Se connecter / S'enregistrer
Votre question

infection vitumonde

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Septembre 2008 22:02:01

j'ai été infecté par virtumonde la semaine dernière et je n'arrive pas a m'en débarasser
norton ne trouve rien
adaware non plus
spybot le detecte mais a chaque nouveau scan le trojan réapparait
de plus le résident spybot détecte a chaque démarage une modification de certaine clé registre et ne trouve plus le fichier winwzw32.rom(fichier spécifié introuvable)
j'utilise vista
je peux vous poster un rapport spybot et un rapport hijackthis
de plus en consultant les autres pages spécifiques a ce sujet j'ai également télécharger combofix vundo et mbam et je vais les lancer bientot
merci de m'aider

Autres pages sur : infection vitumonde

26 Septembre 2008 22:07:15

voila mon rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:48:46, on 26/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ChkMail\ChkMail\ChkMail.exe
C:\Program Files\P4P\P4P.exe
C:\Program Files\ASUS\ASUS Direct Console\LCMP.exe
C:\Windows\ASScrPro.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SetPoint\SetPoint.exe
C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navw32.exe
c:\windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\Taskmgr.exe
C:\Users\simon\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ChkMail] C:\Program Files\ChkMail\ChkMail\ChkMail.exe
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [zDirectMessenger] "C:\Program Files\ASUS\ASUS Direct Console\LCMP.EXE"
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\ljJdebCR.dll,#1
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe winwzw32.rom,MjxRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [b8677ea2] rundll32.exe "C:\Users\simon\AppData\Local\Temp\ymxcqmsv.dll",b
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\simon\AppData\Local\Temp\yayxvSIX.dll,#1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: SetPoint.lnk = C:\Program Files\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 9084 bytes
26 Septembre 2008 22:08:03

et voila spybot

--- Search result list ---
Le conseil du jour: Cliquez sur la barre située à droite pour voir plus d'informations! ()


Virtumonde: [SBI $42352499] Réglages utilisateur (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-3633728371-3772968209-2845288125-1000\Software\Microsoft\rdfa


--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-08-18 TeaTimer.exe (1.6.2.23)
2008-09-20 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-07-07 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-07-07 SDHelper.dll (1.6.0.12)
2008-06-19 sqlite3.dll
2008-07-07 Tools.dll (2.1.5.7)
2008-09-02 Includes\Adware.sbi (*)
2008-09-09 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-09-02 Includes\Dialer.sbi (*)
2008-09-09 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-09-02 Includes\Hijackers.sbi (*)
2008-09-02 Includes\HijackersC.sbi (*)
2008-09-09 Includes\Keyloggers.sbi (*)
2008-09-09 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-09-09 Includes\Malware.sbi (*)
2008-09-16 Includes\MalwareC.sbi (*)
2008-09-02 Includes\PUPS.sbi (*)
2008-09-11 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-09-02 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-09-02 Includes\Spyware.sbi (*)
2008-09-16 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti
2008-09-16 Includes\Trojans.sbi (*)
2008-09-16 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows Vista (Build: 6001) Service Pack 1 (6.0.6001)


--- Startup entries list ---
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8B9145D229D4E89D15ACB820D4A3A90F

Located: HK_LM:Run, ASUS Screen Saver Protector
command: C:\Windows\ASScrPro.exe
file: C:\Windows\ASScrPro.exe
size: 33136
MD5: 12C5C40440637B87D61600AE3DBEFA70

Located: HK_LM:Run, ATKMEDIA
command: C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
file: C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
size: 61440
MD5: FA076AE9916A801CAD714DA2B983506D

Located: HK_LM:Run, ATKOSD2
command: "C:\Program Files\ATKOSD2\ATKOSD2.exe"
file: C:\Program Files\ATKOSD2\ATKOSD2.exe
size: 7737344
MD5: EDEEAB02F1A6828DFF61FF50059BAF0A

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 78008
MD5: 66893067C2FB0505F151D3FCB8EA92B5

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 51048
MD5: E67200B6EF51BBF60C14C64D60FAD482

Located: HK_LM:Run, ChkMail
command: C:\Program Files\ChkMail\ChkMail\ChkMail.exe
file: C:\Program Files\ChkMail\ChkMail\ChkMail.exe
size: 741376
MD5: 1E29417572E82CDCB9D70964CE805C99

Located: HK_LM:Run, JMB36X IDE Setup
command: C:\Windows\RaidTool\xInsIDE.exe
file: C:\Windows\RaidTool\xInsIDE.exe
size: 36864
MD5: DB4E2D9C09A5762CB2551222B5E443B2

Located: HK_LM:Run, Kernel and Hardware Abstraction Layer
command: KHALMNPR.EXE
file: C:\Windows\KHALMNPR.EXE
size: 56080
MD5: F6D01B49CEFE36286A1FD8BAE8F2D6A3

Located: HK_LM:Run, MSServer
command: rundll32.exe C:\Windows\system32\ljJdebCR.dll,#1
file: C:\Windows\system32\ljJdebCR.dll
size: 34816
MD5: 3D4722F0679C256DE9B66431B8123A36

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\NvCpl.dll
size: 8534560
MD5: 78EE634565705AF1AED1259985006E6E

Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
file: C:\Windows\system32\NvMcTray.dll
size: 88608
MD5: 4CBA268FDB3D77A7D71E45626D27400D

Located: HK_LM:Run, NvSvc
command: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
file: C:\Windows\system32\nvsvc.dll
size: 92704
MD5: E86A475C79DBEBAA80C7189C94CE4F91

Located: HK_LM:Run, PowerForPhone
command: "C:\Program Files\P4P\P4P.exe"
file: C:\Program Files\P4P\P4P.exe
size: 778240
MD5: D85098BFADBAC38BD2B3CBDD08285FDF

Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 4915200
MD5: 3D942287E53CB2EAEE17092B7697BD85

Located: HK_LM:Run, SMSERIAL
command: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
file: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
size: 655360
MD5: 3CFE49B743B497D59EF3C26229C1E4FE

Located: HK_LM:Run, SynTPEnh
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 1029416
MD5: 98888488D0E6DB0256E5E661BCD35EB6

Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E

Located: HK_LM:Run, zDirectMessenger
command: "C:\Program Files\ASUS\ASUS Direct Console\LCMP.EXE"
file: C:\Program Files\ASUS\ASUS Direct Console\LCMP.EXE
size: 988160
MD5: C01B9774B08597BCBDA0FAE1BE835BEA

Located: HK_CU:Run, b8677ea2
where: S-1-5-21-3633728371-3772968209-2845288125-1000...
command: rundll32.exe "C:\Users\simon\AppData\Local\Temp\ymxcqmsv.dll",b
file: C:\Users\simon\AppData\Local\Temp\ymxcqmsv.dll
size: 85504
MD5: 02001D7BA6E9EC82EC78648B7EE582DD

Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-3633728371-3772968209-2845288125-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C

