Ecran bleu à la fermeture de Windows 7

Ecran bleu à la fermeture de Windows 7 - Virus/Spywares - Windows & Software

Marsh Posté le 18-01-2013 à 09:48:16    

Bonjour,
 
Depuis plusieurs semaines je n'arrive plus à redémarrer mon PC normalement. Lorsque j’étends le PC, le processus s’arrête et j'ai droit à un BlueScreen. Par conséquent aussi, je suis incapable d'installer les mises à jour officielles de Windows (Windows Update me dit que des màj sont dispo mais comme le reboot bloque sur un écran bleu, celles-ci ne s'installent pas). L'écran bleu donne une information technique :  
 

Citation :

A problem has been detected and Windows has been shut down to prevent damage to your computer
Technical Information
*** STOP : 0x000000F4 (0x00000000000000003, 0xFFFFFA8006F6C060, 0xFFFFFA8006F6C340, 0xFFFFF8000358E460)


 
Je précise également que je reçois pas mal d'alerte virus scan me disant qu'il (McAffee) a supprimé des tas de trojans. Ces trojans sont liés à un programme que je n'ai jamais installé et qui se nomme DUMeterUpdater.exe. J'ai réussi à supprimer ce programme en démarrant mon PC en mode sans échec et depuis je ne reçois plus d'alertes virus scan.
 
Par contre je reçois des pop-ups d'un autre alerte scan (qui me dit que je n'ai plus que 2 jours pour m'enregistrer) que je n'ai pas non plus installé et qui doit sans doute être un virus aussi.
 
Mon navigateur Chrome plante de plus en plus souvent et lorsque je regarde dans le gestionnaire des taches Windows, je vois une quinzaine de processus chrome32.exe que je dois arrêter manuellement avant de pouvoir redémarrer Chrome
 
- J'ai déjà effectué un scan complet avec SpyBot : Aucun mouchard trouvé
- J'ai lancé un rapport HiJackThis (que je mets ici en bas)
 
Si quelqu'un a une idée, elle sera la bienvenue. Si vous avez besoin de plus d'infos, n'hésitez pas.
 
Merci d'avance !!
 
Voici le rapport HiJackThis :  
 

Citation :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:56:50, on 18/01/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
 
Running processes:
C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Users\falb\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\falb\Documents\aaBackup\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\ProgramData\DumeterUpdater.exe
C:\Users\falb\AppData\Local\Microsoft\svchost.exe
C:\Users\falb\AppData\Local\Temp\Windows\msvcchost.exe
C:\Program Files (x86)\Digital Line Detect\DLG.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\falb\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing-tray.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files (x86)\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files (x86)\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files (x86)\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\TechSmith\Snagit 9\snagiteditor.exe
C:\Program Files (x86)\lotus\notes\NLNOTES.EXE
C:\Program Files (x86)\lotus\notes\ntaskldr.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\MMTaskbar\MultiMon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\falb\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =  
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AXI
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =  
R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121212150826.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll
"O4 - HKLM\..\Run: [ConnectionCenter] ""C:\Program Files (x86)\Citrix\ICA Client\concentr.exe"" /startup"
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"O4 - HKLM\..\Run: [NUSB3MON] ""C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"""
"O4 - HKLM\..\Run: [SunJavaUpdateSched] ""C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"""
"O4 - HKLM\..\Run: [ShStatEXE] ""C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE"" /STANDALONE"
"O4 - HKLM\..\Run: [APSDaemon] ""C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"""
"O4 - HKLM\..\Run: [iTunesHelper] ""C:\Program Files (x86)\iTunes\iTunesHelper.exe"""
"O4 - HKLM\..\Run: [beid] ""C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe"" /startup"
"O4 - HKLM\..\Run: [Adobe ARM] ""C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"""
"O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] ""C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"""
"O4 - HKLM\..\Run: [fb52d255430fd3d7941af6c7eb99151b] ""C:\ProgramData\DumeterUpdater.exe"" .."
"O4 - HKLM\..\Run: [McAfeeUpdaterUI] ""C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe"" /StartedFromRunKey"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
"O4 - HKCU\..\Run: [googletalk] ""C:\Program Files (x86)\Google\Google Talk\googletalk.exe"" /autostart"
"O4 - HKCU\..\Run: [Google Update] ""C:\Users\falb\AppData\Local\Google\Update\GoogleUpdate.exe"" /c"
"O4 - HKCU\..\Run: [MusicManager] ""C:\Users\falb\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"""
"O4 - HKCU\..\Run: [Speech Recognition] ""C:\Windows\Speech\Common\sapisvr.exe"" -SpeechUX -Startup"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
"O4 - HKCU\..\Run: [GoogleDriveSync] ""C:\Program Files (x86)\Google\Drive\googledrivesync.exe"" /autostart"
"O4 - HKCU\..\Run: [Spotify Web Helper] ""C:\Users\falb\Documents\aaBackup\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"""
"O4 - HKCU\..\Run: [EasyPHP] ""C:\Program Files (x86)\EasyPHP-12.0\EasyPHP-12.0.exe"""
"O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D3BC0E77118A7442942569727F51AE3A] ""C:\Users\falb\AppData\Local\Google\Chrome\Application\chrome.exe"" --no-startup-window"
"O4 - HKCU\..\Run: [fb52d255430fd3d7941af6c7eb99151b] ""C:\ProgramData\DumeterUpdater.exe"" .."
O4 - HKCU\..\Run: [Windows Update] C:\Users\falb\AppData\Local\Microsoft\svchost.exe
O4 - HKCU\..\Run: [msvcchost.exe] C:\Users\falb\AppData\Local\Temp\Windows\msvcchost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4251158904-2297889655-2758202847-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4251158904-2297889655-2758202847-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = falb\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: fb52d255430fd3d7941af6c7eb99151b.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files (x86)\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files (x86)\Digital Line Detect\DLG.exe
O4 - Global Startup: MultiMon Taskbar.lnk = C:\Program Files (x86)\MMTaskbar\MultiMon.exe
O4 - Global Startup: Snagit 9.lnk = C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\falb\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Internal - {70D31959-7820-47A5-8ADA-AC7F95B4662F} - http://Citrix (file missing) (HKCU)
O9 - Extra button: External - {AC91C023-2248-4EED-9AE0-C21CCF533ABB} - https://citrix.axi.be (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://wlu1114be.axi.intra
O15 - Trusted Zone: http://mach.roj.just.fgov.be
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} (IASRunner Class) - http://support.lenovo.com/Resource [...] pirexe.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://remote.axi.be/dana-cached/s [...] Client.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = axi.intra
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = axi.intra
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = axi.intra
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
"O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
"O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll"
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Esker License Control (EskerLicenseControl) - Esker - C:\PROGRA~2\TUN\COMMON\ESLCBCST.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lotus Notes Diagnostics - IBM - C:\Program Files (x86)\lotus\notes\nsd.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 24257 bytes


 

Reply

Marsh Posté le 18-01-2013 à 09:48:16   

Reply

Marsh Posté le 18-01-2013 à 14:25:55    

J'ai passé un coup de ComboFix et cela semble résolu..

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed