Votre question

Probleme Virus :X

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Novembre 2009 17:40:45

Bonjour a tous.

J'ai un énorme soucis:
En navigant sur le net, j'ai un logiciel qui s'est installé sur mon PC: Advanced Virus Remover.
J'ai lancé mon anti-virus (NOD32), Malware Bytes mais rien ne marche.

Total, je ne peux plus allez sur le net, je ne peux plus faire de Restauration Systeme, je ne peux plus aller dans la base de registres, du fait qu'il me marque "application cannot be executed. the file is infected"

Je vous mets ci joint mon rapport de RSIT:

RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-11-14 17:36:19
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 13 GB (16%) free of 79 GB
Total RAM: 1021 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:36:26, on 14/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
c:\program files\idt\intelxpv_v103\wdm\STacSV.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\WINDOWS.0\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS.0\system32\rundll32.exe
C:\WINDOWS.0\system32\winupdate86.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\WINDOWS.0\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\ATKKBService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
c:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS.0\system32\nvsvc32.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.cherche.us/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cherche.us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cherche.us
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.cherche.us/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cherche.us
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: copyright (c) 1993-1999 microsoft corp.
O1 - Hosts: ceci est un exemple de fichier hosts utilisé par microsoft tcp/ip
O1 - Hosts: pour windows.
O1 - Hosts: ce fichier contient les correspondances des adresses ip aux noms d'hôtes.
O1 - Hosts: chaque entrée doit être sur une ligne propre. l'adresse ip doit être placée
O1 - Hosts: dans la première colonne, suivie par le nom d'hôte correspondant. l'adresse
O1 - Hosts: ip et le nom d'hôte doivent être séparés par au moins un espace.
O1 - Hosts: de plus, des commentaires (tels que celui-ci) peuvent être insérés sur des
O1 - Hosts: lignes propres ou après le nom d'ordinateur. ils sont indiqué par le
O1 - Hosts: symbole '
O1 - Hosts: par exemple :
O1 - Hosts: 102.54.94.97 rhino.acme.com
O1 - Hosts: 38.25.63.10 x.acme.com
O1 - Hosts: 91.185.193.200 l2authd.lineage2.com
O1 - Hosts: 91.185.193.200 l2patcher.lineage2.com
O1 - Hosts: 91.185.193.200 nprotect.lineage2.com
O1 - Hosts: 216.107.250.198 l2update.lineage2.com
O2 - BHO: (no name) - {B45A4B16-23F2-41AD-F4E4-00AAC39C0004} - (no file)
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS.0\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [calc] rundll32.exe C:\WINDOWS.0\system32\calc.dll,_IWMPEvents@0
O4 - HKLM\..\Run: [winupdate86.exe] C:\WINDOWS.0\system32\winupdate86.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS.0\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [calc] rundll32.exe C:\DOCUME~1\NETWOR~1\ntuser.dll,_IWMPEvents@0
O4 - HKCU\..\Run: [Advanced Virus Remover] C:\Program Files\AdvancedVirusRemover\AVR.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://c:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - c:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows.0\system32\winhelper86.dll
O10 - Unknown file in Winsock LSP: c:\windows.0\system32\winhelper86.dll
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/The%20Clockwork%20Man/Images/stg_drm.ocx
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/The%20Hidden%20Prophecies%20of%20Nostradamus/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\WINDOWS.0\system32\rdolib.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS.0\ATKKBService.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS.0\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program files\idt\intelxpv_v103\wdm\STacSV.exe
O23 - Service: Windows Telephony (WindowsTelephony) - Unknown owner - C:\WINDOWS.0\system\svhost.exe (file missing)

--
End of file - 10621 bytes

======Scheduled tasks folder======

C:\WINDOWS.0\tasks\Microsoft_Hardware_Launch_vVX3000_exe.job
C:\WINDOWS.0\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B45A4B16-23F2-41AD-F4E4-00AAC39C0004}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS.0\KHALMNPR.EXE [2006-07-19 114688]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-07-02 462848]
"NvMediaCenter"=C:\WINDOWS.0\system32\NvMcTray.dll [2009-02-06 86016]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"NvCplDaemon"=C:\WINDOWS.0\system32\NvCpl.dll [2009-02-06 13680640]
"calc"=C:\WINDOWS.0\system32\calc.dll [2006-11-25 24064]
"winupdate86.exe"=C:\WINDOWS.0\system32\winupdate86.exe [2009-11-13 49664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-07-13 1287440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS.0\system32\ctfmon.exe [2004-08-19 35328]
"RocketDock"=C:\WINDOWS.0\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 651264]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-04 2334856]
"calc"=C:\DOCUME~1\NETWOR~1\ntuser.dll,_IWMPEvents@0 []
"Advanced Virus Remover"=C:\Program Files\AdvancedVirusRemover\AVR.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-Blaxx Manager]
C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe [2005-05-18 229376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 708608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DmwClient]
dmwclient.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2007-02-08 488984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2007-02-08 774168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-02 2327840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-02 2327840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\VistaCodecPack\QT\QTSystem\qttask.exe [2009-01-09 303104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-16 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2006-09-07 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2009-04-03 3558648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
C:\WINDOWS.0\vVX3000.exe [2007-04-10 709992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk]
C:\DOCUME~1\ADMINI~1\APPLIC~1\MICROS~1\NOTIFI~1\lsnfier.exe [2009-03-29 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
C:\WINDOWS.0\BRICOP~1\VISTAI~1\ROCKET~1\ROCKET~1.EXE [2007-03-18 651264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS.0^Menu Démarrer^Programmes^Démarrage^Réglages souris Labtec.lnk]
C:\PROGRA~1\LABTEC~1\MulMouse.exe [2006-06-28 286720]