Located: HK_CU:Run, LightScribe Control Panel
where: S-1-5-21-3633728371-3772968209-2845288125-1000...
command: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
file: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
size: 2289664
MD5: 6DE8F3D91387412AC2E869FFA0F6ABA6

Located: HK_CU:Run, MSServer
where: S-1-5-21-3633728371-3772968209-2845288125-1000...
command: rundll32.exe C:\Users\simon\AppData\Local\Temp\jkkIXnll.dll,#1
file: C:\Users\simon\AppData\Local\Temp\jkkIXnll.dll
size: 34816
MD5: 3D4722F0679C256DE9B66431B8123A36

Located: HK_CU:Run, MSSMSGS
where: S-1-5-21-3633728371-3772968209-2845288125-1000...
command: rundll32.exe winwzw32.rom,MjxRun
file: winwzw32.rom
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, Sidebar
where: S-1-5-21-3633728371-3772968209-2845288125-1000...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: FD278E51A7D6F52D22FCE6C67E037AD6

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-3633728371-3772968209-2845288125-1000...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C

Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-21-3633728371-3772968209-2845288125-1000...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file: C:\Windows\system32\oobefldr.dll
size: 2153472
MD5: 83E4A5435B0FA6AD0166722621A04725

Located: HK_CU:Run, WMPNSCFG
where: S-1-5-21-3633728371-3772968209-2845288125-1000...
command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D

Located: Démarrage (tous utilisateurs), DSLMON.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
file: C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
size: 1214032
MD5: B9B06EA03F7E904676BC674583068570

Located: Démarrage (tous utilisateurs), SetPoint.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\SetPoint\SetPoint.exe
file: C:\Program Files\SetPoint\SetPoint.exe
size: 692224
MD5: 8E6DD7BC88200935A6927FFC5E003D42

Located: Démarrage (utilisateur), Moteur du Planificateur de tâches SolidWorks.lnk
where: C:\Users\simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
file: C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
size: 488728
MD5: 7F800E6AA6DDF62C27E366E42C945389



--- Browser helper object list ---
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (NCO 2.0 IE BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: NCO 2.0 IE BHO
CLSID name:
Path: C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\
Long name: CoIEPlg.dll
Short name:
Date (created): 24/08/2007 21:51:00
Date (last access): 08/07/2008 23:06:22
Date (last write): 24/08/2007 21:51:00
Filesize: 316784
Attributes: archive
MD5: 6BC066FCC66BB0EE33A618EBC65683D5
CRC32: D7E3A9BB
Version: 2008.2.0.84

{6D53EC84-6AAE-4787-AEEE-F4628F01010C} (Symantec Intrusion Prevention)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Symantec Intrusion Prevention
CLSID name: Symantec Intrusion Prevention
Path: C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
Long name: IPSBHO.dll
Short name:
Date (created): 08/07/2008 23:06:02
Date (last access): 08/07/2008 23:06:02
Date (last write): 19/09/2008 20:44:58
Filesize: 116088
Attributes: archive
MD5: FA3E00177B57D5B2BF058D560931D750
CRC32: DF9D41CC
Version: 8.2.0.86

{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 20/09/2007 10:30:18
Date (last access): 20/09/2008 21:00:40
Date (last write): 20/09/2007 10:30:18
Filesize: 328752
Attributes: archive
MD5: 59CF5BF6684AFCF906CADAD39B4214DE
CRC32: C363813C
Version: 4.200.520.1



--- ActiveX list ---
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\Windows\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\Windows\system32\Macromed\Flash\
Long name: Flash9f.ocx
Short name:
Date (created): 25/03/2008 04:32:42
Date (last access): 20/09/2008 21:06:28
Date (last write): 25/03/2008 04:32:42
Filesize: 2991488
Attributes: readonly archive
MD5: 48FDF435B8595604E54125B321924510
CRC32: 12335E29
Version: 9.0.124.0



--- Process list ---
PID: 1596 (1156) C:\Windows\system32\Dwm.exe
size: 81920
MD5: 59903071D7ACE6A02093C47E9E38AF97
PID: 2072 (1500) C:\Windows\Explorer.EXE
size: 2927104
MD5: FFA764631CB70A30065C12EF8E174F9F
PID: 2176 (1200) C:\Windows\system32\taskeng.exe
size: 169472
MD5: 5F109032CE46B7184ED9E50F9FE8489E
PID: 2920 (2072) C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
PID: 3032 (2072) C:\Program Files\ATKOSD2\ATKOSD2.exe
size: 7737344
MD5: EDEEAB02F1A6828DFF61FF50059BAF0A
PID: 3244 (3008) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
size: 149864
MD5: A8D49668CA8BBDDF5D3D4FBD9ECFF49E
PID: 3740 (2072) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 3872 (2072) C:\Windows\RtHDVCpl.exe
size: 4915200
MD5: 3D942287E53CB2EAEE17092B7697BD85
PID: 3884 (2072) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
size: 655360
MD5: 3CFE49B743B497D59EF3C26229C1E4FE
PID: 3912 (2072) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 1029416
MD5: 98888488D0E6DB0256E5E661BCD35EB6
PID: 3920 (2072) C:\Program Files\ASUS\ATK Media\DMedia.exe
size: 61440
MD5: FA076AE9916A801CAD714DA2B983506D
PID: 3928 (2072) C:\Program Files\ChkMail\ChkMail\ChkMail.exe
size: 741376
MD5: 1E29417572E82CDCB9D70964CE805C99
PID: 3936 (2072) C:\Program Files\P4P\P4P.exe
size: 778240
MD5: D85098BFADBAC38BD2B3CBDD08285FDF
PID: 3944 (2072) C:\Program Files\ASUS\ASUS Direct Console\LCMP.exe
size: 988160
MD5: C01B9774B08597BCBDA0FAE1BE835BEA
PID: 3952 (2072) C:\Windows\ASScrPro.exe
size: 33136
MD5: 12C5C40440637B87D61600AE3DBEFA70
PID: 4012 (3064) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 920 ( 932) C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
size: 12844576
MD5: 063C6CAE4E376946FF5B1CC1CB556164
PID: 3268 (2072) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
size: 78008
MD5: 66893067C2FB0505F151D3FCB8EA92B5
PID: 2952 (2072) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: FD278E51A7D6F52D22FCE6C67E037AD6
PID: 4368 ( 932) C:\Windows\system32\wbem\unsecapp.exe
size: 37888
MD5: 25873356E52849C3F5B3F1B02317E8C8
PID: 4452 (2072) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
size: 2289664
MD5: 6DE8F3D91387412AC2E869FFA0F6ABA6
PID: 4476 (2072) C:\Windows\ehome\ehtray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
PID: 4484 (2072) C:\Program Files\Windows Media Player\wmpnscfg.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
PID: 4656 ( 932) C:\Windows\ehome\ehmsas.exe
size: 37376
MD5: 0F4195B9B348DE5CF9B822F81704B20E
PID: 4904 (2072) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C
PID: 4912 (2072) C:\Windows\System32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 5080 (2072) C:\Program Files\SetPoint\SetPoint.exe
size: 692224
MD5: 8E6DD7BC88200935A6927FFC5E003D42
PID: 5088 (2072) C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
size: 488728
MD5: 7F800E6AA6DDF62C27E366E42C945389
PID: 5140 (5080) C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
size: 56080
MD5: F6D01B49CEFE36286A1FD8BAE8F2D6A3
PID: 4172 (4904) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891472
MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
PID: 3812 (2072) C:\Windows\system32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 3692 (2072) C:\Windows\system32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 5380 (2072) C:\Windows\system32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 7972 (2952) C:\Windows\system32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 532 (2072) C:\Windows\system32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 7584 (2072) C:\Windows\system32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 7248 (7012) C:\Windows\system32\rundll32.exe
size: 44544
MD5: 4B555106290BD117334E9A08761C035A
PID: 6164 ( 932) C:\Windows\System32\mobsync.exe
size: 95744
MD5: 9B89B3BB79EA1ACF041F40A7B6FC5827
PID: 9604 (2072) C:\Program Files\Windows Media Player\wmplayer.exe
size: 168960
MD5: BE70DDF93F5E8CA9DA13CBC6F849808C
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 480 ( 4) smss.exe
size: 64000
PID: 620 ( 608) csrss.exe
size: 6144
PID: 672 ( 608) wininit.exe
size: 96768
PID: 680 ( 664) csrss.exe
size: 6144
PID: 720 ( 672) services.exe
size: 279040
PID: 748 ( 664) winlogon.exe
size: 314880
PID: 764 ( 672) lsass.exe
size: 9728
PID: 772 ( 672) lsm.exe
size: 229888
PID: 932 ( 720) svchost.exe
size: 21504
PID: 996 ( 720) svchost.exe
size: 21504
PID: 1036 ( 720) svchost.exe
size: 21504
PID: 1128 ( 720) svchost.exe
size: 21504
PID: 1156 ( 720) svchost.exe
size: 21504
PID: 1200 ( 720) svchost.exe
size: 21504
PID: 1284 (1128) audiodg.exe
size: 88064
PID: 1320 ( 720) SLsvc.exe
size: 2623488
PID: 1444 ( 720) svchost.exe
size: 21504
PID: 1532 (1072) smartlogon.exe
PID: 1600 ( 720) svchost.exe
size: 21504
PID: 1708 ( 720) aawservice.exe
PID: 1724 ( 720) ADSMSrv.exe
PID: 1752 ( 720) AsLdrSrv.exe
PID: 1764 ( 720) aswUpdSv.exe
PID: 1784 ( 720) GFNEXSrv.exe
PID: 1804 ( 720) ashServ.exe
PID: 420 ( 720) spoolsv.exe
size: 125952
PID: 596 ( 720) CCSVCHST.EXE
PID: 1648 (1200) taskeng.exe
size: 169472
PID: 2216 ( 720) svchost.exe
size: 21504
PID: 2224 (1648) ALU.exe
PID: 2336 (1648) sensorsrv.exe
PID: 2592 (1752) HControl.exe
PID: 2624 (1752) wcourier.exe
PID: 2636 (1752) ASPG.exe
PID: 2648 (1752) BatteryLife.exe
PID: 2656 (1752) ACMON.exe
PID: 2904 ( 720) svchost.exe
size: 21504
PID: 2976 ( 932) ACEngSvr.exe
size: 155648
PID: 2992 ( 720) LSSrvc.exe
PID: 3056 ( 720) svchost.exe
size: 21504
PID: 3220 ( 720) spmgr.exe
PID: 3308 ( 720) svchost.exe
size: 21504
PID: 3340 ( 720) svchost.exe
size: 21504
PID: 3404 ( 720) SearchIndexer.exe
size: 439808
PID: 3668 (2592) ATKOSD.exe
PID: 3904 ( 720) ashMaiSv.exe
PID: 4032 (2592) KBFiltr.exe
PID: 4068 (2592) WDC.exe
PID: 4084 ( 932) WmiPrvSE.exe
PID: 1368 ( 720) ashWebSv.exe
PID: 4588 ( 720) wmpnetwk.exe
PID: 4756 (3912) SynTPHelper.exe
PID: 5584 ( 720) AluSchedulerSvc.exe
PID: 8640 (1200) taskeng.exe
size: 169472
PID: 9712 (9604) mfpmp.exe
size: 24576
PID: 7696 (3404) SearchProtocolHost.exe
size: 184832
PID: 7640 (3404) SearchFilterHost.exe
size: 87552


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 24/09/2008 22:31:29

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.asus.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.asus.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.asus.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896


--- Winsock Layered Service Provider list ---
Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:

Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:



--- Uninstall list ---


--- System Services ---
Service (registry key): .NET CLR Data
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for Oracle
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for SqlServer
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): aawservice
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Lavasoft Ad-Aware Service
Description: Ad-Aware service
Object name: LocalSystem
Image path: "C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"
Image size: 611664
Image MD5: 17067069B9A7865028C1F2E6971D0CCC
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 0
Depends On services: RpcSS

Service (registry key): ACPI
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Driver
Image path: system32\drivers\acpi.sys
Image size: 266808
Image MD5: FCB8C7210F0135E24C6580F7F649C73C
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): adiusbaw
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: USB ADSL WAN Adapter
Image path: system32\DRIVERS\adiusbaw.sys
Image size: 116888
Image MD5: 5609B325404F0BB0EABEC05F1BC62116
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): adp94xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adp94xx.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpahci
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpahci.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpu160m.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu320
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\adpu320.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): adsi
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): ADSMService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ADSM Service
Object name: LocalSystem
Image path: C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
Image size: 73728
Image MD5: 609A6F49B6AF0F25837F8A0EDDDB0745
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1

Service (registry key): AeLookupSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\aelupsvc.dll,-1
Description: @%SystemRoot%\system32\aelupsvc.dll,-2
Object name: localSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): AFD
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Ancilliary Function Driver for Winsock
Description: Ancilliary Function Driver for Winsock
Image path: \SystemRoot\system32\drivers\afd.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): agp440
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel AGP Bus Filter
Image path: \SystemRoot\system32\drivers\agp440.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): aic78xx
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\djsvs.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ALG
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\Alg.exe,-112
Description: @%SystemRoot%\system32\Alg.exe,-113
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 59392
Image MD5: A1545B731579895D8CC44FC0481C1192
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1

Service (registry key): aliide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\aliide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): amdagp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD AGP Bus Filter Driver
Image path: \SystemRoot\system32\drivers\amdagp.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): amdide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\amdide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): AmdK7
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD K7 Processor Driver
Image path: \SystemRoot\system32\drivers\amdk7.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): AmdK8
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: AMD K8 Processor Driver
Image path: \SystemRoot\system32\drivers\amdk8.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): Appinfo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\appinfo.dll,-100
Description: @%systemroot%\system32\appinfo.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,ProfSvc

Service (registry key): arc
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\arc.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): arcsas
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\arcsas.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): AsDsm
Registry path: \SYSTEM\CurrentControlSet\Services\
Description: Data Security Manager Driver
Control Set: CurrentControlSet
Start: 0
Type: 2
Error Control: 1

Service (registry key): ASLDRService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASLDR Service
Object name: LocalSystem
Image path: C:\Program Files\ATK Hotkey\ASLDRSrv.exe
Image size: 94208
Image MD5: 5A055A4777CBBC8845DD598CB2EEBF69
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1

Service (registry key): ASMMAP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ASMMAP
Image path: \??\C:\Program Files\ATKGFNEX\ASMMAP.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): aswFsBlk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: aswFsBlk
Description: avast! mini-filter driver (aswFsBlk)
Image path: system32\DRIVERS\aswFsBlk.sys
Image size: 20560
Image MD5: 976E2AD5A62044629C2DE2CA8563722A
Control Set: CurrentControlSet
Start: 2
Type: 2
Error Control: 1
Depends On services: FltMgr

Service (registry key): aswMonFlt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: aswMonFlt
Description: avast! mini-filter driver (aswMonFlt)
Image path: system32\DRIVERS\aswMonFlt.sys
Image size: 51280
Image MD5: 5C3C0DA947798C99D8C094BF3DCC03A8
Control Set: CurrentControlSet
Start: 2
Type: 2
Error Control: 1
Depends On services: FltMgr

Service (registry key): aswRdr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: aswRdr
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: tcpip

Service (registry key): aswSP
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! Self Protection
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): aswTdi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! Network Shield Support
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: tcpip

Service (registry key): aswUpdSv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! iAVS4 Control Service
Description: Fournit la mise à jour automatique pour l'antivirus avast!.
Object name: LocalSystem
Image path: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
Image size: 16056
Image MD5: E2323AD197689D607EBC52137B4DFB2E
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1

Service (registry key): AsyncMac
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\rascfg.dll,-32000
Description: @%systemroot%\system32\rascfg.dll,-32000
Image path: system32\DRIVERS\asyncmac.sys
Image size: 17408
Image MD5: 53B202ABEE6455406254444303E87BE1
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: IDE Channel
Image path: system32\drivers\atapi.sys
Image size: 21560
Image MD5: 2D9C903DC76A66813D350A562DE40ED9
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): ATKGFNEXSrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ATKGFNEX Service
Object name: LocalSystem
Image path: C:\Program Files\ATKGFNEX\GFNEXSrv.exe
Image size: 94208
Image MD5: 7C157574A181B19B9DCF5F339E25337E
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 1
Depends On services: ASMMAP

Service (registry key): AudioEndpointBuilder
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\audiosrv.dll,-204
Description: @%SystemRoot%\System32\audiosrv.dll,-205
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): Audiosrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\audiosrv.dll,-200
Description: @%SystemRoot%\System32\audiosrv.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: AudioEndpointBuilder,RpcSs,MMCSS

Service (registry key): Automatic LiveUpdate Scheduler
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Planificateur LiveUpdate automatique
Description: Gère la planification des sessions de LiveUpdate automatique
Object name: LocalSystem
Image path: "C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe"
Image size: 243064
Image MD5: 7C813EB232C7AEFA627A12A104DDA221
Control Set: CurrentControlSet
Start: 2
Type: 16
Error Control: 0

Service (registry key): avast! Antivirus
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! Antivirus
Description: Gère et implémente les services de l'antivirus avast! pour cet ordinateur. Ceci inclut la protection résidente, la zone de quarantaine et le planificateur.
Object name: LocalSystem
Image path: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
Image size: 147640
Image MD5: 58E57D723BD437049F74408016E1735D
Control Set: CurrentControlSet
Start: 2
Type: 272
Error Control: 1
Depends On services: aswMonFlt,RpcSS

Service (registry key): avast! Mail Scanner
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! Mail Scanner
Description: Implémente l'analyse du courrier électronique pour l'antivirus avast!.
Object name: LocalSystem
Image path: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
Image size: 250040
Image MD5: BCEA9A5EEF52351E1632DD417D3E7308
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1
Depends On services: "avast! Antivirus"

Service (registry key): avast! Web Scanner
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: avast! Web Scanner
Description: Implémente l'analyse du contenu web (HTTP) pour l'antivirus avast!.
Object name: LocalSystem
Image path: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
Image size: 348344
Image MD5: B2203D1A09CAC8232780BFCF01A9B853
Control Set: CurrentControlSet
Start: 3
Type: 272
Error Control: 1
Depends On services: "avast! Antivirus"

Service (registry key): BattC
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Beep
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Beep
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): BFE
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\bfe.dll,-1001
Description: @%SystemRoot%\system32\bfe.dll,-1002
Object name: NT AUTHORITY\LocalService
Image path: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): BITS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\qmgr.dll,-1000
Description: @%SystemRoot%\system32\qmgr.dll,-1001
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,EventSystem

Service (registry key): blbdrive
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\blbdrive.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): bowser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bowser
Description: Implements the datagram receiver for the computer browser browser service.
Image path: system32\DRIVERS\bowser.sys
Image size: 69632
Image MD5: 74B442B2BE1260B7588C136177CEAC66
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): BrFiltLo
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother USB Mass-Storage Lower Filter Driver
Image path: \SystemRoot\system32\drivers\brfiltlo.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BrFiltUp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother USB Mass-Storage Upper Filter Driver
Image path: \SystemRoot\system32\drivers\brfiltup.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): Browser
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\browser.dll,-100
Description: @%systemroot%\system32\browser.dll,-101
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): Brserid
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC Serial Port Interface Driver (WDM)
Image path: \SystemRoot\system32\drivers\brserid.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): BrSerWdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother WDM Serial driver
Image path: \SystemRoot\system32\drivers\brserwdm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): BrUsbMdm
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC USB Fax Only Modem
Image path: \SystemRoot\system32\drivers\brusbmdm.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): BrUsbSer
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Brother MFC USB Serial WDM Driver
Image path: \SystemRoot\system32\drivers\brusbser.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BthEnum
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Service d'énumérateur Bluetooth
Image path: system32\DRIVERS\BthEnum.sys
Image size: 19456
Image MD5: DA7B195275BDA7F8FCF79B40E0F45DDE
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BTHMODEM
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pilote de communication série Bluetooth
Image path: system32\DRIVERS\bthmodem.sys
Image size: 39936
Image MD5: 5FFA6988FF9597986FF2ADA736CC90C0
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BthPan
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Image path: system32\DRIVERS\bthpan.sys
Image size: 92160
Image MD5: 5904EFA25F829BF84EA6FB045134A1D8
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BTHPORT
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pilote de port Bluetooth
Image path: System32\Drivers\BTHport.sys
Image size: 220160
Image MD5: 73D53F8E90550BA81E2CF44A0873B410
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): BthServ
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\bthserv.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k bthsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: rpcss

Service (registry key): BTHUSB
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pilote USB radio Bluetooth
Image path: System32\Drivers\BTHUSB.sys
Image size: 29184
Image MD5: 32045A4BB143BBC5BAB1298C4E9E309A
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ccEvtMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Event Manager
Description: Event propagation and logging service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
Image size: 149864
Image MD5: A8D49668CA8BBDDF5D3D4FBD9ECFF49E
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS,ccSetMgr

Service (registry key): ccSetMgr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Settings Manager
Description: Settings storage and management service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
Image size: 149864
Image MD5: A8D49668CA8BBDDF5D3D4FBD9ECFF49E
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): cdfs
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD/DVD File System Reader
Description: ISO9660/Joliet File System Reader for CD/DVDs. (Core) (All pieces)
Image path: system32\DRIVERS\cdfs.sys
Image size: 70144
Image MD5: 7ADD03E75BEB9E6DD102C3081D29840A
Control Set: CurrentControlSet
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): cdrom
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CD-ROM Driver
Image path: system32\DRIVERS\cdrom.sys
Image size: 67072
Image MD5: 1EC25CEA0DE6AC4718BF89F9E1778B57
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1

Service (registry key): CertPropSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\certprop.dll,-11
Description: @%SystemRoot%\System32\certprop.dll,-12
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): circlass
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Consumer IR Devices
Image path: \SystemRoot\system32\drivers\circlass.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): CLFS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Common Log (CLFS)
Description: Common Log (CLFS)
Image path: System32\CLFS.sys
Image size: 247352
Image MD5: 465745561C832B29F7C48B488AAB3842
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): clr_optimization_v2.0.50727_32
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft .NET Framework NGEN v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Image size: 70144
Image MD5: A4AF4201BD519971F8F34724F3CA9DBB
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0

Service (registry key): CLTNetCnService
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Lic NetConnect service
Description: Symantec Lic NetConnect Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
Image size: 149864
Image MD5: A8D49668CA8BBDDF5D3D4FBD9ECFF49E
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0

Service (registry key): CmBatt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft ACPI Control Method Battery Driver
Image path: system32\DRIVERS\CmBatt.sys
Image size: 14208
Image MD5: 99AFC3795B58CC478FBBBCDC658FCB56
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): cmdide
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\cmdide.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 3

Service (registry key): COH_Mon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COH_Mon
Image path: \??\C:\Windows\system32\Drivers\COH_Mon.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): comHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: COM Host
Description: COM aggregation host service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe"
Image size: 55640
Image MD5: 75A69CA9998577F8B2BE8695040E5DF4
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: RpcSs

Service (registry key): Compbatt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Composite Battery Driver
Image path: system32\DRIVERS\compbatt.sys
Image size: 20792
Image MD5: 6AFEF0B60FA25DE07C0968983EE4F60A
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): COMSysApp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-947
Description: @comres.dll,-948
Object name: LocalSystem
Image path: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 7168
Image MD5: BE01E566D1F569AAB32D0335613E1EEA
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs,EventSystem,SENS

Service (registry key): CO_Mon
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: CO_Mon
Image path: \??\C:\Windows\system32\drivers\CO_Mon.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): crcdisk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Crcdisk Filter Driver
Image path: system32\drivers\crcdisk.sys
Image size: 24632
Image MD5: 741E9DFF4F42D2D8477D0FC1DC0DF871
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): Crusoe
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Transmeta Crusoe Processor Driver
Image path: \SystemRoot\system32\drivers\crusoe.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): crypt32
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): CryptSvc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\cryptsvc.dll,-1001
Description: @%SystemRoot%\system32\cryptsvc.dll,-1002
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): DCLocator
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): DcomLaunch
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @oleres.dll,-5012
Description: @oleres.dll,-5013
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k DcomLaunch
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): DfsC
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\drivers\dfsc.sys,-101
Description: @%systemroot%\system32\drivers\dfsc.sys,-102
Image path: System32\Drivers\dfsc.sys
Image size: 75264
Image MD5: 9E635AE5E8AD93E2B5989E2E23679F97
Control Set: CurrentControlSet
Start: 1
Type: 2
Error Control: 1
Depends On services: Mup

Service (registry key): DFSR
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @dfsrres.dll,-101
Description: @dfsrres.dll,-102
Object name: LocalSystem
Image path: %SystemRoot%\system32\DFSR.exe
Image size: 2091520
Image MD5: FA3463F25F9CC9C3BCF1E7912FEFF099
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 1
Depends On services: RpcSs,EventSystem

Service (registry key): Dhcp
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\dhcpcsvc.dll,-100
Description: @%SystemRoot%\system32\dhcpcsvc.dll,-101
Object name: NT Authority\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: NSI,Tdx,Afd

Service (registry key): disk
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Pilote de disque
Image path: system32\drivers\disk.sys
Image size: 55352
Image MD5: 64109E623ABD6955C8FB110B592E68B7
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 1

Service (registry key): Dnscache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\System32\dnsapi.dll,-101
Description: @%SystemRoot%\System32\dnsapi.dll,-102
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: Tdx

Service (registry key): dot3svc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\dot3svc.dll,-1102
Description: @%systemroot%\system32\dot3svc.dll,-1103
Object name: localSystem
Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio,Eaphost

Service (registry key): DPS
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\dps.dll,-500
Description: @%systemroot%\system32\dps.dll,-501
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): drmkaud
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Kernel DRM Audio Descrambler
Image path: system32\drivers\drmkaud.sys
Image size: 5632
Image MD5: 97FEF831AB90BEE128C9AF390E243F80
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): DXGKrnl
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: LDDM Graphics Subsystem
Description: Controls the underlying video driver stacks to provide fully-featured display capabilities.
Image path: \SystemRoot\System32\drivers\dxgkrnl.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 0

Service (registry key): E1G60
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Intel(R) PRO/1000 NDIS 6 Adapter Driver
Image path: system32\DRIVERS\E1G60I32.sys
Image size: 118784
Image MD5: 5425F74AC0C1DBD96A1E04F17D63F94C
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): EapHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\eapsvc.dll,-1
Description: @%systemroot%\system32\eapsvc.dll,-2
Object name: localSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS,KeyIso

Service (registry key): Ecache
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: ReadyBoost Caching Driver
Description: ReadyBoost Caching Driver
Image path: System32\drivers\ecache.sys
Image size: 143416
Image MD5: DD2CD259D83D8B72C02C5F2331FF9D68
Control Set: CurrentControlSet
Start: 0
Type: 1
Error Control: 3

Service (registry key): eeCtrl
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Symantec Eraser Control driver
Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 1
Type: 1
Error Control: 1
Depends On services: FltMgr

Service (registry key): ehRecvr
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehrecvr.exe,-101
Description: @%SystemRoot%\ehome\ehrecvr.exe,-102
Object name: NT AUTHORITY\networkService
Image path: %systemroot%\ehome\ehRecvr.exe
Image size: 292352
Image MD5: 9BE3744D295A7701EB425332014F0797
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS

Service (registry key): ehSched
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehsched.exe,-101
Description: @%SystemRoot%\ehome\ehsched.exe,-102
Object name: NT AUTHORITY\networkService
Image path: %systemroot%\ehome\ehsched.exe
Image size: 131072
Image MD5: AD1870C8E5D6DD340C829E6074BF3C3F
Control Set: CurrentControlSet
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS

Service (registry key): ehstart
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\ehome\ehstart.dll,-101
Description: @%SystemRoot%\ehome\ehstart.dll,-102
Object name: NT AUTHORITY\LocalService
Image path: %windir%\system32\svchost.exe -k LocalServiceNoNetwork
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): ELOADER
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: General Purpose USB Driver (adildr.sys)
Image path: System32\Drivers\adildr.sys
Image size: 56088
Image MD5: 8DBFD1ED1EC1EE6C3977532912B18C21
Control Set: CurrentControlSet
Start: 2
Type: 1
Error Control: 1

Service (registry key): elxstor
Registry path: \SYSTEM\CurrentControlSet\Services\
Image path: \SystemRoot\system32\drivers\elxstor.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): EmdCache
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): EMDMgmt
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\emdmgmt.dll,-1000
Description: @%SystemRoot%\system32\emdmgmt.dll,-1001
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 0
Depends On services: rpcss,ecache,slsvc,fileinfo

Service (registry key): EraserUtilRebootDrv
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: EraserUtilRebootDrv
Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 3
Type: 1
Error Control: 1

Service (registry key): ErrDev
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Microsoft Hardware Error Device Driver
Image path: \SystemRoot\system32\drivers\errdev.sys
Image size: 0
Image MD5: D41D8CD98F00B204E9800998ECF8427E
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): ESENT
Registry path: \SYSTEM\CurrentControlSet\Services\
Control Set: CurrentControlSet
Start: 0
Type: 0
Error Control: 0

Service (registry key): Eventlog
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%SystemRoot%\system32\wevtsvc.dll,-200
Description: @%SystemRoot%\system32\wevtsvc.dll,-201
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1

Service (registry key): EventSystem
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @comres.dll,-2450
Description: @comres.dll,-2451
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: rpcss

Service (registry key): exfat
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: exFAT File System Driver
Description: exFAT File System Driver
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): fastfat
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: FAT12/16/32 File System Driver
Description: Note - dependance on CDROM.SYS only if required to read/write DVD-RAM media (which appears as CD class device). (Core) (All pieces)
Control Set: CurrentControlSet
Start: 3
Type: 2
Error Control: 1

Service (registry key): fdc
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: Floppy Disk Controller Driver
Image path: system32\DRIVERS\fdc.sys
Image size: 25088
Image MD5: AFE1E8B9782A0DD7FB46BBD88E43F89A
Control Set: CurrentControlSet
Start: 4
Type: 1
Error Control: 1

Service (registry key): fdPHost
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\fdPHost.dll,-100
Description: @%systemroot%\system32\fdPHost.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,http

Service (registry key): FDResPub
Registry path: \SYSTEM\CurrentControlSet\Services\
Display name: @%systemroot%\system32\fdrespub.dll,-100
Description: @%systemroot%\system32\fdrespub.dll,-101
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 21504
Image MD5: 3794B461C45882E06856F282EEF025AF
Control Set: CurrentControlSet
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,http

Service (registry key): FileInfo
Registry path: \SYSTEM\CurrentC
Contenus similaires
a b 8 Sécurité
26 Septembre 2008 22:13:35

Bonjour,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    26 Septembre 2008 22:27:49

    voila le rapport combofix merci

    ComboFix 08-09-25.07 - simon 2008-09-26 21:56:02.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1864 [GMT 2:00]
    Lancé depuis: C:\Users\simon\Desktop\ComboFix.exe
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\autorun.inf
    C:\Users\simon\AppData\Local\Temp\ymxcqmsv.dll
    C:\Windows\system32\ddcYSljk.dll
    C:\Windows\system32\hgghGWmJ.dll
    C:\Windows\system32\hgGwurom.dll
    C:\Windows\system32\ljJdebCR.dll
    C:\Windows\system32\nnNfDWPI.dll
    C:\Windows\system32\qoMgfEuV.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-08-26 au 2008-09-26 ))))))))))))))))))))))))))))))))))))
    .

    2008-09-26 21:54 . 2008-09-26 21:54 <REP> d-------- C:\Users\simon\AppData\Roaming\Malwarebytes
    2008-09-26 21:54 . 2008-09-26 21:54 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-09-26 21:54 . 2008-09-26 21:54 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-09-21 18:16 . 2008-09-21 18:16 <REP> d-------- C:\Program Files\Alwil Software
    2008-09-21 16:58 . 2008-09-21 17:00 <REP> d-------- C:\ProgramData\Lavasoft
    2008-09-21 16:58 . 2008-09-21 16:58 <REP> d-------- C:\Program Files\Lavasoft
    2008-09-21 16:57 . 2008-09-21 16:57 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-09-21 16:44 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll
    2008-09-21 16:34 . 2008-09-21 16:34 <REP> d-------- C:\Program Files\MSXML 4.0
    2008-09-20 23:00 . 2008-09-22 18:44 <REP> d-------- C:\temp
    2008-09-20 22:54 . 2008-09-20 22:54 27,839 --a------ C:\Users\simon\AppData\Roaming\nvModes.dat
    2008-09-20 22:15 . 2008-09-21 16:30 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
    2008-09-20 22:15 . 2008-09-20 22:17 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-09-19 21:19 . 2008-09-20 21:05 <REP> d-------- C:\Program Files\Windows Live
    2008-09-19 21:19 . 2008-09-20 21:00 <REP> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
    2008-09-19 21:18 . 2008-09-20 20:54 <REP> d-------- C:\ProgramData\WLInstaller
    2008-09-19 21:01 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
    2008-09-19 21:01 . 2008-06-26 03:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
    2008-09-19 21:01 . 2008-06-26 05:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
    2008-09-19 20:59 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll
    2008-09-19 20:59 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
    2008-09-19 20:59 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
    2008-09-19 20:59 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
    2008-09-19 20:20 . 2008-09-19 20:22 168 --a------ C:\Windows\adidsl.ini
    2008-09-19 20:20 . 2008-09-19 20:21 21 --a------ C:\Windows\Fast800.ini
    2008-09-19 20:18 . 2008-09-19 20:18 <REP> d-------- C:\Users\simon\AppData\Roaming\InstallShield
    2008-09-19 20:18 . 2008-09-19 20:18 <REP> d-------- C:\Program Files\SAGEM
    2008-09-17 20:04 . 2008-09-17 20:04 <REP> d-------- C:\Users\simon\AppData\Roaming\SolidWorks 2008
    2008-09-17 20:02 . 2008-09-17 20:04 <REP> d-------- C:\Users\simon\AppData\Roaming\SolidWorks
    2008-09-17 19:07 . 2008-09-17 19:07 <REP> d-------- C:\Users\simon\AppData\Roaming\DWGeditor
    2008-09-17 19:06 . 2008-09-17 19:06 0 --a------ C:\Windows\eDrawingOfficeAutomator.INI
    2008-09-17 19:05 . 2008-09-17 19:09 23 --ah----- C:\Windows\yacht.xws
    2008-09-17 19:02 . 2008-09-17 19:02 <REP> d-------- C:\Solidworks Data
    2008-09-17 19:02 . 2008-09-17 19:02 <REP> d-------- C:\ProgramData\SolidWorks
    2008-09-17 19:02 . 2008-09-17 19:04 <REP> d-------- C:\Program Files\SolidWorks
    2008-09-17 19:02 . 2008-09-17 19:05 <REP> d-------- C:\Program Files\Common Files\SolidWorks Shared
    2008-09-17 19:02 . 2008-09-17 19:06 <REP> d-------- C:\Program Files\Common Files\eDrawings2008
    2008-09-17 19:02 . 2008-09-17 19:02 <REP> d-------- C:\Program Files\AGEIA Technologies
    2008-09-17 18:58 . 2008-09-17 18:58 <REP> d-------- C:\Program Files\MSECache
    2008-09-17 18:58 . 2008-04-18 12:56 753 --a------ C:\Program Files\setup.bat
    2008-09-17 18:55 . 2008-09-17 18:55 <REP> d-a------ C:\Program Files\swwi
    2008-09-17 18:55 . 2008-09-17 18:55 <REP> d-a------ C:\Program Files\setup
    2008-09-17 18:55 . 2008-09-17 18:55 <REP> d-a------ C:\Program Files\eDrawings
    2008-09-17 18:55 . 2008-09-17 19:07 <REP> d-a------ C:\Program Files\DWGeditor
    2008-09-10 21:10 . 2002-02-28 15:51 188,960 --a------ C:\Windows\System32\WINGDE.DLL
    2008-09-10 21:10 . 2002-02-28 15:51 92,208 --a------ C:\Windows\System32\WING.DLL
    2008-09-10 21:10 . 2002-02-28 15:51 6,736 --a------ C:\Windows\System32\WINGDIB.DRV
    2008-09-10 21:10 . 2002-02-28 15:51 5,024 --a------ C:\Windows\System32\WINGPAL.WND
    2008-09-10 21:10 . 2002-02-28 15:51 1,966 --a------ C:\Windows\System32\DVA.386
    2008-09-10 21:09 . 2008-09-10 21:12 <REP> d-------- C:\DFH
    2008-09-10 19:20 . 2008-09-11 18:17 <REP> d-------- C:\audiograbber
    2008-09-02 20:18 . 2008-09-02 20:18 <REP> dr------- C:\Windows\System32\config\systemprofile\Music
    2008-09-02 20:18 . 2008-09-02 20:18 <REP> d-------- C:\Users\simon\AppData\Roaming\Media Player Classic
    2008-09-02 20:16 . 2008-09-02 20:16 <REP> d-------- C:\Program Files\K-Lite Codec Pack
    2008-09-02 15:30 . 2008-09-02 15:31 <REP> d-------- C:\Program Files\Wanadoo
    2008-09-02 15:30 . 2008-09-02 15:31 102 --a------ C:\Windows\Kit.ini
    2008-09-02 14:22 . 2008-09-02 14:22 <REP> d-------- C:\ProgramData\LightScribe
    2008-08-31 17:38 . 2008-08-31 17:38 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
    2008-08-31 17:38 . 2008-08-31 17:38 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    2008-08-31 15:31 . 2008-09-04 21:33 24 --a------ C:\Windows\ATKPF.ini
    2008-08-31 14:21 . 2008-08-31 14:21 <REP> d-------- C:\Users\simon\P4P
    2008-08-31 14:21 . 2008-08-31 14:21 <REP> d-------- C:\Users\simon\AppData\Roaming\Symantec
    2008-08-31 14:21 . 2008-08-31 14:21 <REP> d-------- C:\Users\simon\AppData\Roaming\Logitech
    2008-08-31 14:20 . 2008-08-31 14:20 <REP> dr------- C:\Users\simon\Searches
    2008-08-31 14:20 . 2008-09-21 18:32 <REP> dr------- C:\Users\simon\Contacts
    2008-08-31 14:20 . 2008-08-31 14:20 <REP> d--hs---- C:\$RECYCLE.BIN
    2008-08-31 14:18 . 2008-08-31 14:18 <REP> d-------- C:\Program Files\Common Files\Adobe
    2008-08-31 14:16 . 2008-08-31 14:20 <REP> dr------- C:\Users\simon\Videos
    2008-08-31 14:16 . 2008-09-01 21:45 <REP> dr------- C:\Users\simon\Saved Games
    2008-08-31 14:16 . 2008-08-31 17:46 <REP> dr------- C:\Users\simon\Pictures
    2008-08-31 14:16 . 2008-08-31 14:20 <REP> dr------- C:\Users\simon\Music
    2008-08-31 14:16 . 2008-08-31 14:20 <REP> dr------- C:\Users\simon\Links
    2008-08-31 14:16 . 2008-09-20 21:43 <REP> dr------- C:\Users\simon\Downloads
    2008-08-31 14:16 . 2008-09-22 22:36 <REP> dr------- C:\Users\simon\Documents
    2008-08-31 14:16 . 2006-11-02 14:37 <REP> d-------- C:\Users\simon\AppData\Roaming\Media Center Programs
    2008-08-31 14:16 . 2008-08-31 14:18 <REP> d--h----- C:\Users\simon\AppData
    2008-08-31 14:16 . 2008-09-20 21:03 <REP> d-------- C:\Users\simon
    2008-08-31 14:09 . 2008-08-31 14:09 <REP> dr------- C:\Windows\System32\config\systemprofile\Contacts

