Thread: Constant window minimising/tab
View Single Post
Old 05-07-2008, 03:35 PM   #4 (permalink)
Kokojo
Registered User
 
Join Date: May 2008
Posts: 18
OS: Windows Xp/ Tiger


Re: Constant window minimising/tab
Hello and thanks for you instructions, time, and help.

Ive now found another thing, it seems to press the windows button, not the tab/shift.

I could't make the C:\SDFix\Report.txt . When i start my computer, i can start as a mac, or a pc, and if i start as a pc, my Keyboard isin't taken in charge until the User icons appear. So i could't even start it in safe mode.

Combo fix log : (also in joined files)

ComboFix 08-05-01.3 - Benjamin 2008-05-07 18:10:48.1 - FAT32x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.681 [GMT -4:00]
Endroit: C:\Documents and Settings\Benjamin\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Benjamin\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.url
C:\Documents and Settings\All Users\Menu Démarrer\Security Troubleshooting.url
C:\Documents and Settings\Benjamin\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat
C:\WINDOWS\dkxrstqnog.dll
C:\WINDOWS\Installer\{12233bb6-6135-43af-89d0-ead08d1a274b}
C:\WINDOWS\Installer\{12233bb6-6135-43af-89d0-ead08d1a274b}\zip.dll
C:\WINDOWS\Installer\{377ba2a0-0ad8-4831-a2d0-0690d11500a7}
C:\WINDOWS\Installer\{377ba2a0-0ad8-4831-a2d0-0690d11500a7}\RomKernel.dll
C:\WINDOWS\system32\_000007_.tmp.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-07 to 2008-05-07 ))))))))))))))))))))))))))))))))))))
.

