Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

TR/Crypt.ZPACK.Gen Comment le suprimer

Dernière réponse le 17 jui 2009 à 17:26:05 yusu, le 15 jui 2009 à 18:56:38

Signaler ce message aux modérateurs

Bonjour a tous

Hier lorsque je lance mon jeu cod4 Antivir me detect un virus [ TR/Crypt.ZPACK.Gen qui se trouve dans window/systeme32/drivers/pnkbstrk.sys] j arrive a le plasser en quarantaine mais pas a le suprimer et il me revient sans cesse le message d alerte donc si quelqu un a une idée je suis preneur

Merci :D

Configuration: Windows Vista
Firefox 3.0.11

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-07-15 19:38:54
Microsoft® Windows Vista™ Édition Intégrale
System drive C: has 199 GB (65%) free of 305 GB
Total RAM: 3326 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:39:01, on 15/07/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Users\Administrateur\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mumble\dbus-daemon.exe
C:\Program Files\Mumble\mumble-g15-helper.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Downloads\Software\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cooxer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [Launch LgDevAgt] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\Administrateur\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [CTRegRun] C:\Windows\CTRegRun.EXE
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative HOAL Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTHOALLicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISvr.exe
End of file - 10364 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Advanced Registry Fix.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}]
EoBHO Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll [2008-11-18 42792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-02-27 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb128\SearchSettings.dll [2009-04-09 1091584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2006-03-31 191096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2006-09-07 15872]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2009-04-09 970240]
"EoEngine"=C:\Program Files\EoRezo\EoEngine.exe [2009-02-23 472872]
"Launch LgDevAgt"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2008-11-06 358920]
"Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2008-11-06 1548296]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2008-11-06 2816520]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-05-30 292136]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-06-10 13785632]
"VolPanel"=C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe [2008-05-05 221300]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SoftwareHelper"=C:\Users\Administrateur\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2006-11-02 1196032]
"Steam"=c:\program files\steam\steam.exe [2009-06-10 1217784]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-02-27 3399727]
"CTRegRun"=C:\Windows\CTRegRun.EXE [2006-10-06 53248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-09-30 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableInstallerDetection"=0
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32d376f4-2201-11de-aab1-002215462bfc}]
shell\AutoRun\command - G:\SETUP.EXE -quit

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b4de2c18-397c-11de-b580-002215462bfc}]
shell\Auto\command - cmd /C launch.bat

======List of files/folders created in the last 1 months======

2009-07-15 19:38:54 ----D---- C:\rsit
2009-07-15 19:38:54 ----D---- C:\Program Files\trend micro
2009-07-11 14:10:51 ----N---- C:\Windows\Ctregrun.exe
2009-07-11 14:06:12 ----RA---- C:\Windows\system32\xfisk.ini
2009-07-11 14:06:08 ----A---- C:\Windows\system32\skInst.dll
2009-07-11 14:06:08 ----A---- C:\Windows\system32\ctppld.dll
2009-07-11 14:06:08 ----A---- C:\Windows\system32\CTAPO32.dll
2009-07-11 14:06:03 ----RA---- C:\Windows\xfiskcfg.ini
2009-07-11 14:05:55 ----RA---- C:\Windows\system32\tmp18BE.tmp
2009-07-11 14:05:55 ----RA---- C:\Windows\system32\tmp1795.tmp
2009-07-11 14:05:38 ----D---- C:\ProgramData\Creative Labs
2009-07-11 14:05:03 ----D---- C:\Program Files\Common Files\Creative Labs Shared
2009-07-11 00:53:50 ----D---- C:\Program Files\PhotoFiltre Studio X
2009-07-02 20:55:52 ----A---- C:\Windows\system32\xfcodec.dll
2009-06-27 15:06:12 ----A---- C:\Windows\wininit.ini
2009-06-26 22:29:09 ----A---- C:\Windows\system32\framedyn.dll
2009-06-26 22:07:25 ----D---- C:\Program Files\Softick
2009-06-26 21:41:47 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2009-06-26 21:41:46 ----D---- C:\Program Files\Samsung
2009-06-20 16:54:36 ----D---- C:\Windows\system32\QVJGTGljZW5zZUluZm8=
2009-06-20 16:54:35 ----D---- C:\Program Files\Advanced Registry Fix
2009-06-20 16:53:01 ----A---- C:\Windows\Advanced Registry Fix Setup Log.txt
2009-06-20 16:42:31 ----D---- C:\Program Files\QUAD Utilities
2009-06-17 17:40:19 ----D---- C:\Program Files\Electronic Arts

