infecté par malwarecore

[flowstylz]

je suis arriver à virer cette icône en la supprimant à la main elle ne revient plus

[Thanos]

salut

 

Désolé pour la réponse tardive!!

 

J'aimerai stp que tu fasses analyser un fichier pour lequel je n'ai aucune info >

 

Rend toi à cette adresse => http://www.virustotal.com/

 

Tu as une case nommée "Parcourir": tu cliques dessus et une fenêtre s'ouvre=> copie/colle ceci dans le champs à droite de "Nom du Fichier" en bas de page >> C:\WINDOWS\system32\windnll.exe

 

Clique maintenant sur "ouvrir" en bas de la fenêtre puis sur "Envoyer le fichier". Le scan de ce fichier va débuter. Tu n'as plus qu'à sélectionner puis copier /coller l'analyse dans ton prochain message.

Note: les fichiers uploadés sont mis en attente, car le virusscan est sollicité! patiente (un message t'indique le temps que ca prendra pour faire analyser)

 

Un scan en ligne pour en finir (le scan se fait avec Internet Explorer) >>

 

Clique sur le lien suivant > ESET Online Scanner Link

• Coche la case YES, I accept the Terms Of Use
  
• Clique sur le bouton Start
  
• Clique ensuite sur le bouton Install
  
• Clique sur Start
  
• Le scanner va se mettre à jour.
  
• Ne coche pas la case Remove found threats
  
• Clique sur le bouton Scan
  
• Le scan va se lancer: soit patient.
  
• Lorsque le scan s'achève, clique sur le menu Details
  
• Copie/colle le contenu du rapport généré: il se trouve ici > the contents of the C:\Program Files\EsetOnlineScanner et se nomme log.txt
  

[flowstylz]

Fichier windnll reçu le 2008.10.02 11:46:09 (CET)

Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE

Résultat: 0/36 (0%)

 

Antivirus Version Dernière mise à jour Résultat

AhnLab-V3 2008.10.2.0 2008.10.02 -

AntiVir 7.8.1.34 2008.10.02 -

Authentium 5.1.0.4 2008.10.02 -

Avast 4.8.1248.0 2008.10.01 -

AVG 8.0.0.161 2008.10.01 -

BitDefender 7.2 2008.10.02 -

CAT-QuickHeal 9.50 2008.10.01 -

ClamAV 0.93.1 2008.10.02 -

DrWeb 4.44.0.09170 2008.10.02 -

eSafe 7.0.17.0 2008.10.01 -

eTrust-Vet 31.6.6121 2008.10.02 -

Ewido 4.0 2008.10.01 -

F-Prot 4.4.4.56 2008.09.30 -

F-Secure 8.0.14332.0 2008.10.02 -

Fortinet 3.113.0.0 2008.10.02 -

GData 19 2008.10.02 -

Ikarus T3.1.1.34.0 2008.10.02 -

K7AntiVirus 7.10.479 2008.10.01 -

Kaspersky 7.0.0.125 2008.10.02 -

McAfee 5396 2008.10.02 -

Microsoft 1.4005 2008.10.02 -

NOD32 3489 2008.10.02 -

Norman 5.80.02 2008.10.01 -

Panda 9.0.0.4 2008.10.02 -

PCTools 4.4.2.0 2008.10.01 -

Prevx1 V2 2008.10.02 -

Rising 20.63.62.00 2008.09.28 -

SecureWeb-Gateway 6.7.6 2008.10.02 -

Sophos 4.34.0 2008.10.02 -

Sunbelt 3.1.1668.1 2008.09.24 -

Symantec 10 2008.10.02 -

TheHacker 6.3.0.9.098 2008.10.01 -

TrendMicro 8.700.0.1004 2008.10.02 -

VBA32 3.12.8.6 2008.10.02 -

ViRobot 2008.10.1.1402 2008.10.02 -

VirusBuster 4.5.11.0 2008.10.01 -

Information additionnelle

File size: 2645 bytes

MD5...: f94f069abe46b91418d60d4b7d66b458

SHA1..: 82a5e7eacdc0e316572bb6ccb4af2e5097871eb6

SHA256: bfc259a226a4fac6d76d2cdee5748285ff45cbc1aeed3a8dcdd0d4b57a456d59

SHA512: d0458472bafec6315bf70f468257a62f22f893d7e7129767d72bc8928185a3c4

4e5f7d509cd134a8ac00531d2b6eaae75c9e70c665d880c01f487f0610200cfb

PEiD..: -

TrID..: File type identification

MP3 audio (100.0%)

PEInfo: -

[Thanos]

salut

 

Ok le fichier ne semble pas être néfaste.

Est ce que tu as pû faire le scan en ligne ? peux tu poster son rapport stp?

[flowstylz]

# version=4

# OnlineScanner.ocx=1.0.0.56

# OnlineScannerDLLA.dll=1, 0, 0, 51

# OnlineScannerDLLW.dll=1, 0, 0, 51

# OnlineScannerUninstaller.exe=1, 0, 0, 49

# vers_standard_module=3489 (20081002)

# vers_arch_module=1.064 (20080214)

# vers_adv_heur_module=1.066 (20070917)

# EOSSerial=5a5b8f401c21bf4782037116af282de4

# end=finished

# remove_checked=true

# unwanted_checked=true

# utc_time=2008-10-02 02:45:58

# local_time=2008-10-02 04:45:58 (+0100, Paris, Madrid)

# country="France"

# osver=5.1.2600 NT Service Pack 3

# scanned=197555

# found=0

# scan_time=14214

[Thanos]

salut

 

Bon he bien comme le confirme le rapport du scan en ligne, il n'y a rien de mauvais

Spybot S&D te détecte t'il encore ce malwarecore ?

[flowstylz]

non il ne me le détecte plus

[Thanos]

salut

 

Ok pour malwarecore!

flowstylz, étant donné que ton dernier rapport date, peux tu relancer RSIT et me poster un nouveau rapport ? C'est juste pour vérification.

 

Passe par le Menu Démarrer > Exécuter > et tape ceci > ComboFix /u (il ya un espace entre x et / )

Une fenêtre va s'ouvrir et ComboFix sera désinstallé de ton pc.

Modifié le 19 octobre 2008 par Thanos

[flowstylz]

Logfile of random's system information tool 1.04 (written by random/random)

Run by florent at 2008-10-24 11:51:58

Microsoft Windows XP Professionnel Service Pack 3

System drive E: has 15 GB (28%) free of 53 GB

Total RAM: 447 MB (19% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:52:37, on 24/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18241)

Boot mode: Normal

 

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\system32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\WINDOWS\system32\spoolsv.exe

E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe

E:\WINDOWS\Explorer.EXE

E:\Program Files\COMODO\Firewall\cmdagent.exe

E:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe

E:\WINDOWS\system32\nvsvc32.exe

E:\WINDOWS\system32\svchost.exe

E:\Program Files\HP\HP Software Update\HPWuSchd2.exe

E:\WINDOWS\SOUNDMAN.EXE

E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

E:\WINDOWS\system32\rundll32.exe

E:\Program Files\COMODO\Firewall\cfp.exe

E:\WINDOWS\system32\LVCOMSX.EXE

E:\Program Files\Logitech\Video\LogiTray.exe

E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

E:\WINDOWS\system32\ctfmon.exe

E:\Program Files\Free Download Manager\fdm.exe

E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

E:\Program Files\TomTom HOME 2\HOMERunner.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

E:\PROGRA~1\MESSEN~1\msmsgs.exe

E:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe

E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe

E:\PROGRA~1\Belkin\LOGICI~1\BTSTAC~1.EXE

E:\Program Files\Logitech\Video\FxSvr2.exe

E:\WINDOWS\System32\svchost.exe

E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

E:\Program Files\MSN Messenger\usnsvc.exe

E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

E:\Documents and Settings\florent\Bureau\NisScript_2.3\NisScript_2.3\NisScript 2.3\mirc.exe

