شكرا للمتابعة
تقرير cambofix
ComboFix 08-07-22.4 - Administrateur 2008-07-24 15:16:35.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1691 [GMT 2:00]
Endroit: C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\ComboFix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-24 to 2008-07-24 ))))))))))))))))))))))))))))))))))))
.
2008-07-24 09:07 . 2008-07-24 09:37 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\VMware
2008-07-24 09:06 . 2008-07-24 15:15 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\VMware
2008-07-24 09:05 . 2008-07-24 15:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VMware
2008-07-24 09:05 . 2005-12-15 20:42 385,024 --a------ C:\WINDOWS\system32\vnetlib.dll
2008-07-24 09:05 . 2005-12-15 20:42 135,168 --a------ C:\WINDOWS\system32\vmnat.exe
2008-07-24 09:05 . 2005-12-15 20:42 106,496 --a------ C:\WINDOWS\system32\vmnetdhcp.exe
2008-07-24 09:05 . 2005-12-15 20:42 15,616 --a------ C:\WINDOWS\system32\drivers\vmnetuserif.sys
2008-07-24 09:05 . 2005-12-15 20:42 10,240 -ra------ C:\WINDOWS\system32\drivers\vmnet.sys
2008-07-24 09:05 . 2005-12-15 20:42 9,600 -ra------ C:\WINDOWS\system32\drivers\vmnetadapter.sys
2008-07-24 09:05 . 2005-12-15 20:42 5,120 -ra------ C:\WINDOWS\system32\vnetinst.dll
2008-07-24 08:59 . 2008-07-24 08:59 <REP> d-------- C:\Program Files\VMware
2008-07-24 08:59 . 2008-07-24 08:59 <REP> d-------- C:\Program Files\Fichiers communs\VMware
2008-07-24 07:54 . 2008-07-24 07:55 <REP> d-------- C:\Program Files\Internet Download Manager
2008-07-24 07:54 . 2008-07-24 07:56 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\IDM
2008-07-24 07:54 . 2008-07-24 15:16 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\DMCache
2008-07-24 06:34 . 2008-07-24 06:34 <REP> d-------- C:\WINDOWS\system32\xircom
2008-07-24 06:34 . 2008-07-24 06:34 <REP> d-------- C:\Program Files\microsoft frontpage
2008-07-23 19:16 . 2008-07-23 20:28 <REP> d-------- C:\Program Files\AT&T Pogo
2008-07-23 19:16 . 2008-07-23 19:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\AT&T
2008-07-23 19:16 . 2008-07-23 19:16 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\AT&T
2008-07-23 19:15 . 2008-07-23 19:15 <REP> d-------- C:\Program Files\Vizible Player
2008-07-23 19:15 . 2008-07-23 19:15 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Vizible Player
2008-07-23 11:39 . 2008-07-23 11:39 <REP> d-------- C:\Program Files\DataDoctorRecovery
2008-07-23 08:44 . 2008-07-23 08:44 <REP> d-------- C:\Program Files\MP3 Player Utilities 3.68
2008-07-21 21:39 . 2008-07-21 21:39 <REP> d-------- C:\Program Files\TechSmith
2008-07-21 21:38 . 2008-07-21 21:38 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-07-20 10:20 . 2008-07-20 10:20 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Systweak
2008-07-20 09:58 . 2008-07-24 15:16 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-20 09:41 . 2008-07-20 09:41 <REP> d-------- C:\Program Files\Systweak
2008-07-19 09:33 . 2007-04-08 17:14 377,344 -ra------ C:\Documents and Settings\Administrateur\Application Data\lsass.exe
2008-07-19 06:59 . 2008-07-19 06:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-07-19 06:59 . 2004-08-04 01:55 32,256 --a------ C:\wpabaln.exe
2008-07-19 06:59 . 2008-07-19 06:59 2,228 --a------ C:\wpa.dbl
2008-07-19 06:59 . 2008-07-19 06:59 592 --a------ C:\WINDOWS\chgkey.vbs
2008-07-18 22:04 . 2008-04-23 06:16 6,066,176 --------- C:\WINDOWS\system32\DllCache\ieframe.dll
2008-07-18 22:04 . 2007-04-17 11:32 2,455,488 --------- C:\WINDOWS\system32\DllCache\ieapfltr.dat
2008-07-18 22:04 . 2007-03-08 07:10 1,048,576 --------- C:\WINDOWS\system32\DllCache\ieframe.dll.mui
2008-07-18 22:04 . 2008-04-23 06:16 459,264 --------- C:\WINDOWS\system32\DllCache\msfeeds.dll
2008-07-18 22:04 . 2008-04-23 06:16 383,488 --------- C:\WINDOWS\system32\DllCache\ieapfltr.dll
2008-07-18 22:04 . 2008-04-23 06:16 267,776 --------- C:\WINDOWS\system32\DllCache\iertutil.dll