======List of files/folders modified in the last 1 months======

2009-07-15 19:39:01 ----D---- C:\Windows\Prefetch
2009-07-15 19:38:54 ----RD---- C:\Program Files
2009-07-15 19:38:29 ----D---- C:\Windows\Temp
2009-07-15 19:34:19 ----D---- C:\Program Files\Mozilla Firefox
2009-07-15 19:29:44 ----D---- C:\Windows\System32
2009-07-15 19:29:44 ----D---- C:\Windows\inf
2009-07-15 19:29:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-15 19:28:11 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-07-15 19:24:05 ----D---- C:\Program Files\Steam
2009-07-15 19:24:00 ----D---- C:\Program Files\EoRezo
2009-07-15 19:23:37 ----D---- C:\ProgramData\NVIDIA
2009-07-15 18:32:47 ----D---- C:\Windows\system32\drivers
2009-07-15 17:13:00 ----D---- C:\Downloads
2009-07-15 16:52:11 ----D---- C:\ProgramData\eMule
2009-07-15 16:48:40 ----D---- C:\Program Files\eMule
2009-07-15 00:04:40 ----D---- C:\Program Files\mIRC
2009-07-14 23:50:32 ----D---- C:\Program Files\FlashFXP
2009-07-14 21:10:57 ----A---- C:\Windows\system32\PnkBstrA.exe
2009-07-11 17:04:29 ----D---- C:\Windows
2009-07-11 14:16:28 ----D---- C:\ProgramData\Creative
2009-07-11 14:14:03 ----SD---- C:\Windows\Downloaded Program Files
2009-07-11 14:10:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-11 14:10:50 ----D---- C:\Program Files\Creative
2009-07-11 14:06:09 ----D---- C:\Windows\system32\catroot
2009-07-11 14:05:56 ----A---- C:\Windows\system32\wrap_oal.dll
2009-07-11 14:05:56 ----A---- C:\Windows\system32\OpenAL32.dll
2009-07-11 14:05:38 ----HD---- C:\ProgramData
2009-07-11 14:05:03 ----D---- C:\Program Files\Common Files
2009-07-11 02:47:47 ----D---- C:\Windows\system32\catroot2
2009-07-11 00:36:37 ----D---- C:\ProgramData\Xfire
2009-07-08 15:58:38 ----D---- C:\Program Files\Xfire
2009-07-06 21:03:53 ----SHD---- C:\Windows\Installer
2009-07-06 21:03:10 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-07-06 21:03:02 ----D---- C:\Program Files\AGEIA Technologies
2009-07-06 21:02:08 ----D---- C:\NVIDIA
2009-07-04 13:14:19 ----D---- C:\Program Files\Internet Explorer
2009-07-02 22:51:54 ----D---- C:\Program Files\Common Files\Steam
2009-06-30 19:39:04 ----D---- C:\ProgramData\ma-config.com
2009-06-30 19:39:04 ----D---- C:\Program Files\ma-config.com
2009-06-20 17:04:21 ----D---- C:\Windows\Tasks
2009-06-20 17:04:21 ----D---- C:\Windows\system32\Tasks
2009-06-20 01:03:43 ----AD---- C:\ProgramData\TEMP
2009-06-20 01:03:36 ----D---- C:\Fraps

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2007-08-26 320000]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 13560]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-06-10 9899296]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-06-13 1131520]
R3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-04-10 20480]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2007-10-06 71552]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2007-10-06 82688]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2009-04-21 312320]
S3 a1u98fyc;a1u98fyc; C:\Windows\system32\drivers\a1u98fyc.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-05-29 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-13 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-12-09 464264]
R2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-04-30 417792]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-10 211488]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-07-14 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-07-15 189800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Windows\System32\nvSCPAPISvr.exe [2009-06-10 232960]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S3 Creative ALchemy AL1 Licensing Service;Creative ALchemy AL1 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe [2009-07-11 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-07-11 79360]
S3 Creative HOAL Licensing Service;Creative HOAL Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTHOALLicensing.exe [2009-07-11 79360]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2006-11-02 521216]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-02-19 121360]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-02 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-08-16 98672]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2007-10-06 562176]