E:\Program Files\MSN Messenger\msnmsgr.exe

E:\Program Files\Mozilla Firefox\firefox.exe

E:\Program Files\Internet Explorer\IEXPLORE.EXE

E:\Program Files\Internet Explorer\IEXPLORE.EXE

E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

E:\Documents and Settings\florent\Bureau\RSIT.exe

E:\Program Files\trend micro\florent.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris

R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - E:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\COMODO\Firewall\cfp.exe" -h

O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] E:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] E:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [VirtualCloneDrive] "E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "E:\Program Files\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "E:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [MSMSGS] "E:\PROGRA~1\MESSEN~1\msmsgs.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download web site with Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm

O8 - Extra context menu item: Download with Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://www.orange.fr

O17 - HKLM\System\CCS\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129

O17 - HKLM\System\CS1\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129

O20 - AppInit_DLLs: E:\WINDOWS\system32\guard32.dll

O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Boonty Games - Unknown owner - E:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - E:\Program Files\COMODO\Firewall\cmdagent.exe

O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - E:\Program Files\WinPcap\rpcapd.exe

 

--

End of file - 10351 bytes

 

======Scheduled tasks folder======

 

E:\WINDOWS\tasks\AppleSoftwareUpdate.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

EoBho Class - E:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2005-10-10 7286784]

"nwiz"=nwiz.exe /install []

"avgnt"=E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-09-05 266497]

"HP Software Update"=E:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

"SoundMan"=E:\WINDOWS\SOUNDMAN.EXE [2005-09-22 90112]

"NvMediaCenter"=E:\WINDOWS\system32\NvMcTray.dll [2005-10-10 86016]

"Adobe Reader Speed Launcher"=E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

"SunJavaUpdateSched"=E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

"COMODO Firewall Pro"=E:\Program Files\COMODO\Firewall\cfp.exe [2005-11-04 1655552]

"LVCOMSX"=E:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]

"LogitechVideoRepair"=E:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]

"LogitechVideoTray"=E:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]

"VirtualCloneDrive"=E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2008-06-30 52168]

"EoEngine"= []

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"Free Download Manager"=E:\Program Files\Free Download Manager\fdm.exe [2006-04-29 1990703]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]

"TomTomHOME.exe"=E:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]

"msnmsgr"=E:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2008-09-12 20480]

"LogitechSoftwareUpdate"=E:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]

"MSMSGS"=E:\PROGRA~1\MESSEN~1\msmsgs.exe [2008-04-13 1695232]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Nero BackItUp Scheduler 3"=2

"iPod Service"=3

 

E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

BTTray.lnk - E:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe

HP Digital Imaging Monitor.lnk - E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"=" E:\WINDOWS\system32\guard32.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

E:\WINDOWS\system32\WgaLogon.dll [2007-03-15 183808]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"legalnoticecaption"=

"legalnoticetext"=

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"NoDrives"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"E:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="E:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"

"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"

"E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"

"E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"

"E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"

"E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"

"E:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="E:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"

"E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"

"E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"

"E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"

"E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"

"E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"

"E:\WINDOWS\system32\dpvsetup.exe"="E:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"E:\Program Files\eMule\eMule.exe"="E:\Program Files\eMule\eMule.exe:*:Enabled:eMule"

"E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"E:\Program Files\Windows Live\Messenger\livecall.exe"="E:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"E:\Program Files\MSN Messenger\msnmsgr.exe"="E:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"E:\Program Files\MSN Messenger\livecall.exe"="E:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"E:\Program Files\Windows Live\Messenger\livecall.exe"="E:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"E:\Program Files\MSN Messenger\msnmsgr.exe"="E:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"E:\Program Files\MSN Messenger\livecall.exe"="E:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

======File associations======

 

.scr - config - "%1" /S

 

======List of files/folders created in the last 1 months======

 

2008-10-21 14:57:56 ----D---- E:\WINDOWS\Downloaded Installations

2008-10-18 16:39:59 ----D---- E:\WINDOWS\NV32243528.TMP

2008-10-15 15:11:22 ----D---- E:\Program Files\EoRezo

2008-10-02 12:43:39 ----D---- E:\Program Files\EsetOnlineScanner

2008-10-01 16:02:18 ----D---- E:\WINDOWS\Applian FLV Player

2008-09-26 19:33:31 ----D---- E:\Documents and Settings\florent\Application Data\Help

2008-09-26 18:17:20 ----A---- E:\WINDOWS\system32\msxml3a.dll

2008-09-25 14:04:17 ----D---- E:\Program Files\trend micro

2008-09-25 14:04:15 ----D---- E:\rsit

2008-09-25 10:36:32 ----A---- E:\WINDOWS\system32\swxcacls.exe

2008-09-25 10:36:32 ----A---- E:\WINDOWS\system32\swsc.exe

2008-09-25 10:36:32 ----A---- E:\WINDOWS\system32\swreg.exe

 

======List of files/folders modified in the last 1 months======

 

2008-10-24 11:51:17 ----D---- E:\Documents and Settings\florent\Application Data\Free Download Manager

2008-10-24 11:38:44 ----D---- E:\Program Files\Mozilla Firefox

2008-10-24 11:34:39 ----D---- E:\WINDOWS

2008-10-24 11:34:36 ----D---- E:\WINDOWS\temp

2008-10-24 11:33:32 ----D---- E:\WINDOWS\system32\CatRoot2

2008-10-24 11:33:32 ----D---- E:\Program Files\eMule

2008-10-24 11:32:10 ----RD---- E:\Program Files

2008-10-23 23:16:58 ----N---- E:\WINDOWS\SchedLgU.Txt

2008-10-23 21:04:15 ----RSHDC---- E:\WINDOWS\system32\dllcache

2008-10-23 19:36:34 ----D---- E:\Program Files\Steam

2008-10-23 18:48:09 ----AC---- E:\WINDOWS\NeroDigital.ini

2008-10-23 18:25:36 ----D---- E:\WINDOWS\Prefetch

2008-10-22 18:20:18 ----D---- E:\WINDOWS\system32\LogFiles

2008-10-21 15:03:22 ----SHD---- E:\WINDOWS\Installer

2008-10-21 15:03:22 ----HD---- E:\Config.Msi

2008-10-21 15:03:22 ----D---- E:\WINDOWS\system32

2008-10-19 00:02:00 ----SD---- E:\WINDOWS\Downloaded Program Files

2008-10-18 16:40:10 ----D---- E:\WINDOWS\system32\ReinstallBackups

2008-10-18 16:40:08 ----D---- E:\WINDOWS\system32\drivers

2008-10-18 16:37:24 ----A---- E:\WINDOWS\Ascd_tmp.ini

2008-10-18 14:45:22 ----D---- E:\Documents and Settings\All Users\Application Data\Microsoft Help

2008-10-17 16:14:20 ----AC---- E:\WINDOWS\win.ini

2008-10-17 12:47:41 ----D---- E:\Documents and Settings\florent\Application Data\Adobe

2008-10-17 12:47:39 ----D---- E:\Documents and Settings\florent\Application Data\Macromedia

2008-10-17 09:42:10 ----D---- E:\WINDOWS\Debug

2008-10-16 17:56:03 ----HD---- E:\WINDOWS\inf

2008-10-16 17:55:54 ----HD---- E:\WINDOWS\$hf_mig$

2008-10-15 16:27:57 ----D---- E:\Documents and Settings\All Users\Application Data\Adobe

2008-10-15 10:41:58 ----D---- E:\Program Files\HP

2008-10-07 21:19:40 ----AC---- E:\WINDOWS\system32\MRT.exe

2008-10-01 17:19:13 ----D---- E:\Documents and Settings\florent\Application Data\mIRC

2008-10-01 17:18:58 ----D---- E:\Program Files\mIRC

2008-09-30 19:35:18 ----SHD---- E:\RECYCLER

2008-09-28 19:18:30 ----D---- E:\Program Files\IMMonitor

2008-09-28 10:10:33 ----D---- E:\Program Files\Java

2008-09-27 20:15:24 ----A---- E:\rapport.txt

2008-09-27 19:15:40 ----D---- E:\Program Files\MSNFix

2008-09-26 18:21:58 ----D---- E:\Documents and Settings\All Users\Application Data\CyberLink

2008-09-26 18:16:23 ----AD---- E:\Documents and Settings\All Users\Application Data\TEMP

2008-09-26 09:17:57 ----D---- E:\Program Files\SweetIM

2008-09-25 10:53:39 ----D---- E:\Program Files\Orange HSS

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AmdK8;Pilote de processeur AMD; E:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]

R1 avgio;avgio; \??\E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; E:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-09-05 75072]

R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; E:\WINDOWS\System32\DRIVERS\cmdguard.sys [2005-11-04 87056]

R1 cmdHlp;COMODO Firewall Pro Helper Driver; E:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2005-11-04 24208]

R1 ElbyCDIO;ElbyCDIO Driver; E:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]

R1 kbdhid;Pilote HID de clavier; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]

R1 ssmdrv;ssmdrv; E:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

R2 tmcomm;tmcomm; \??\E:\WINDOWS\system32\drivers\tmcomm.sys []

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); E:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-09-22 3727680]

R3 avgntflt;avgntflt; \??\E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

R3 btaudio;Périphérique audio Bluetooth; E:\WINDOWS\system32\drivers\btaudio.sys [2005-08-24 401152]

R3 BTDriver;Pilote de communications virtuelles Bluetooth; E:\WINDOWS\system32\DRIVERS\btport.sys [2005-08-24 30363]

R3 BTKRNL;Enumérateur de bus Bluetooth; E:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-08-24 1341466]

R3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; E:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-08-24 148040]

R3 BTWUSB;WIDCOMM USB Bluetooth Driver; E:\WINDOWS\System32\Drivers\btwusb.sys [2005-08-24 56648]

R3 HidUsb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 LVUSBSta;Logitech USB Monitor Filter; E:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]

R3 mouhid;Pilote HID de souris; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]

R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-10-10 3530432]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048]

R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928]

R3 QCMerced;Logitech QuickCam Communicate; E:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]

R3 usbaudio;Pilote USB audio (WDM); E:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

R3 usbccgp;Pilote parent générique USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

R3 VClone;VClone; E:\WINDOWS\system32\DRIVERS\VClone.sys [2008-07-17 28672]

S1 wceusbsh;Pilote d'hôte USB série pour Windows CE; E:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-13 32128]

S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\E:\Program Files\CyberLink\PowerDVD\000.fcl []

S3 catchme;catchme; \??\E:\DOCUME~1\Cindy_2\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Décodeur sous-titre fermé; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; E:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; E:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; E:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nm;Pilote du Moniteur réseau; E:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]

S3 NPF;NetGroup Packet Filter Driver; E:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]

S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\E:\WINDOWS\system32\PCAMPR5.SYS []

S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\E:\WINDOWS\system32\PCANDIS5.SYS []

S3 SLIP;Détrameur décalage BDA; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbprint;Classe d'imprimantes USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WSTCODEC;Codec Teletext standard; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler; E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-09-05 68865]

R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-09-05 149761]

R2 btwdins;Bluetooth Service; E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe [2005-08-24 258103]

R2 cmdAgent;COMODO Firewall Pro Helper Service; E:\Program Files\COMODO\Firewall\cmdagent.exe [2005-11-04 519936]

R2 MDM;Machine Debug Manager; E:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]

R2 NVSvc;NVIDIA Display Driver Service; E:\WINDOWS\system32\nvsvc32.exe [2005-10-10 131139]

R3 NMIndexingService;NMIndexingService; E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; E:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S2 Pml Driver HPZ12;Pml Driver HPZ12; E:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]

S3 aspnet_state;Service d'état ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 Boonty Games;Boonty Games; E:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]

S3 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]

S3 NBService;NBService; E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]

S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; E:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]

S3 WLSetupSvc;Windows Live Setup Service; E:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; E:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

 

-----------------EOF-----------------