2008-07-18 22:04 . 2008-04-23 06:16 63,488 --------- C:\WINDOWS\system32\DllCache\icardie.dll
2008-07-18 22:04 . 2008-04-23 06:16 52,224 --------- C:\WINDOWS\system32\DllCache\msfeedsbs.dll
2008-07-18 22:04 . 2008-04-22 09:39 13,824 --------- C:\WINDOWS\system32\DllCache\ieudinit.exe
2008-07-18 21:50 . 2002-12-01 13:57 593,920 --a------ C:\WINDOWS\system32\libeay32.dll
2008-07-18 15:03 . 2008-07-18 15:03 <REP> d-------- C:\Program Files\SAGEM
2008-07-17 18:47 . 2008-07-24 15:01 <REP> d-------- C:\Documents and Settings\Administrateur\Tracing
2008-07-17 18:46 . 2008-07-18 21:37 <REP> d-------- C:\Program Files\Windows Live
2008-07-17 08:42 . 2008-07-18 21:27 <REP> d-------- C:\Program Files\AutorunRemover
2008-07-17 02:03 . 2008-07-17 02:03 <REP> d-------- C:\Program Files\Ashampoo
2008-07-17 02:03 . 2008-07-17 02:03 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Ashampoo
2008-07-15 16:44 . 2008-07-18 22:08 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-07-15 09:28 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-07-15 09:28 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\DllCache\bthport.sys
2008-07-15 09:25 . 2007-07-09 15:11 584,192 --------- C:\WINDOWS\system32\DllCache\rpcrt4.dll
2008-07-15 09:12 . 2008-05-08 14:28 202,752 --------- C:\WINDOWS\system32\DllCache\rmcast.sys
2008-07-15 09:03 . 2008-07-15 09:03 <REP> d-------- C:\Program Files\Nero
2008-07-15 09:03 . 2008-07-15 09:03 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-07-15 09:01 . 2007-04-08 17:14 377,344 -ra------ C:\WINDOWS\system32\Sexy Girls.scr
2008-07-15 09:01 . 2007-04-08 17:14 377,344 --a------ C:\Documents and Settings\Administrateur\Application Data\svchost.exe
2008-07-15 01:49 . 2006-11-07 21:03 33,792 --a------ C:\WINDOWS\system32\DllCache\custsat.dll
2008-07-15 01:26 . 2006-08-21 11:14 128,896 --------- C:\WINDOWS\system32\DllCache\fltmgr.sys
2008-07-15 01:26 . 2006-08-21 11:14 23,040 --------- C:\WINDOWS\system32\DllCache\fltmc.exe
2008-07-15 01:26 . 2006-08-21 14:26 16,896 --------- C:\WINDOWS\system32\DllCache\fltlib.dll
2008-07-15 01:14 . 2007-10-25 18:43 8,516,608 --a------ C:\WINDOWS\system32\DllCache\shell32.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-23 05:36 --------- d-----w C:\Program Files\ESET
2008-07-22 09:54 23 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg
2008-07-18 13:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-14 22:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\ATI
2008-07-14 22:51 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\ATI
2008-07-14 22:48 --------- d-----w C:\Program Files\ATI Technologies
2008-07-14 22:46 --------- d-----w C:\Program Files\Fichiers communs\ATI Technologies
2008-07-14 22:45 --------- d-----w C:\Program Files\No-IP
2008-07-14 22:41 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-07-14 20:37 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-07-14 20:37 --------- d-----w C:\Program Files\Realtek
2008-07-14 20:37 --------- d-----w C:\Program Files\Driver
2008-07-14 20:35 --------- d-----w C:\Program Files\Intel
2008-07-14 20:31 --------- d-----w C:\Program Files\HumaxSmartSuite
2008-07-14 20:30 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\ESET
2008-07-14 20:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-07-14 20:24 --------- d-----w C:\Program Files\Services en ligne
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ------w C:\WINDOWS\system32\DllCache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\DllCache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ------w C:\WINDOWS\system32\DllCache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\system32\DllCache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ------w C:\WINDOWS\system32\DllCache\tcpip6.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ------w C:\WINDOWS\system32\DllCache\quartz.dll
2007-04-08 15:14 377,344 ------w C:\WINDOWS\inf\smss.exe
.
(((((((((((((((((((((((((((((
snapshot@2008-07-24_ 6.26.15.76 )))))))))))))))))))))))))))))))))))))))))
.
+ 2003-03-18 17:05:50 89,088 ----a-w C:\WINDOWS\system32\atl71.dll
+ 2008-07-24 05:55:09 14,848 ----a-w C:\WINDOWS\system32\BASSMOD.dll
+ 2005-12-15 18:42:12 22,016 ----a-w C:\WINDOWS\system32\drivers\hcmon.sys
+ 2005-12-15 18:42:12 23,424 ----a-w C:\WINDOWS\system32\drivers\vmnetbridge.sys
+ 2005-12-15 18:42:10 9,216 ----a-w C:\WINDOWS\system32\drivers\vmparport.sys
+ 2005-12-15 18:42:10 94,848 ----a-w C:\WINDOWS\system32\drivers\vmx86.sys
+ 2007-06-19 13:22:09 202,424 ----a-w C:\WINDOWS\system32\idmmbc.dll
+ 2003-03-18 19:20:00 1,060,864 ----a-w C:\WINDOWS\system32\mfc71.dll
+ 2003-03-18 19:12:12 1,047,552 ----a-w C:\WINDOWS\system32\mfc71u.dll
+ 2003-03-18 18:14:52 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
+ 2003-02-21 02:42:22 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
- 2008-07-24 04:16:49 58,732 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-07-24 12:59:29 59,942 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-07-24 04:16:49 71,488 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-07-24 12:59:29 72,698 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-07-24 04:16:49 392,432 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-07-24 12:59:29 395,116 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-07-24 04:16:49 458,648 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-07-24 12:59:29 461,332 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2005-11-22 20:16:44 5,451,776 ----a-r C:\WINDOWS\system32\V2iDiskLib.dll
+ 2005-12-15 18:33:14 163,840 ----a-w C:\WINDOWS\system32\vmnc.dll
+ 2005-12-15 18:42:12 37,888 ----a-w C:\WINDOWS\system32\vmnetbridge.dll
+ 2008-07-24 13:15:22 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_538.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:54 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-12-16 12:57 94208]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-11-07 15:34 3739672]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [2007-06-25 10:08 918960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"CacheBoost"="C:\Program Files\Systweak\Systweak CacheBoost\trayicon.exe" [2008-06-12 16:49 74480]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:54 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"= cmd.exe
"2"= mmc.exe
"3"= rstrui.exe
"4"= regedit.exe
"5"= regedt32.exe
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
backup=C:\WINDOWS\pss\DSLMON.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTT]
C:\HTT-HumaxGbox\HTT-Startup.bat\ [X]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
R1 BIOS;BIOS;C:\WINDOWS\system32\drivers\BIOS.sys [2005-03-16 08:23]
R2 CacheBoost Service;CacheBoost Performance Optimizer and Tuner Service;C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe [2008-06-12 16:49]
R2 ioperm;ioperm support for Cygwin driver;C:\HTT-HumaxGbox\cygwin\bin\ioperm.sys [2005-10-30 04:49]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-07-03 18:33]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6be96038-57bd-11dd-bcec-00e04d6bb8fd}]
\Shell\AutoRun\command - D:\xpbkh.com
\Shell\explore\Command - D:\xpbkh.com
\Shell\open\Command - D:\xpbkh.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d45d11b4-55d3-11dd-bcde-00e04d6bb8fd}]
\Shell\AutoRun\command - D:\xpbkh.com
\Shell\explore\Command - D:\xpbkh.com
\Shell\open\Command - D:\xpbkh.com
.
.
------- Supplementary Scan -------
.
O8 -: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 -: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2008-07-24 15:17:53
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EsetNod32Fix]
"ImagePath"=hex:25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,72,00,65,\
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EsetNod32Fix]
"ImagePath"=hex:25,00,57,00,49,00,4e,00,44,00,49,00,52,00,25,00,5c,00,72,00,65,\
.
Temps d'accomplissement: 2008-07-24 15:18:53
ComboFix-quarantined-files.txt 2008-07-24 13:18:51
ComboFix2.txt 2008-07-24 04:32:30
ComboFix3.txt 2008-07-24 04:26:29
Pre-Run: 49,522,647,040 octets libres
Post-Run: 49,559,891,968 octets libres
203 --- E O F --- 2008-07-21 09:07:25
تقريرالهايجاك
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CacheBoost] C:\Program Files\Systweak\Systweak CacheBoost\trayicon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CacheBoost Performance Optimizer and Tuner Service (CacheBoost Service) - Systweak Inc - C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe
O23 - Service: Nod32 AV (EsetNod32Fix) - Unknown owner - C:\WINDOWS\
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
--
End of file - 4978 bytes