2008-05-06 18:32 . 2008-05-06 18:32 33,824 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2008-05-06 18:30 . 2008-05-06 18:30 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-05-04 12:43 . 2008-05-04 12:43 <REP> d-------- C:\Deckard
2008-05-04 12:03 . 2008-05-04 12:03 <REP> d-------- C:\Program Files\Panda Security
2008-05-03 22:05 . 2008-05-03 22:05 <REP> d--hs---- C:\FOUND.031
2008-05-03 14:30 . 2008-05-03 14:30 <REP> d-------- C:\Program Files\MSN Messenger
2008-05-01 15:24 . 2008-05-06 21:06 12 --a------ C:\WINDOWS\bthservsdp.dat
2008-05-01 14:30 . 2008-05-01 14:30 <REP> d--hs---- C:\FOUND.030
2008-05-01 13:21 . 2008-05-01 13:21 <REP> d-------- C:\Program Files\Softnyx
2008-04-29 22:29 . 2004-08-04 00:54 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-04-29 22:29 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-04-29 22:29 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2008-04-29 22:29 . 2001-08-23 17:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-04-29 19:25 . 2008-04-29 19:25 <REP> d--hs---- C:\FOUND.029
2008-04-28 23:45 . 2008-04-28 23:45 <REP> d--hs---- C:\FOUND.028
2008-04-28 19:46 . 2008-04-28 19:46 16,472 --a------ C:\Program Files\tmp130859.exe
2008-04-28 18:26 . 2008-04-28 18:26 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-28 18:26 . 2008-04-28 18:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-28 17:37 . 2008-04-28 17:37 <REP> d-------- C:\Program Files\ClamWin
2008-04-28 17:37 . 2008-04-28 17:37 <REP> d-------- C:\Documents and Settings\Benjamin\Application Data\.clamwin
2008-04-28 17:37 . 2008-04-28 17:37 <REP> d-------- C:\Documents and Settings\All Users\.clamwin
2008-04-28 14:49 . 2008-04-28 14:49 16,476 --a------ C:\Program Files\tmp34484.exe
2008-04-27 20:45 . 2008-04-27 20:45 16,536 --a------ C:\Program Files\tmp160765.exe
2008-04-27 20:36 . 2008-04-27 20:36 16,484 --a------ C:\Program Files\tmp36625.exe
2008-04-27 20:06 . 2008-04-27 20:06 16,580 --a------ C:\Program Files\tmp48421.exe
2008-04-27 17:57 . 2008-05-05 20:24 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-04-27 17:57 . 2008-04-28 14:37 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-04-27 17:57 . 2008-05-05 20:24 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-04-27 17:16 . 2008-04-27 17:16 16,512 --a------ C:\Program Files\tmp197625.exe
2008-04-27 06:34 . 2008-04-27 06:34 16,544 --a------ C:\Program Files\tmp327453.exe
2008-04-24 20:27 . 2008-04-24 20:27 16,488 --a------ C:\Program Files\tmp63375.exe
2008-04-22 19:54 . 2008-04-22 19:54 16,520 --a------ C:\Program Files\tmp71156.exe
2008-04-21 19:55 . 2008-04-21 19:55 16,608 --a------ C:\Program Files\tmp37562.exe
2008-04-18 22:58 . 2008-04-18 22:58 16,524 --a------ C:\Program Files\tmp40359.exe
2008-04-11 08:22 . 2008-04-11 08:22 16,444 --a------ C:\Program Files\tmp37937.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-28 18:37 16,508 ----a-w C:\Program Files\tmp34546.exe
2008-04-19 21:39 16,476 ----a-w C:\Program Files\tmp61734.exe
2008-04-10 20:44 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-04-10 20:39 16,648 ----a-w C:\Program Files\tmp39593.exe
2008-04-04 15:28 16,584 ----a-w C:\Program Files\tmp35218.exe
2008-04-04 15:03 16,512 ----a-w C:\Program Files\tmp253156.exe
2008-04-04 15:02 --------- d-----w C:\Documents and Settings\Pierre Julien\Application Data\Ventrilo
2008-04-04 15:00 16,600 ----a-w C:\Program Files\tmp36140.exe
2008-03-30 19:19 16,548 ----a-w C:\Program Files\tmp40562.exe
2008-03-30 16:17 16,448 ----a-w C:\Program Files\tmp122390.exe
2008-03-30 12:39 --------- d-----w C:\Program Files\ImpotRapide 2007
2008-03-30 12:39 --------- d-----w C:\Documents and Settings\Pierre Julien\Application Data\Intuit Canada
2008-03-30 12:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Intuit Canada
2008-03-30 12:27 16,588 ----a-w C:\Program Files\tmp129203.exe
2008-03-23 19:16 16,560 ----a-w C:\Program Files\tmp44281.exe
2008-03-21 18:32 16,596 ----a-w C:\Program Files\tmp38187.exe
2008-03-21 01:17 16,572 ----a-w C:\Program Files\tmp504375.exe
2008-03-20 18:59 16,636 ----a-w C:\Program Files\tmp37703.exe
2008-03-20 17:58 16,652 ----a-w C:\Program Files\tmp50484.exe
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-20 02:53 16,468 ----a-w C:\Program Files\tmp39218.exe
2008-03-19 22:21 --------- d-----w C:\Program Files\Common Files
2008-03-19 20:52 16,572 ----a-w C:\Program Files\tmp82343.exe
2008-03-19 01:54 16,604 ----a-w C:\Program Files\tmp37875.exe
2008-03-18 19:58 16,440 ----a-w C:\Program Files\tmp61781.exe
2008-03-17 20:05 16,456 ----a-w C:\Program Files\tmp37421.exe
2008-03-16 21:12 16,524 ----a-w C:\Program Files\tmp162375.exe
2008-03-15 23:17 16,584 ----a-w C:\Program Files\tmp84265.exe
2008-03-14 18:52 16,564 ----a-w C:\Program Files\tmp43921.exe
2008-03-14 15:42 16,588 ----a-w C:\Program Files\tmp38390.exe
2008-03-14 03:07 16,588 ----a-w C:\Program Files\tmp32171.exe
2008-03-14 02:42 16,464 ----a-w C:\Program Files\tmp127250.exe
2008-03-13 20:05 16,648 ----a-w C:\Program Files\tmp126343.exe
2008-03-12 23:00 --------- d-sh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-03-12 22:59 --------- d-----w C:\Program Files\Windows Live
2008-03-12 22:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-12 00:08 16,460 ----a-w C:\Program Files\tmp173843.exe
2008-03-12 00:02 16,452 ----a-w C:\Program Files\tmp37062.exe
2008-03-11 20:33 16,552 ----a-w C:\Program Files\tmp36218.exe
2008-03-10 20:31 16,608 ----a-w C:\Program Files\tmp142375.exe
2008-03-10 04:46 16,588 ----a-w C:\Program Files\tmp172609.exe
2008-03-09 22:40 16,472 ----a-w C:\Program Files\tmp60953.exe
2008-03-09 21:41 16,472 ----a-w C:\Program Files\tmp38078.exe
2008-03-08 14:04 16,512 ----a-w C:\Program Files\tmp70734.exe
2008-03-07 23:27 16,500 ----a-w C:\Program Files\tmp38437.exe
2008-03-07 17:28 16,544 ----a-w C:\Program Files\tmp43468.exe
2008-03-07 17:10 16,596 ----a-w C:\Program Files\tmp200281.exe
2008-03-07 00:11 16,640 ----a-w C:\Program Files\tmp156984.exe
2008-03-06 22:26 16,508 ----a-w C:\Program Files\tmp131234.exe
2008-03-06 15:32 16,536 ----a-w C:\Program Files\tmp42375.exe
2008-03-06 15:06 16,536 ----a-w C:\Program Files\tmp366218.exe
2008-03-05 23:52 16,564 ----a-w C:\Program Files\tmp35765.exe
2008-03-05 18:29 16,508 ----a-w C:\Program Files\tmp127062.exe
2008-03-05 17:43 16,640 ----a-w C:\Program Files\tmp60796.exe
2008-03-05 16:53 16,544 ----a-w C:\Program Files\tmp39750.exe
2008-03-04 21:25 16,468 ----a-w C:\Program Files\tmp60000.exe
2008-03-04 20:04 16,456 ----a-w C:\Program Files\tmp35875.exe
2008-03-04 01:02 16,532 ----a-w C:\Program Files\tmp155578.exe
2008-03-03 21:10 16,492 ----a-w C:\Program Files\tmp71906.exe
2008-03-03 18:51 16,500 ----a-w C:\Program Files\tmp39546.exe
2008-03-03 18:46 16,548 ----a-w C:\Program Files\tmp67343.exe
2008-03-03 17:53 35,816 ----a-w C:\Program Files\instaler.exe
2008-03-03 17:53 16,556 ----a-w C:\Program Files\tmp14564328.exe
2008-03-03 08:58 102,400 ----a-w C:\WINDOWS\fqspogw.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:35 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-16 22:32 3,080,704 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-15 09:23 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
2002-06-10 21:30 7,175,689 ----a-w C:\Program Files\SC4_E3_hi.mov
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
"Fraps"="C:\FRAPS\FRAPS\FRAPS.EXE" [2007-07-12 03:15 913064]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleTime"="C:\WINDOWS\system32\AppleTime.exe" [2006-07-14 17:18 65536]
"Brightness"="C:\WINDOWS\system32\Brightness.exe" [2006-09-26 17:17 172032]
"Apple_KbdMgr"="C:\Program Files\Apple Keyboard Support\KbdMgr.exe" [2006-10-24 17:38 315392]
"SigmatelSysTrayApp"="sttray.exe" []
"BluetoothAuthenticationAgent"="rundll32.exe" [2004-08-05 12:00 33792 C:\WINDOWS\system32\rundll32.exe]
"ClamWin"="C:\Program Files\ClamWin\bin\ClamTray.exe" [2008-04-19 16:35 77824]
"svshost"="C:\WINDOWS\system32\svshost.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\svshost]
svshost.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"msacm.ac3filter"= ac3filter.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Softnyx\\Rakion\\Bin\\rakion.bin"=
"C:\\Program Files\\Messenger\\MSMSGS.EXE"=
"C:\\ijji\\ENGLISH\\u_sf\\soldierfront.exe"=
"C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"C:\\WINDOWS\\System32\\dpvsetup.exe"=
"C:\\WINDOWS\\System32\\RUNDLL32.EXE"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2008-05-06 18:32]
R2 KeyAgent;KeyAgent;C:\WINDOWS\system32\drivers\KeyAgent.sys [2006-10-24 17:38]
R2 keymagic;USB Keyboard HID Filter;C:\WINDOWS\system32\DRIVERS\KeyMagic.sys [2006-10-24 17:38]
R3 StartupDiskDriver;StartupDiskDriver;C:\WINDOWS\system32\DRIVERS\StartupDiskDriver.sys [2006-09-26 17:20]
S3 BLUETOOTH_KICKER;Apple Bluetooth Kicker Driver;C:\WINDOWS\system32\Drivers\BthKicker.sys [2006-08-24 23:45]
S3 CEDRIVER53;CEDRIVER53;C:\Program Files\Cheat Engine\dbk32.sys [2006-10-27 19:13]
S3 iSightUpdate;iSight Update Driver;C:\WINDOWS\system32\DRIVERS\iSightUP.sys [2006-09-05 14:08]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-07 18:11:46
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-07 18:11:58
ComboFix-quarantined-files.txt 2008-05-07 22:11:58

Pre-Run: 8,462,155,776 octets libres
Post-Run: 8,913,207,296 octets libres

195 --- E O F --- 2008-04-11 12:24:36

------------------------------------------------

Hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:25:03 PM, on 5/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Brightness.exe
C:\Program Files\Apple Keyboard Support\KbdMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\FRAPS\FRAPS\FRAPS.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [AppleTime] C:\WINDOWS\system32\AppleTime.exe
O4 - HKLM\..\Run: [Brightness] C:\WINDOWS\system32\Brightness.exe
O4 - HKLM\..\Run: [Apple_KbdMgr] "C:\Program Files\Apple Keyboard Support\KbdMgr.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [svshost] C:\WINDOWS\system32\svshost.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {343CE214-9998-4B21-A151-FFE970167297} - http://xscanner.spyshredderscanner.c...up/webinst.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/game...lugin11USA.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/game...Plugin9USA.cab
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll
O20 - Winlogon Notify: svshost - svshost.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe

--
End of file - 4765 bytes
Attached Files
File Type: txt ComboFix.txt (12.8 KB, 3 views)
Kokojo is offline