-----------------EOF-----------------

Meilleures réponses pour « TR/Crypt.ZPACK.Gen Comment le suprimer » dans :

TR/Crypt.ZPACK.Gen Voir

PC infecte: TR/crypt.zpack.gen Voir

Virus TR/Crypt.ZPACK.Gen détecté par antivir Voir

Cheval de troie TR/Crypt.XPACK.Gen Voir

Trojan horse TR/Crypt.FKM.Gen : help !!! Voir

Trojan horse TR/Crypt.XPACK.Gen Voir

Bonjour à tous, C'est un faux-positif... Avira a été prévenu Lire la suite

Posez votre question Répondre

.:: MikA ::., le 15 jui 2009 à 20:26:37

Woaww j'ai eu exactement le même problème en lançant cod4 hier. Antivir m'alerte, je fais supprimé et peu de temps après ça revient...

Répondre à .:: MikA ::.

laylo, le 15 jui 2009 à 20:41:46

Je l'ai aussi, a mon avis un faux positif

Répondre à laylo

anthony5151, le 15 jui 2009 à 20:43:01

Bonjour à tous,

C'est un faux-positif... Avira a été prévenu aujourd'hui, et le problème a été réglé

Mettez à jour AntiVir, et vous ne devriez plus avoir de fausses alertes. Si vous en obtenez après ça, prévenez moi svp

yusu

Par contre, ton rapport RSIT montre deux autres infections, bien réelles celles-ci !

1) Tu as installé un logiciel néfaste téléchargé sur le site EoRezo... Ne télécharge plus rien sur ce site ! Plus d'infos ici

● Désactive le contrôle des comptes utilisateurs : Menu démarrer --> panneau de configuration --> comptes utilisateurs --> activer ou désactiver le controle des comptes utilisateur --> décoche la case "utiliser le contrôle....." Puis redémarre ton ordinateur.
● Désactive également ton antivirus, car il risque de faire de fausses alertes sur le programme suivant.

● Télécharge Ad-Remover (de C_XX) sur ton Bureau.
● /!\ Déconnecte toi et ferme toutes les applications en cours /!\
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Fais un clic-droit sur le raccourci créé et clique sur "Exécuter en temps qu'administrateur"
● Au menu principal choisis l'option "L" (lancer le nettoyage)
● Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report.log)

Aide en images : Installation
Aide en images : Nettoyage

2) Il y a deux barres d'outils néfastes sur ton ordinateur (AskBar et SearchSettings)... Pour éviter ce genre d'infection, il faut tout lire attentivement lorsque tu installes un programme gratuit, et décocher tous les programmes additionnels qui sont proposés, en particulier les barres d'outils !

• Télécharge Toolbar-S&D (de la team IDN) sur ton Bureau.
• Fais un clic-droit sur le raccourci de Toolbar-S&D sur le Bureau et choisis "Exécuter en tant qu' Administrateur"
• Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
• Choisis directement l'option 2 (Suppression). Patiente jusqu'à la fin de la recherche.
• Poste le rapport généré. (C:\TB.txt)

Attendez 24h pour reposter si vous n'avez pas de réponse.
Restez jusqu'à confirmation que l'ordinateur est désinfecté !

Répondre à anthony5151

yusu, le 15 jui 2009 à 22:18:22

Ok je vais faire sa merci :)

Répondre à yusu

yusu, le 15 jui 2009 à 22:49:11

======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 22:38:22, 15/07/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows Vista™ Ultimate v6.0.6000
Nom du PC: G4M3R2_TH0M42 | Utilisateur actuel: Administrateur
.
Administrateur: Administrateur
N'est pas administrateur: Invité *Desactive*
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
.
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\cmhost.cyp
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\ConfMedia.cyp
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\db
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\eoDesktop
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\eoStats
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\host.cyp
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\SoftwareUpdate
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\user.cyp
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\eoDesktop\config.xml
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\eoDesktop\eoDesktop.html
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\eoDesktop\userConfig.xml
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\SoftwareUpdate\Download
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\SoftwareUpdate\help_config.cyp
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\SoftwareUpdate\Software
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.dat
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.exe
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\SoftwareUpdate\user_config.cyp
C:\Users\ADMINI~1\AppData\Roaming\EoRezo\SoftwareUpdate\user_profil.cyp
C:\Users\ADMINI~1\AppData\Roaming\EoRezo
C:\Users\ADMINI~1\AppData\Roaming\Search Settings\kb128
C:\Users\ADMINI~1\AppData\Roaming\Search Settings\kb128\temp
C:\Users\ADMINI~1\AppData\Roaming\Search Settings
C:\Users\Administrateur\AppData\LocalLow\Search Settings\kb128
C:\Users\Administrateur\AppData\LocalLow\Search Settings\kb128\temp
C:\Users\Administrateur\AppData\LocalLow\Search Settings\kb128\temp\ws-14437.log
C:\Users\Administrateur\AppData\LocalLow\Search Settings\kb128\temp\ws-14438.log
C:\Users\Administrateur\AppData\LocalLow\Search Settings\kb128\temp\ws-14439.log
C:\Users\Administrateur\AppData\LocalLow\Search Settings\kb128\temp\ws-14440.log
C:\Users\Administrateur\AppData\LocalLow\Search Settings
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\AskSplash.exe
C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\01534E54
C:\Program Files\AskBarDis\bar\Cache\01535067.bin
C:\Program Files\AskBarDis\bar\Cache\01535621.bin
C:\Program Files\AskBarDis\bar\Cache\01535769.bin
C:\Program Files\AskBarDis\bar\Cache\015358B0.bin
C:\Program Files\AskBarDis\bar\Cache\015359E8.bin
C:\Program Files\AskBarDis\bar\Cache\01535B30.bin
C:\Program Files\AskBarDis\bar\Cache\01535C68.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\Program Files\AskBarDis
C:\Program Files\EoRezo\ConfMedia.cyp
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\EoRezo\eoEngine.url
C:\Program Files\EoRezo\EoMultiLanguage.dll
C:\Program Files\EoRezo\EoRezoComm.dll
C:\Program Files\EoRezo\EoRezoImg_17.dll
C:\Program Files\EoRezo\EoRezoImg_19.dll
C:\Program Files\EoRezo\EoRezoImg_20.dll
C:\Program Files\EoRezo\EoRezoImg_21.dll
C:\Program Files\EoRezo\EoRezoImg_22.dll
C:\Program Files\EoRezo\EoRezoImg_23.dll
C:\Program Files\EoRezo\EoRezoTools_16.dll
C:\Program Files\EoRezo\EoRezoTools_17.dll
C:\Program Files\EoRezo\EoRezoTools_18.dll
C:\Program Files\EoRezo\EoRezoTools_20.dll
C:\Program Files\EoRezo\EoRezoTools_21.dll
C:\Program Files\EoRezo\EoRezoTools_26.dll
C:\Program Files\EoRezo\EoRezoTools_27.dll
C:\Program Files\EoRezo\EoRezoTools_28.dll
C:\Program Files\EoRezo\EoRezoTools_29.dll
C:\Program Files\EoRezo\EoRezoTools_30.dll
C:\Program Files\EoRezo\FreeImage.dll
C:\Program Files\EoRezo\Host.cyp
C:\Program Files\EoRezo\lang
C:\Program Files\EoRezo\MngInstaller.dll
C:\Program Files\EoRezo\unins000.dat
C:\Program Files\EoRezo\unins000.exe
C:\Program Files\EoRezo\user.cyp
C:\Program Files\EoRezo\EoAdv\atl90.dll
C:\Program Files\EoRezo\EoAdv\EoAdv.dll
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
C:\Program Files\EoRezo\EoAdv\mfc90.dll
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.ATL.manifest
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.CRT.manifest
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.MFC.manifest
C:\Program Files\EoRezo\EoAdv\msvcr90.dll
C:\Program Files\EoRezo\lang\ihm_eoclock.xml
C:\Program Files\EoRezo\lang\ihm_eoengine.xml
C:\Program Files\EoRezo\lang\ihm_eonet.xml
C:\Program Files\EoRezo\lang\ihm_eorezotools.xml
C:\Program Files\EoRezo\lang\ihm_eosudoku.xml
C:\Program Files\EoRezo\lang\ihm_eoweather.xml
C:\Program Files\EoRezo\lang\lang_en.xml
C:\Program Files\EoRezo\lang\lang_es.xml
C:\Program Files\EoRezo\lang\lang_fr.xml
C:\Program Files\EoRezo\lang\lang_it.xml
C:\Program Files\EoRezo
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\chrome.manifest
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\install.rdf
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\SKIN
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\DStringsUtils.js
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.js
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.xul
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.dtd
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.properties
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\IFBHOSearch.xpt
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\IFBHOSearchHelperEngine.xpt
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\IFHelperPreferences.xpt
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\SearchSettingsFF.dll
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
C:\Program Files\Search Settings\kb128
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb128\res
C:\Program Files\Search Settings\kb128\SearchSettings.dll
C:\Program Files\Search Settings\kb128\SearchSettingsRes409.dll
C:\Program Files\Search Settings\kb128\temp
C:\Program Files\Search Settings
C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\mteietq8.default\searchplugins\ask.xml
C:\Users\ADMINI~1\AppData\Local\Temp\nsoD7D5.tmp\61XXdriver.ini
C:\Users\ADMINI~1\AppData\Local\Temp\nsoD7D5.tmp\InstallOptions.dll
C:\Users\ADMINI~1\AppData\Local\Temp\nsoD7D5.tmp\ioSpecial.ini
C:\Users\ADMINI~1\AppData\Local\Temp\nsoD7D5.tmp\modern-header.bmp
C:\Users\ADMINI~1\AppData\Local\Temp\nsoD7D5.tmp\modern-wizard.bmp
C:\Users\ADMINI~1\AppData\Local\Temp\nsoD7D5.tmp\System.dll
C:\Users\ADMINI~1\AppData\Local\Temp\nsoD7D5.tmp
C:\Windows\Installer\509ca83.msi
C:\Windows\Prefetch\SOFTWAREUPDATEHP.EXE-A3566860.pf
C:\Users\ADMINI~1\AppData\Roaming\MICROS~1\Windows\Cookies\administrateur@ads.eorezo[1].txt
C:\Users\ADMINI~1\AppData\Roaming\MICROS~1\Windows\Cookies\administrateur@dl.eorezo[2].txt
C:\Users\ADMINI~1\AppData\Roaming\MICROS~1\Windows\Cookies\administrateur@eorezo[1].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.

* Mozilla FireFox Version 3.0.11 *

Nom du profil: mteietq8.default (Administrateur)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Yahoo");
(Prefs.js) user_pref("browser.search.selectedEngine", "Yahoo");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://google.fr");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.11");
(Invalidprefs.js) user_pref("browser.search.defaultenginename", "Google");
(Invalidprefs.js) user_pref("browser.search.selectedEngine", "Yahoo");
(Invalidprefs.js) user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(Invalidprefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.8");
.
(Invalidprefs.js) EFFACÉ: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
.

* Internet Explorer Version 7.0.6000.16546 *

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

.
============== Processus Caches/Bloque ==============
.
PID: 1068 [LOCKED] audiodg.exe
.

============== Suspect (Cracks, Serials ... ) ==============

.
C:\Users\Administrateur\Downloads\CoDWaW-1.0.1017-PatchSetup.exe
C:\Users\Administrator\Documents\Azureus Downloads\Le Parrain 2 FR iso pc\[Crack]Le.Parrain.2.rar
C:\Users\Administrator\Documents\Programs\CoDWaW-1.0.1017-PatchSetup.exe
C:\Users\Administrator\Documents\Programs\CoDWaW-1.2-1.4-PatchSetup.exe
.
===================================
.
11583 Octet(s) - C:\Ad-Report-CLEAN.log
.
286 Fichier(s) - C:\Users\ADMINI~1\AppData\Local\Temp
0 Fichier(s) - C:\Windows\Temp
.
23 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
82 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 22:48:20 | 15/07/2009
.
============== E.O.F ==============

S&D TOOBLAR

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Intégrale ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : BIOS Date: 12/12/08 16:24:52 Ver: 08.00.14
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.26 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:298 Go (Free:202 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 15/07/2009|22:51 )

[ UAC => 0 ]

-----------\\ SUPPRESSION

Supprime! - C:\Users\ADMINI~1\AppData\Roaming\MICROS~1\Windows\Cookies\administrateur@www.bananalotto[1].txt
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Program Files\DAEMON Tools Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search bar"="http://go.microsoft.com/fwlink/?linkid=54896"
"Url"="http://go.microsoft.com/fwlink/?LinkId=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkId=44406"
"Url"="http://go.microsoft.com/fwlink/?LinkId=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search bar"="http://search.msn.com/spbasic.htm"

--------------------\\ Recherche d'autres infections

C:\Users\ADMINI~1\AppData\Local\yyeyq.bat
C:\Users\ADMINI~1\AppData\Local\yyeyq.dat
C:\Users\ADMINI~1\AppData\Local\yyeyq_nav.dat
C:\Users\ADMINI~1\AppData\Local\yyeyq_navps.dat
[b]==> EGDACCESS <==/b

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 15/07/2009|22:52 - Option : [2]

-----------\\ Fin du rapport a 22:52:29,79

.