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
..
..

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS.0\system32\rdolib.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.0\system32\WPDShServiceObj.dll [2006-11-25 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS.0\system32\dpvsetup.exe"="C:\WINDOWS.0\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
"C:\Program Files\VirtualDJ\virtualdj.exe"="C:\Program Files\VirtualDJ\virtualdj.exe:*:Enabled:VirtualDJ"
"C:\Documents and Settings\Administrateur\Bureau\pes2009.exe"="C:\Documents and Settings\Administrateur\Bureau\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:p ando Media Booster"
"C:\Documents and Settings\All Users.WINDOWS.0\Application Data\NexonUS\NGM\NGM.exe"="C:\Documents and Settings\All Users.WINDOWS.0\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users.WINDOWS.0\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users.WINDOWS.0\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\HomePlayer\VLC\vlc.exe"="C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer"
"\??\C:\WINDOWS.0\system32\winlogon.exe"="\??\C:\WINDOWS.0\system32\winlogon.exe:*:enabled:@shell32.dll,-1"
"C:\WINDOWS.0\system32\¤;Ò¹Þ#P€ð[ö…"="C:\WINDOWS.0\system32\¤;Ò¹Þ#P€ð[ö…:*:Enabled:installer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:p ando Media Booster"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{baf80f9b-500b-11de-aeda-0019d105a967}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb10121a-50d4-11de-b114-0019d105a967}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd8770b6-4f50-11de-9409-0019d105a967}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e21aaf78-4f56-11de-940a-0019d105a967}]
shell\AutoRun\command - F:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd32741a-51f8-11de-904a-0019d105a967}]
shell\AutoRun\command - E:\setuppol.exe


======List of files/folders created in the last 1 months======

2009-11-14 17:32:26 ----A---- C:\WINDOWS.0\yzlc.txt
2009-11-14 16:53:23 ----D---- C:\rsit
2009-11-14 16:42:14 ----D---- C:\Qoobox
2009-11-14 16:41:32 ----A---- C:\Bug.txt
2009-11-14 16:41:22 ----A---- C:\WINDOWS.0\system32\19169.exe
2009-11-14 16:38:58 ----D---- C:\32788R22FWJFW
2009-11-14 15:39:01 ----A---- C:\WINDOWS.0\system32\mzmsyb.dll
2009-11-14 14:44:28 ----A---- C:\WINDOWS.0\system32\26500.exe
2009-11-14 14:24:22 ----A---- C:\WINDOWS.0\system32\6334.exe
2009-11-14 14:04:22 ----A---- C:\WINDOWS.0\system32\18467.exe
2009-11-14 13:43:48 ----A---- C:\WINDOWS.0\system32\flags.ini
2009-11-14 13:43:47 ----A---- C:\WINDOWS.0\system32\41.exe
2009-11-14 13:43:47 ----A---- C:\WINDOWS.0\system32\332.exe
2009-11-14 13:43:45 ----A---- C:\WINDOWS.0\system32\WinRAR.dll
2009-11-14 13:43:38 ----A---- C:\WINDOWS.0\system32\winnt.exe
2009-11-14 13:43:20 ----A---- C:\WINDOWS.0\system32\csko3xkvhc.dll
2009-11-14 13:43:08 ----A---- C:\WINDOWS.0\system32\winhelper86.dll
2009-11-14 13:43:05 ----A---- C:\cmxmwfg.exe
2009-11-14 13:42:21 ----A---- C:\WINDOWS.0\system32\winupdate86.exe
2009-11-14 13:41:56 ----A---- C:\sesk.exe
2009-11-14 11:56:07 ----D---- C:\Program Files\PlayOnline
2009-11-14 11:56:07 ----D---- C:\Program Files\Fichiers communs\PlayOnline
2009-11-12 23:14:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Free Download Manager
2009-11-12 23:14:23 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\FreeDownloadManager.ORG
2009-11-12 23:14:21 ----D---- C:\Program Files\Free Download Manager
2009-11-07 16:56:36 ----D---- C:\Documents and Settings\Administrateur\Application Data\IObit
2009-11-07 16:55:00 ----D---- C:\Program Files\IObit
2009-11-06 22:31:43 ----D---- C:\Program Files\alaplaya
2009-11-06 22:14:04 ----D---- C:\Program Files\Fichiers communs\Akamai
2009-10-26 20:15:09 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2009-10-26 19:26:05 ----D---- C:\Program Files\VLC
2009-10-26 19:20:11 ----D---- C:\Program Files\HomePlayer
2009-10-25 13:12:18 ----D---- C:\alaplaya
2009-10-23 15:13:27 ----A---- C:\WINDOWS.0\NeroDigital.ini
2009-10-22 22:27:06 ----D---- C:\Documents and Settings\Administrateur\Application Data\DeepBurner
2009-10-22 22:25:59 ----D---- C:\Program Files\Astonsoft
2009-10-22 22:01:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Nero
2009-10-22 18:36:52 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Nero
2009-10-22 18:36:46 ----D---- C:\Program Files\Fichiers communs\Nero
2009-10-20 22:17:03 ----D---- C:\Documents and Settings\Administrateur\Application Data\DMCache

======List of files/folders modified in the last 1 months======

2009-11-14 17:32:26 ----D---- C:\WINDOWS.0\system32\drivers
2009-11-14 17:32:26 ----D---- C:\WINDOWS.0\system32\..
2009-11-14 17:32:26 ----D---- C:\WINDOWS.0
2009-11-14 17:32:16 ----RD---- C:\Program Files
2009-11-14 17:32:16 ----D---- C:\WINDOWS.0\system32
2009-11-14 17:04:55 ----SD---- C:\WINDOWS.0\Tasks
2009-11-14 17:03:02 ----D---- C:\WINDOWS.0\system32\CatRoot2
2009-11-14 17:01:55 ----AD---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP
2009-11-14 16:59:54 ----A---- C:\WINDOWS.0\SchedLgU.Txt
2009-11-14 16:09:45 ----D---- C:\WINDOWS.0\system32\Restore
2009-11-14 16:02:09 ----D---- C:\Documents and Settings
2009-11-14 16:01:03 ----D---- C:\Program Files\Mozilla Firefox
2009-11-14 15:23:42 ----D---- C:\Nexon
2009-11-14 15:23:42 ----D---- C:\Download
2009-11-14 15:15:36 ----SHD---- C:\System Volume Information
2009-11-14 15:14:43 ----D---- C:\Downloads
2009-11-14 13:59:22 ----D---- C:\Documents and Settings\Administrateur\Application Data\Desktopicon
2009-11-14 13:45:59 ----RSHDC---- C:\WINDOWS.0\system32\dllcache
2009-11-14 13:44:11 ----D---- C:\WINDOWS.0\Prefetch
2009-11-14 13:43:27 ----RSHD---- C:\RECYCLER
2009-11-14 12:24:40 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-14 12:24:36 ----SHD---- C:\WINDOWS.0\Installer
2009-11-14 12:24:36 ----SHD---- C:\Config.Msi
2009-11-14 11:56:07 ----D---- C:\Program Files\Fichiers communs
2009-11-11 20:05:53 ----D---- C:\Program Files\PokerStars.NET
2009-11-10 18:47:05 ----SD---- C:\WINDOWS.0\Downloaded Program Files
2009-11-07 19:51:05 ----D---- C:\Program Files\World of Warcraft
2009-11-07 17:02:32 ----D---- C:\WINDOWS.0\Temp
2009-11-06 15:26:42 ----D---- C:\WINDOWS.0\system32\config
2009-11-06 15:26:19 ----D---- C:\WINDOWS.0\system32\wbem
2009-11-06 15:26:19 ----D---- C:\WINDOWS.0\Registration
2009-10-27 12:16:58 ----D---- C:\Documents and Settings\Administrateur\Application Data\dvdcss
2009-10-26 19:26:00 ----D---- C:\Program Files\adslTV
2009-10-25 10:20:34 ----A---- C:\WINDOWS.0\system32\PerfStringBackup.INI
2009-10-23 15:42:25 ----D---- C:\WINDOWS.0\system32\CatRoot
2009-10-22 22:44:05 ----RSD---- C:\WINDOWS.0\Fonts
2009-10-22 18:29:38 ----D---- C:\WINDOWS.0\WinSxS
2009-10-22 18:29:38 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-20 23:57:22 ----D---- C:\Program Files\UrbanTerror
2009-10-19 19:40:15 ----D---- C:\WINDOWS.0\repair
2009-10-19 18:59:56 ----D---- C:\Program Files\ma-config.com
2009-10-19 18:59:55 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\ma-config.com

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS.0\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 ehdrv;ehdrv; C:\WINDOWS.0\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir; C:\WINDOWS.0\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS.0\system32\DRIVERS\intelppm.sys [2006-11-25 40320]
R1 mbmiodrvr;mbmiodrvr; \??\C:\WINDOWS.0\system32\mbmiodrvr.sys []
R1 MUsbFltr;WayTechUSBFilterDriver; C:\WINDOWS.0\system32\drivers\MUsbFltr.sys [2006-06-27 9088]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS.0\System32\drivers\ws2ifsl.sys [2002-08-30 12032]
R2 eamon;eamon; C:\WINDOWS.0\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 EIO;EIO; \??\C:\WINDOWS.0\system32\drivers\EIO.sys []
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS.0\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS.0\system32\DRIVERS\HDAudBus.sys [2006-11-25 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS.0\system32\DRIVERS\hidusb.sys [2002-08-30 9600]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS.0\system32\DRIVERS\L8042Kbd.sys [2006-07-19 13568]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS.0\system32\DRIVERS\LVPr2Mon.sys [2007-02-06 25632]
R3 mouhid;Pilote HID de souris; C:\WINDOWS.0\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 nv;nv; C:\WINDOWS.0\system32\DRIVERS\nv4_mini.sys [2009-02-06 6307392]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS.0\system32\drivers\sthda.sys [2008-07-02 1383402]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS.0\system32\DRIVERS\usbehci.sys [2006-04-19 30080]
R3 usbhub;Concentrateur USB2; C:\WINDOWS.0\system32\DRIVERS\usbhub.sys [2006-07-06 58496]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2004-12-29 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS.0\system32\DRIVERS\usbuhci.sys [2006-11-25 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS.0\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS.0\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 dump_wmimmc;dump_wmimmc; \??\C:\Documents and Settings\Administrateur\Bureau\Aion\Aion_EU_Client\bin32\GameGuard\dump_wmimmc.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS.0\system32\drivers\EagleNT.sys []
S3 LHidKE;SetPoint HID Mouse Filter Driver; C:\WINDOWS.0\system32\DRIVERS\LHidKE.Sys [2006-07-19 27136]
S3 LHidUsbK;SetPoint USB Receiver device driver; C:\WINDOWS.0\System32\Drivers\LHidUsbK.Sys [2006-07-19 36736]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS.0\system32\DRIVERS\LMouKE.Sys [2006-07-19 71936]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS.0\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS.0\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS.0\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS.0\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NAL;Nal Service ; \??\C:\WINDOWS.0\system32\Drivers\iqvw32.sys []
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS.0\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS.0\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS.0\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS.0\system32\npptNT2.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS.0\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS.0\system32\drivers\sfng32.sys [2005-12-02 41728]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS.0\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS.0\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS.0\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS.0\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS.0\system32\DRIVERS\usbccgp.sys [2005-06-17 31744]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS.0\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 VX3000;VX-3000; C:\WINDOWS.0\system32\DRIVERS\VX3000.sys [2007-04-10 1966696]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS.0\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS.0\system32\DRIVERS\wpdusb.sys [2006-11-25 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS.0\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.0\system32\DRIVERS\wudfrd.sys [2006-11-25 82944]
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS.0\system32\DRIVERS\sr.sys [2004-08-19 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\WINDOWS.0\System32\svchost.exe [2004-08-19 14336]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS.0\ATKKBService.exe [2005-10-18 261120]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 LVPrcSrv;Process Monitor; c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe [2007-02-06 109344]
R2 MDM;Machine Debug Manager; c:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSCamSvc;MSCamSvc; c:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS.0\system32\nvsvc32.exe [2009-02-06 163908]
R2 STacSV;Audio Service; c:\program files\idt\intelxpv_v103\wdm\STacSV.exe [2008-07-02 221273]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.0\system32\svchost.exe [2004-08-19 14336]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]
S2 WindowsTelephony;Windows Telephony; C:\WINDOWS.0\system\svhost.exe []
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2009-01-22 89088]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS.0\system32\GameMon.des [2009-06-29 3110016]
S3 odserv;Microsoft Office Diagnostics Service; c:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; c:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 657920]
S3 usprserv;User Privilege Service; C:\WINDOWS.0\System32\svchost.exe [2004-08-19 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-10-18 933376]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Autres pages sur : probleme virus

14 Novembre 2009 17:44:01

bonsoir......a placé dans le forum virus....CDT
m
0
l
a c 327 8 Sécurité
14 Novembre 2009 19:33:10

Bonjour,

Tu n'es pas arrivé à lancer ComboFix ?
m
0
l
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS