimer) sur ton Bureau :
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
▶ Double-clique sur OTM.exe afin de le lancer.
▶ Copie (Ctrl+C) le texte en gras suivant ci-dessous :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
web mess.exe
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Framework"=-
:commands
[emptytemp]
[start explorer]
[reboot]
▶ Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
▶ Clique maintenant sur le bouton MoveIt! puis ferme OTM
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
▶ Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
*Le nom du rapport correspond au moment de sa création : date_heure.log
un reste à enlever
▶ Télécharge OTM (OldTimer) sur ton Bureau :
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
▶ Double-clique sur OTM.exe afin de le lancer.
▶ Copie (Ctrl+C) le texte en gras suivant ci-dessous :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
web mess.exe
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Framework"=-
:commands
[emptytemp]
[start explorer]
[reboot]
▶ Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
▶ Clique maintenant sur le bouton MoveIt! puis ferme OTM
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
▶ Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
*Le nom du rapport correspond au moment de sa création : date_heure.log
Gpowaaa
Messages postés
29
Date d'inscription
dimanche 8 novembre 2009
Statut
Membre
Dernière intervention
25 janvier 2010
12 nov. 2009 à 22:02
12 nov. 2009 à 22:02
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
No active process named web mess.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersio n\Run not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Arnaud
File delete failed. C:\Users\Arnaud\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be deleted on reboot.
->Temp folder emptied: 6789763 bytes
File delete failed. C:\Users\Arnaud\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 44406670 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 399565581 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
File delete failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be deleted on reboot.
Windows Temp folder emptied: 492478 bytes
RecycleBin emptied: 25749729 bytes
Total Files Cleaned = 454,94 mb
OTM by OldTimer - Version 3.0.0.6 log created on 11122009_215213
Files moved on Reboot...
C:\Users\Arnaud\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
LoadLibrary failed for C:\Windows\temp\logishrd\LVPrcInj02.dll
C:\Windows\temp\logishrd\LVPrcInj02.dll NOT unregistered.
File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
No active process named web mess.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersio n\Run not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Arnaud
File delete failed. C:\Users\Arnaud\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be deleted on reboot.
->Temp folder emptied: 6789763 bytes
File delete failed. C:\Users\Arnaud\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 44406670 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 399565581 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
File delete failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be deleted on reboot.
Windows Temp folder emptied: 492478 bytes
RecycleBin emptied: 25749729 bytes
Total Files Cleaned = 454,94 mb
OTM by OldTimer - Version 3.0.0.6 log created on 11122009_215213
Files moved on Reboot...
C:\Users\Arnaud\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
LoadLibrary failed for C:\Windows\temp\logishrd\LVPrcInj02.dll
C:\Windows\temp\logishrd\LVPrcInj02.dll NOT unregistered.
File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Gpowaaa
Messages postés
29
Date d'inscription
dimanche 8 novembre 2009
Statut
Membre
Dernière intervention
25 janvier 2010
12 nov. 2009 à 22:03
12 nov. 2009 à 22:03
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:02:40, on 12/11/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Razer\Reclusa\razerhid.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Razer\Reclusa\razertra.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
c:\program files\logitech\logitech webcam software\lu\lulnchr.exe
C:\program files\logitech\logitech webcam software\lu\LogitechUpdate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Reclusa] C:\Program Files (x86)\Razer\Reclusa\razerhid.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [framework] framework.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Arnaud\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
Scan saved at 22:02:40, on 12/11/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Razer\Reclusa\razerhid.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Razer\Reclusa\razertra.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
c:\program files\logitech\logitech webcam software\lu\lulnchr.exe
C:\program files\logitech\logitech webcam software\lu\LogitechUpdate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Reclusa] C:\Program Files (x86)\Razer\Reclusa\razerhid.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [framework] framework.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Arnaud\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 272
13 nov. 2009 à 06:56
13 nov. 2009 à 06:56
O4 - HKLM\..\Run: [framework] framework.exe
est toujours là
O13 - Gopher Prefix
est néfasre également
je soupconne hijackthis d'être quelque peu touché
et toujours pas d'anti virus
alors pour moi
installer anti vir +scan complet
https://www.commentcamarche.net/faq/16831-tutoriel-configuration-optimale-d-antivir-personal
supprimer hijackthis et à retélécharger
https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
est toujours là
O13 - Gopher Prefix
est néfasre également
je soupconne hijackthis d'être quelque peu touché
et toujours pas d'anti virus
alors pour moi
installer anti vir +scan complet
https://www.commentcamarche.net/faq/16831-tutoriel-configuration-optimale-d-antivir-personal
supprimer hijackthis et à retélécharger
https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
noctambule28
Messages postés
31791
Date d'inscription
samedi 12 mai 2007
Statut
Webmaster
Dernière intervention
13 février 2022
2 858
14 nov. 2009 à 13:00
14 nov. 2009 à 13:00
Salut les jeunes ;-))
C'est un seven ,
Donc gopher, comme pour vista, légitime......et si tu en arrives à cette conclusion, je crains que tu utilises un bot.
Si c'est Destrio qui te suis habituellement, ou d'autres, demande leur de te suivre , ici aussi, ça serait très constructif pour toi également. ( et sur tes autres sujets ), ou alors tu attends d'être un peu plus au points.
C'est un seven ,
Donc gopher, comme pour vista, légitime......et si tu en arrives à cette conclusion, je crains que tu utilises un bot.
Si c'est Destrio qui te suis habituellement, ou d'autres, demande leur de te suivre , ici aussi, ça serait très constructif pour toi également. ( et sur tes autres sujets ), ou alors tu attends d'être un peu plus au points.
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 272
14 nov. 2009 à 14:00
14 nov. 2009 à 14:00
je prends note de ta remarque...je ne veux pas l'oublier, celle ci
merci tout de même d'êtes passé
merci tout de même d'êtes passé
Utilisateur anonyme
7 avril 2010 à 21:10
7 avril 2010 à 21:10
salut pose ta question sur le forum tu auras plus de chancces d avoir une reponse qu'en fin de topic