Répondre à yusu

anthony5151, le 15 jui 2009 à 23:08:38

Il y a une autre infection que je n'avais pas vu : il s'agit de l'infection Navipromo, qui affiche des publicités intempestives, et qui s'installe via des programmes "gratuits" piégés, dont ceux-ci :

• Funky Emoticons
• Games Attack
• go-astro
• GoRecord
• HotTVPlayer / HotTVPlayer & Paris Hilton
• Live-Player
• MailSkinner
• Messenger Skinner
• Instant Access
• InternetGameBox
• Officiale Emule (Version d'Emule modifiée)
• Original-solitaire
• SuperSexPlayer
• Speed Downloading
• Sudoplanet
• Webmediaplayer

Pour désinfecter, merci de suivre exactement cette procédure :

• Télécharge Navilog1 (créé par IL-MAFIOSO) sur ton Bureau.
• Lance Navilog en faisant un clic-droit sur le raccourci présent sur ton Bureau et en choisissant "Exécuter en tant qu'administrateur"
• Au menu principal, fais le choix 1 (Recherche / Désinfection automatique)
• Si des éléments indésirables sont trouvés, navilog fera redémarrer l'ordinateur. Patiente alors jusqu'au message «Scan terminé le...»
• A la fin, le rapport (C:\cleannavi.txt) va s'ouvrir dans le bloc-notes, poste le dans ta prochaine réponse stp.

Ensuite, fais ce scan généraliste stp :

• Télécharge et installe Malwarebytes' Anti-Malware
• A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
• Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
• Puis va dans l'onglet "Recherche", coche "Exécuter un examen rapide" puis "Rechercher"
• A la fin du scan, clique sur Afficher les résultats
• Coche tous les éléments détectés puis clique sur Supprimer la sélection
• Enregistre le rapport
• S'il t'est demandé de redémarrer, clique sur Yes
• Poste dans ta prochaine réponse le rapport apparaissant après la suppression stp

Attendez 24h pour reposter si vous n'avez pas de réponse.
Restez jusqu'à confirmation que l'ordinateur est désinfecté !

Répondre à anthony5151

yusu, le 16 jui 2009 à 20:48:57

Merci anthony5151 de prendre le temp de m aider ;)

Avec NAVILOG

Fix Navipromo version 4.0.1 commencé le 16/07/2009 20:07:38,94

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 14.07.2009 à 14h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Intégrale ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : BIOS Date: 12/12/08 16:24:52 Ver: 08.00.14
USER : Administrateur ( Administrator )
BOOT : Normal boot

Antivirus : AntiVir Desktop 9.0.1.26 (Not Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:298 Go (Free:202 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur

C:\Users\Administrateur\AppData\Local\yyeyq.dat supprimé !
C:\Users\Administrateur\AppData\Local\yyeyq_nav.dat supprimé !
C:\Users\Administrateur\AppData\Local\yyeyq_navps.dat supprimé !
C:\Users\Administrateur\AppData\Local\yyeyq.bat supprimé !

Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\ADMINI~1\AppData\Local\Temp effectué !

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Scan terminé 16/07/2009 20:38:25,18 ***

avec Malwarebytes 8 infections oO

Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2442
Windows 6.0.6000

16/07/2009 20:46:01
mbam-log-2009-07-16 (20-45-59).txt

Type de recherche: Examen rapide
Eléments examinés: 85888
Temps écoulé: 2 minute(s), 34 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\ihistorycookies.clshistorycookies (Rogue.ErrorEraser) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8502d876-f5a4-42cb-8ba7-55413c6cd36f} (Rogue.ErrorEraser) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{4b5563b7-2353-4c1e-865d-a3c84259d548} (Rogue.ErrorEraser) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fe7beebd-7d16-4efc-a204-310ada898c32} (Rogue.ErrorEraser) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Advanced Registry Fix\IHistoryCookies.dll (Rogue.ErrorEraser) -> No action taken.

Répondre à yusu

anthony5151, le 17 jui 2009 à 01:58:09

Tu peux supprimer ce dossier, ce sont des restes d'une infection :
C:\Program Files\Advanced Registry Fix

Ensuite, poste un nouveau rapport RSIT stp

As-tu eu d'autres alertes d'AntiVir (en particulier sur le fichier pnkbstrk.sys) ?

Attendez 24h pour reposter si vous n'avez pas de réponse.
Restez jusqu'à confirmation que l'ordinateur est désinfecté !

Répondre à anthony5151

yusu, le 17 jui 2009 à 17:26:05

Non je n ai eu aucune nouvelle alerte de Avira

Voici le new rapport de RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-07-17 17:24:38
Microsoft® Windows Vista™ Édition Intégrale
System drive C: has 207 GB (68%) free of 305 GB
Total RAM: 3326 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:24:43, on 17/07/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\program files\avira\antivir desktop\avcenter.exe
C:\Downloads\Software\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [Launch LgDevAgt] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [CTRegRun] C:\Windows\CTRegRun.EXE
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative HOAL Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTHOALLicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\System32\nvSCPAPISvr.exe
End of file - 8598 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Advanced Registry Fix.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-02-27 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2006-03-31 191096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2006-09-07 15872]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"Launch LgDevAgt"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2008-11-06 358920]
"Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2008-11-06 1548296]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2008-11-06 2816520]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-05-30 292136]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-06-10 13785632]
"VolPanel"=C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe [2008-05-05 221300]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2006-11-02 1196032]
"Steam"=c:\program files\steam\steam.exe [2009-06-10 1217784]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-02-27 3399727]
"CTRegRun"=C:\Windows\CTRegRun.EXE [2006-10-06 53248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-09-30 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableInstallerDetection"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32d376f4-2201-11de-aab1-002215462bfc}]
shell\AutoRun\command - G:\SETUP.EXE -quit

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b4de2c18-397c-11de-b580-002215462bfc}]
shell\Auto\command - cmd /C launch.bat

======List of files/folders created in the last 1 months======

2009-07-16 20:41:53 ----D---- C:\ProgramData\Malwarebytes
2009-07-16 20:41:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-16 20:07:38 ----A---- C:\cleannavi.txt
2009-07-16 20:07:08 ----D---- C:\Program Files\Navilog1
2009-07-15 22:51:53 ----A---- C:\TB.txt
2009-07-15 22:49:43 ----D---- C:\ToolBar SD
2009-07-15 22:27:27 ----D---- C:\Program Files\Ad-remover
2009-07-15 19:57:41 ----D---- C:\Program Files\PhotoFiltre
2009-07-15 19:38:54 ----D---- C:\rsit
2009-07-15 19:38:54 ----D---- C:\Program Files\trend micro
2009-07-11 14:10:51 ----N---- C:\Windows\Ctregrun.exe
2009-07-11 14:06:12 ----RA---- C:\Windows\system32\xfisk.ini
2009-07-11 14:06:08 ----A---- C:\Windows\system32\skInst.dll
2009-07-11 14:06:08 ----A---- C:\Windows\system32\ctppld.dll
2009-07-11 14:06:08 ----A---- C:\Windows\system32\CTAPO32.dll
2009-07-11 14:06:03 ----RA---- C:\Windows\xfiskcfg.ini
2009-07-11 14:05:55 ----RA---- C:\Windows\system32\tmp18BE.tmp
2009-07-11 14:05:55 ----RA---- C:\Windows\system32\tmp1795.tmp
2009-07-11 14:05:38 ----D---- C:\ProgramData\Creative Labs
2009-07-11 14:05:03 ----D---- C:\Program Files\Common Files\Creative Labs Shared
2009-07-11 00:53:50 ----D---- C:\Program Files\PhotoFiltre Studio X
2009-07-02 20:55:52 ----A---- C:\Windows\system32\xfcodec.dll
2009-06-27 15:06:12 ----A---- C:\Windows\wininit.ini
2009-06-26 22:29:09 ----A---- C:\Windows\system32\framedyn.dll
2009-06-26 22:07:25 ----D---- C:\Program Files\Softick
2009-06-26 21:41:47 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2009-06-26 21:41:46 ----D---- C:\Program Files\Samsung
2009-06-20 16:54:36 ----D---- C:\Windows\system32\QVJGTGljZW5zZUluZm8=
2009-06-20 16:53:01 ----A---- C:\Windows\Advanced Registry Fix Setup Log.txt
2009-06-20 16:42:31 ----D---- C:\Program Files\QUAD Utilities

======List of files/folders modified in the last 1 months======

2009-07-17 17:24:35 ----D---- C:\Windows\Temp
2009-07-17 17:14:26 ----RD---- C:\Program Files
2009-07-17 17:06:35 ----D---- C:\Windows\System32
2009-07-17 17:06:35 ----D---- C:\Windows\inf
2009-07-17 17:06:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-17 17:01:00 ----D---- C:\Program Files\Steam
2009-07-17 17:00:35 ----D---- C:\ProgramData\NVIDIA
2009-07-16 22:22:53 ----D---- C:\Windows\Prefetch
2009-07-16 22:22:42 ----D---- C:\Windows\system32\drivers
2009-07-16 21:10:53 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-07-16 20:41:53 ----HD---- C:\ProgramData
2009-07-16 19:39:29 ----D---- C:\ProgramData\Xfire
2009-07-15 22:52:52 ----D---- C:\Program Files\Mozilla Firefox
2009-07-15 22:48:06 ----SHD---- C:\Windows\Installer
2009-07-15 20:26:13 ----RSD---- C:\Windows\Fonts
2009-07-15 20:26:00 ----D---- C:\Windows
2009-07-15 20:25:15 ----D---- C:\Downloads
2009-07-15 16:52:11 ----D---- C:\ProgramData\eMule
2009-07-15 16:48:40 ----D---- C:\Program Files\eMule
2009-07-15 00:04:40 ----D---- C:\Program Files\mIRC
2009-07-14 23:50:32 ----D---- C:\Program Files\FlashFXP
2009-07-14 21:10:57 ----A---- C:\Windows\system32\PnkBstrA.exe
2009-07-11 14:16:28 ----D---- C:\ProgramData\Creative
2009-07-11 14:14:03 ----SD---- C:\Windows\Downloaded Program Files
2009-07-11 14:10:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-11 14:10:50 ----D---- C:\Program Files\Creative
2009-07-11 14:06:09 ----D---- C:\Windows\system32\catroot
2009-07-11 14:05:56 ----A---- C:\Windows\system32\wrap_oal.dll
2009-07-11 14:05:56 ----A---- C:\Windows\system32\OpenAL32.dll
2009-07-11 14:05:03 ----D---- C:\Program Files\Common Files
2009-07-11 02:47:47 ----D---- C:\Windows\system32\catroot2
2009-07-08 15:58:38 ----D---- C:\Program Files\Xfire
2009-07-06 21:03:10 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-07-06 21:03:02 ----D---- C:\Program Files\AGEIA Technologies
2009-07-06 21:02:08 ----D---- C:\NVIDIA
2009-07-04 13:14:19 ----D---- C:\Program Files\Internet Explorer
2009-07-02 22:51:54 ----D---- C:\Program Files\Common Files\Steam
2009-06-30 19:39:04 ----D---- C:\ProgramData\ma-config.com
2009-06-30 19:39:04 ----D---- C:\Program Files\ma-config.com
2009-06-20 17:04:21 ----D---- C:\Windows\Tasks
2009-06-20 17:04:21 ----D---- C:\Windows\system32\Tasks
2009-06-20 01:03:43 ----AD---- C:\ProgramData\TEMP
2009-06-20 01:03:36 ----D---- C:\Fraps

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2007-08-26 320000]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 13560]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-06-10 9899296]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-06-13 1131520]
R3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-04-10 20480]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2007-10-06 71552]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2007-10-06 82688]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2009-04-21 312320]
S3 a147cfyi;a147cfyi; C:\Windows\system32\drivers\a147cfyi.sys []
S3 catchme;catchme; \??\C:\Users\ADMINI~1\AppData\Local\Temp\catchme.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-05-29 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-13 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-04-30 417792]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-10 211488]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-07-14 75064]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Windows\System32\nvSCPAPISvr.exe [2009-06-10 232960]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S3 Creative ALchemy AL1 Licensing Service;Creative ALchemy AL1 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe [2009-07-11 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-07-11 79360]
S3 Creative HOAL Licensing Service;Creative HOAL Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTHOALLicensing.exe [2009-07-11 79360]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2006-11-02 521216]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-02-19 121360]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-02 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-08-16 98672]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2007-10-06 562176]

-----------------EOF-----------------

Répondre à yusu

Posez votre question Répondre