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-09-22 16:57 --------- d-----w C:\ProgramData\Microsoft Help
    2008-09-21 17:24 --------- d-----w C:\ProgramData\Symantec
    2008-09-21 14:51 --------- d-----w C:\Program Files\Windows Mail
    2008-09-19 18:48 --------- d-----w C:\Program Files\Norton Internet Security
    2008-09-19 18:48 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-09-19 18:45 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF
    2008-09-19 18:45 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS
    2008-09-19 18:45 10,671 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT
    2008-09-19 18:45 --------- d-----w C:\Program Files\Symantec
    2008-09-19 18:21 32 ----a-w C:\Windows\system32\drivers\adidsl.cfg
    2008-09-19 18:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-09 22:04 38,528 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys
    2008-09-09 22:03 17,200 ----a-w C:\Windows\system32\drivers\mbam.sys
    2008-08-31 15:46 --------- d-----w C:\ProgramData\ASUS
    2008-08-02 01:01 625,152 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys
    2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-07-30 15:42 23,888 ----a-w C:\Windows\system32\drivers\COH_Mon.sys
    2008-07-30 15:28 706 ----a-w C:\Windows\system32\drivers\COH_Mon.inf
    2008-07-30 15:28 10,537 ----a-w C:\Windows\system32\drivers\coh_mon.cat
    2008-07-08 22:04 33,136 ----a-w C:\Windows\ASScrPro.exe
    2008-07-08 21:32 319,456 ----a-w C:\Windows\DIFxAPI.dll
    2008-07-08 21:32 315,392 ----a-w C:\Windows\HideWin.exe
    2008-01-24 13:27 24 ----a-w C:\Program Files\swdata1.id
    2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
    1997-06-25 14:42 7,078 ----a-w C:\Program Files\sw.ico
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
    @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
    [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
    2007-06-02 02:08 143360 --a------ C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
    "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 125952]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    "WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 C:\Windows\System32\oobefldr.dll]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-14 51048]
    "ATKOSD2"="C:\Program Files\ATKOSD2\ATKOSD2.exe" [2007-10-18 7737344]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-01-21 92704]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-01-21 8534560]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-01-21 88608]
    "SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-08-28 655360]
    "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
    "ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
    "ChkMail"="C:\Program Files\ChkMail\ChkMail\ChkMail.exe" [2007-07-14 741376]
    "PowerForPhone"="C:\Program Files\P4P\P4P.exe" [2007-08-03 778240]
    "zDirectMessenger"="C:\Program Files\ASUS\ASUS Direct Console\LCMP.EXE" [2007-09-12 988160]
    "ASUS Screen Saver Protector"="C:\Windows\ASScrPro.exe" [2008-07-09 33136]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-02-13 C:\Windows\RtHDVCpl.exe]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-12 C:\Windows\KHALMNPR.Exe]

    C:\Users\simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Moteur du Planificateur de tƒches SolidWorks.lnk - C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe [2008-04-17 488728]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-09-19 1214032]
    SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe [2008-07-09 692224]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3codecp"= l3codecp.acm
    "msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
    "VIDC.YV12"= yv12vfw.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "UacDisableNotify"=dword:00000001
    "InternetSettingsDisableNotify"=dword:00000001
    "AutoUpdateDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{30908667-B204-4242-9B43-14898102A48B}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{100F36A5-6CB6-42D2-A658-D0EC304AE9CC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys [2007-09-27 15416]
    R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080916.005\IDSvix86.sys [2008-09-12 270384]
    R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-14 149864]
    R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-06-13 41008]
    S2 ELOADER;General Purpose USB Driver (adildr.sys);C:\Windows\system32\Drivers\adildr.sys [2007-01-10 56088]
    S3 COH_Mon;COH_Mon;C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
    S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
    S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
    \shell\AutoRun\command - F:\wdsync.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e614f3a3-78e4-11dd-828c-806e6f6e6963}]
    \shell\AutoRun\command - F:\wdsync.exe

    *Newly Created Service* - COMHOST

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
    .
    Contenu du dossier 'Tâches planifiées'
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-b8677ea2 - C:\Users\simon\AppData\Local\Temp\ymxcqmsv.dll
    HKCU-Run-MSServer - C:\Users\simon\AppData\Local\Temp\yayxvSIX.dll
    HKCU-Run-MSSMSGS - winwzw32.rom
    HKLM-Run-MSServer - C:\Windows\system32\ljJdebCR.dll
    ShellExecuteHooks-{DA2E0515-F0D5-4773-8191-400CCD50783B} - C:\Windows\system32\ljJdebCR.dll


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Users\simon\AppData\Roaming\Mozilla\Firefox\Profiles\23bjwgj6.default\
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-26 22:16:57
    Windows 6.0.6001 Service Pack 1 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...


    C:\ADSM_PData_0150

    Scan terminé avec succès
    Fichiers cachés: 1

    **************************************************************************
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    PROCESSUS: C:\Windows\Explorer.exe
    -> C:\Program Files\ASUS\ASUS Direct Console\MSNHOOK.DLL
    .
    ------------------------ Autres processus actifs ------------------------
    .
    C:\Windows\System32\audiodg.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    C:\Program Files\ATK Hotkey\AsLdrSrv.exe
    C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
    C:\Windows\System32\conime.exe
    C:\Program Files\ATK Hotkey\HControl.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Program Files\ASUS\Splendid\ACMON.exe
    C:\Windows\System32\ACEngSvr.exe
    C:\Program Files\ATK Hotkey\ATKOSD.exe
    C:\Program Files\ATK Hotkey\KBFiltr.exe
    C:\Program Files\ATK Hotkey\WDC.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\wbem\unsecapp.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Windows\System32\wbem\WMIADAP.exe
    C:\Windows\System32\dllhost.exe
    C:\Windows\System32\rundll32.exe
    .
    **************************************************************************
    .
    Heure de fin: 2008-09-26 22:21:30 - La machine a redémarré
    ComboFix-quarantined-files.txt 2008-09-26 20:21:18

    Avant-CF: 131ÿ021ÿ799ÿ424 octets libres
    Après-CF: 130,256,932,864 octets libres

    278 --- E O F --- 2008-09-22 19:18:45
    26 Septembre 2008 22:40:19

    au démarage je n'ai plus de message d'érreurs et spybot ne dectecte plus de modification de clé du registre
    voila mon hijackthis sans norton et sans spybot résident
    si il y a autre chose a faire pour me débarasser de toutes ereurs ou virus merci de me le préciser
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:34:27, on 26/09/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files\ATKOSD2\ATKOSD2.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Program Files\ChkMail\ChkMail\ChkMail.exe
    C:\Program Files\P4P\P4P.exe
    C:\Program Files\ASUS\ASUS Direct Console\LCMP.exe
    C:\Windows\ASScrPro.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\SetPoint\SetPoint.exe
    C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Users\simon\Desktop\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [ChkMail] C:\Program Files\ChkMail\ChkMail\ChkMail.exe
    O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
    O4 - HKLM\..\Run: [zDirectMessenger] "C:\Program Files\ASUS\ASUS Direct Console\LCMP.EXE"
    O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: SetPoint.lnk = C:\Program Files\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 8219 bytes

    a b 8 Sécurité
    27 Septembre 2008 13:36:38

    Tu as encore des soucis ?
    3 Octobre 2008 22:08:09

    bonjour désolé du retard je n'ai pa souvent accès a internet
    non je n'ai plus de problème
    merci de l'aide
    a b 8 Sécurité
    4 Octobre 2008 12:53:30

    Bon surf.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS