dami69

Membres

Afficher le profil Afficher son activité

Compteur de contenus
3
Inscription
le 29 septembre 2010
Dernière visite
le 4 octobre 2010

Autres informations

Mes langues
Français

dami69's Achievements

Junior Member (3/12)

Réputation sur la communauté

Rapport Hijackthis

dami69 a répondu à un(e) sujet de dami69 dans Analyses et éradication malwares

salut apollo le programme Microsoft Windows Live OneCare Family Safety n'est poas present ni le fichier Microsoft Windows Live OneCare Family Safety j ai regle kasper comme tu me l' a dis pour l'ordinateur et il marche bien Merci encore pour ton aide JE VAIS ALLER ME BALADER SUR LE FORUM KASPER THX
- le 2 octobre 2010
- 5 réponses
Rapport Hijackthis

dami69 a répondu à un(e) sujet de dami69 dans Analyses et éradication malwares

salut apollo je tiens a te remercier pour le temps que m'a consacre Ce n est pas la premiere analyse que je fait et l'analyse n a pas duree 14 h ??? et kaspersky est toujours vert ,regle sur analyse quotidienne et approndie " Jai suivi a lettre tes conseils et voici rapport. et merci d'avance Logfile of random's system information tool 1.08 (written by random/random) Run by DREAM- TEAM at 2010-10-02 16:14:38 Microsoft Windows 7 Édition Familiale Premium Service Pack 2 System drive C: has 163 GB (68%) free of 238 GB Total RAM: 4095 MB (60% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:14:54, on 02/10/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe C:\Program Files\trend micro\DREAM- TEAM.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ccleaner] "C:\Program Files (x86)\CCleaner\CCleaner.exe" /AUTO O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Global Startup: SRS Premium Sound.lnk = ? O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Mon Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing) O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerVistaADP-2.0.0.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing) O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de gestion du système CryproStorage (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @%Systemroot%\system32\iprip.dll,-200 (iprip) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmp.exe,-3 (SNMP) - Unknown owner - C:\Windows\System32\snmp.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30003 (W3SVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 25507 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe" "C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe" -r "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" C:\Windows\system32\CISVC.EXE "C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe" "C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k ipripsvc C:\Windows\system32\mqsvc.exe "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" C:\Windows\System32\tcpsvcs.exe C:\Windows\System32\snmp.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k iissvcs "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2372 "taskhost.exe" taskeng.exe {ACEC537F-34E3-4D21-AD4E-BEEBDB3D39FC} "C:\Program Files\P4G\BatteryLife.exe" "C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe" "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe" "C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding C:\Windows\Explorer.EXE "C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe" Atouch64.exe "C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding ATKOSD.exe KBFiltr.exe WDC.exe "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" "C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files\iPod\bin\iPodService.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe" "C:\Windows\AsScrPro.exe" "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3188 CREDAT:71937 "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtblfs.exe" -Embedding C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -Embedding "C:\Users\DREAM- TEAM\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-06 132448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll [2009-12-25 61456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll [2009-12-25 345104] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll [2009-12-25 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5b75883-e809-4120-bfeb-8d707d5dfbe3}] Recherche France Toolbar - C:\Program Files (x86)\Recherche_France\tbRec0.dll [2009-05-20 2085400] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll [2009-12-25 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - Recherche France Toolbar - C:\Program Files (x86)\Recherche_France\tbRec0.dll [2009-05-20 2085400] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-20 7981088] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-02 16330272] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "ccleaner"=C:\Program Files (x86)\CCleaner\CCleaner.exe [2010-09-24 1786168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe -AutoStart [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper] c:\programdata\SetWallpaper.cmd [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk] C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-09-26 12862] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016] "ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624] "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744] "AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [2009-12-25 340456] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] "AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-09-08 47904] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-09-24 421160] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe [2009-09-26 72248] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe [2009-09-26 3054136] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll,C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\Windows\System32\klogon.dll [2009-12-25 224272] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=60 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-10-02 16:14:40 ----D---- C:\Program Files\trend micro 2010-10-02 16:14:38 ----D---- C:\rsit 2010-10-02 15:27:45 ----D---- C:\Program Files\Microsoft Office 2010-10-02 15:27:25 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8 2010-09-30 19:18:52 ----D---- C:\Program Files (x86)\Everest Poker.fr 2010-09-30 00:10:10 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2010-09-30 00:10:10 ----A---- C:\Windows\system32\drivers\ks.sys 2010-09-29 21:57:57 ----HD---- C:\Windows\AxInstSV 2010-09-29 17:53:07 ----D---- C:\Users\DREAM- TEAM\AppData\Roaming\Malwarebytes 2010-09-29 17:52:44 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys 2010-09-29 17:52:42 ----D---- C:\ProgramData\Malwarebytes 2010-09-29 17:52:42 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2010-09-29 17:52:42 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-09-29 13:13:33 ----D---- C:\Program Files (x86)\CCleaner 2010-09-29 12:54:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 2010-09-29 12:16:21 ----SHD---- C:\Config.Msi 2010-09-29 10:42:50 ----A---- C:\Windows\SYSWOW64\tzres.dll 2010-09-29 10:42:50 ----A---- C:\Windows\system32\tzres.dll 2010-09-28 14:06:44 ----D---- C:\Program Files\iPod 2010-09-28 14:06:42 ----D---- C:\Program Files\iTunes 2010-09-28 14:06:42 ----D---- C:\Program Files (x86)\iTunes 2010-09-28 13:47:59 ----D---- C:\Program Files (x86)\QuickTime 2010-09-28 13:39:17 ----D---- C:\Program Files\Bonjour 2010-09-28 13:39:17 ----D---- C:\Program Files (x86)\Bonjour 2010-09-16 00:21:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2010-09-16 00:21:44 ----A---- C:\Windows\system32\iertutil.dll 2010-09-15 22:21:16 ----A---- C:\Windows\system32\spoolsv.exe 2010-09-10 17:58:42 ----D---- C:\Users\DREAM- TEAM\AppData\Roaming\Mozilla-Cache 2010-09-10 17:58:39 ----D---- C:\Users\DREAM- TEAM\AppData\Roaming\Mozilla 2010-09-10 17:55:40 ----D---- C:\Programs ======List of files/folders modified in the last 1 months====== 2010-10-02 16:14:46 ----D---- C:\Windows\Temp 2010-10-02 16:14:40 ----RD---- C:\Program Files 2010-10-02 15:57:06 ----D---- C:\Windows 2010-10-02 15:52:07 ----D---- C:\Windows\system32\config 2010-10-02 15:45:27 ----SD---- C:\Users\DREAM- TEAM\AppData\Roaming\Microsoft 2010-10-02 15:42:21 ----SHD---- C:\Windows\Installer 2010-10-02 15:42:01 ----D---- C:\ProgramData\Microsoft Help 2010-10-02 15:41:51 ----RSD---- C:\Windows\assembly 2010-10-02 15:41:26 ----D---- C:\Windows\winsxs 2010-10-02 15:38:38 ----D---- C:\Program Files (x86)\MSBuild 2010-10-02 15:38:04 ----SD---- C:\ProgramData\Microsoft 2010-10-02 15:30:58 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-10-02 15:27:25 ----RD---- C:\Program Files (x86) 2010-10-02 15:27:06 ----D---- C:\Windows\ShellNew 2010-10-02 15:26:46 ----A---- C:\Windows\win.ini 2010-10-02 15:26:42 ----D---- C:\Program Files (x86)\Microsoft Office 2010-10-02 15:25:14 ----D---- C:\Windows\SysWOW64 2010-10-02 15:23:22 ----SHD---- C:\System Volume Information 2010-10-02 14:55:48 ----D---- C:\Windows\System32 2010-10-02 14:55:48 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-10-02 14:55:45 ----D---- C:\Windows\inf 2010-10-02 11:52:24 ----D---- C:\ProgramData\Kaspersky Lab 2010-09-30 18:56:44 ----A---- C:\Windows\system32\acovcnt.exe 2010-09-30 18:17:54 ----HD---- C:\ProgramData 2010-09-30 18:17:47 ----D---- C:\Windows\Downloaded Program Files 2010-09-30 18:12:59 ----D---- C:\Windows\SYSWOW64\fr-FR 2010-09-30 18:12:59 ----D---- C:\Windows\system32\fr-FR 2010-09-30 18:12:58 ----D---- C:\Program Files (x86)\Internet Explorer 2010-09-30 18:12:56 ----D---- C:\Program Files\Internet Explorer 2010-09-30 18:12:55 ----D---- C:\Windows\system32\drivers 2010-09-30 18:12:52 ----D---- C:\Windows\system32\DriverStore 2010-09-30 18:11:37 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2010-09-30 00:10:25 ----D---- C:\Windows\system32\catroot 2010-09-29 17:52:44 ----D---- C:\Windows\SYSWOW64\drivers 2010-09-29 17:35:21 ----D---- C:\Windows\system32\Tasks 2010-09-29 13:18:10 ----D---- C:\Windows\debug 2010-09-29 12:55:35 ----RSD---- C:\Windows\Fonts 2010-09-29 12:05:35 ----D---- C:\Program Files (x86)\Microsoft 2010-09-29 10:41:34 ----D---- C:\Windows\system32\catroot2 2010-09-29 10:36:07 ----D---- C:\Windows\Prefetch 2010-09-29 10:35:55 ----RD---- C:\Program Files (x86)\Skype 2010-09-28 13:34:48 ----D---- C:\Program Files (x86)\Safari 2010-09-27 21:22:01 ----D---- C:\Windows\Tasks 2010-09-27 21:22:01 ----D---- C:\Windows\system32\wfp 2010-09-27 21:22:01 ----D---- C:\Windows\system32\wbem 2010-09-27 21:22:01 ----D---- C:\Windows\system32\CodeIntegrity 2010-09-27 21:22:01 ----D---- C:\ProgramData\P4G 2010-09-27 21:21:56 ----D---- C:\Windows\registration 2010-09-24 13:16:15 ----SHD---- C:\$Recycle.Bin 2010-09-23 17:24:01 ----D---- C:\Windows\Microsoft.NET 2010-09-22 21:17:05 ----D---- C:\Program Files (x86)\Betclic Poker.fr 2010-09-22 20:43:48 ----D---- C:\Windows\SYSWOW64\en-US 2010-09-22 20:43:48 ----D---- C:\Windows\system32\en-US 2010-09-22 20:43:47 ----D---- C:\Program Files (x86)\Microsoft.NET 2010-09-16 22:13:56 ----D---- C:\Windows\SYSWOW64\inetsrv 2010-09-16 22:13:56 ----D---- C:\Windows\system32\inetsrv 2010-09-16 00:22:36 ----A---- C:\Windows\system32\MRT.exe 2010-09-07 19:08:51 ----D---- C:\Users\DREAM- TEAM\AppData\Roaming\Skype 2010-09-07 18:40:11 ----D---- C:\Users\DREAM- TEAM\AppData\Roaming\skypePM 2010-09-07 00:34:53 ----D---- C:\Windows\system32\NDF ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amdxata;amdxata; C:\Windows\system32\DRIVERS\amdxata.sys [2009-07-14 28752] R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-09-26 35384] R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2009-07-14 460504] R0 CSCrySec;InfoWatch Encrypt Sector Library driver; C:\Windows\system32\DRIVERS\CSCrySec.sys [2009-12-14 85048] R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2009-09-26 223448] R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2009-07-14 14416] R0 KLBG;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\DRIVERS\klbg.sys [2009-10-14 40464] R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2009-12-11 153160] R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-06-29 240672] R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2009-07-14 50768] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096] R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver; C:\Windows\system32\DRIVERS\vdrvroot.sys [2009-07-14 36432] R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2009-12-14 66104] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 40448] R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 157712] R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2010-05-09 353296] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-09-14 27152] R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 8192] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 12800] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656] R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 38912] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-20 1831968] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 21008] R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2009-07-14 189440] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-05-11 81952] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-02 11528096] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704] R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 60416] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-20 1799680] R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys [2009-07-14 24576] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 112128] S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 227840] S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 12288] S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 60928] S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 106576] S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 194128] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 61440] S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys [2009-06-10 468480] S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2009-06-10 270848] S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2009-07-14 5632] S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys [2009-06-10 3286016] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 9728] S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 55376] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-06 61280] S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-06-10 31232] S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 350208] S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 26624] S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 77888] S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 65600] S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 284736] S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 8192] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-14 11136] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-14 7168] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2009-07-14 6784] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 8064] S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 15360] S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 35328] S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 24064] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 29696] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 24656] S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [] S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 9728] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2010-04-19 50688] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2010-03-04 184832] S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 217680] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168] S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 22096] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 172544] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280] R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 AVP;Kaspersky PURE; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [2009-12-25 340456] R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-07-27 345376] R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456] R2 CSObjectsSrv;Service de gestion du système CryproStorage; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992] R2 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 31232] R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232] R2 iprip;@%Systemroot%\system32\iprip.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2009-07-14 9216] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-02 382496] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 10240] R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2009-07-14 49664] R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 932640] R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3524608] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 31232] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-28 1255736] S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 27136] S4 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208] S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 81920] -----------------EOF-----------------
- le 2 octobre 2010
- 5 réponses
Rapport Hijackthis

dami69 a posté un sujet dans Analyses et éradication malwares

Bonsoir à tous, j'ai eu une infection trojan découverte par Kapersky, apparement elle a disparue mais je suis pas sur! Après MBAM a découvert un spyware que j'ai supprimé, depuis plus rien. Cependant j'ai 1 programme office que je n'arrive pas a desinstaller!!! du coup j'ai analysé l'ordi avec Hijackthis mais comme j'ai un 64 bits ça a pas l'air de bien marcher !?! Je poste les 3 rapports - Est-ce que quelqu'un peut m'aider parce que là je n'y comprends rien ? Hijackthis : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:34:43, on 29/09/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Users\DREAM- TEAM\Desktop\Programme STEF\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe -AutoStart O4 - Global Startup: SRS Premium Sound.lnk = ? O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Mon Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing) O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerVistaADP-2.0.0.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing) O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de gestion du système CryproStorage (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @%Systemroot%\system32\iprip.dll,-200 (iprip) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmp.exe,-3 (SNMP) - Unknown owner - C:\Windows\System32\snmp.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30003 (W3SVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 25312 bytes Kapersky : Analyse Complète: terminé il y a 5 heures (événements : 24, objets : 372857, durée : 14:09:31) 29/09/2010 10:32:21 Compacté: ASPack Fichier C:\Windows\SysWOW64\Asus_Camera_ScreenSaver dir\ saver1.dll 29/09/2010 10:32:38 Compacté: PE_Patch Fichier C:\Windows\SysWOW64\drivers\ StarOpen.sys 29/09/2010 11:47:22 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\B3VEl5u5DvNzgIua1+Zd4Uxt2FLs=.dt2/ KoiPond.swf 29/09/2010 11:47:22 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\hyiJu8sDcRCbJhl+Ccy2CjQR8lA=.dt2/ mad_scientist.swf 29/09/2010 11:47:23 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\jdI6F7DFhC2OSW2FJWOBKjulvAds=.dt2/ Pixies.swf 29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\+8UdQGeB2FwWIYG+mC+vuvUy9zEw=.dt2/ notes.swf 29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\72FjqK0b2FzFkbJWZ+BlMs1OxQprI=.dt2/ bouncy_ball.swf 29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\alxGH2FFbmTzeLEdtRHmv6GBUzdw=.dt2/ kiss.swf 29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\AzBXDxf+Tcdvcans2TCRnoXh2Fjg=.dt2/ guitar_smash.swf 29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\enMqwlYLN4AvpmaOrIfYLWsVAdA=.dt2/ eyeball.swf 29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\lnHW2s0zHIsgKVjOiirk1ZBZ54g=.dt2/ silly_face.swf 29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\Nt2FqWL50Iag4EvPJjVS0IoDBFQ4=.dt2/ bow.swf 29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\rXcZb6ekO9S3jB29KleJkBOXYmY=.dt2/ knock.swf 29/09/2010 11:47:25 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\Sgj64GS+QyVyVxkslxY2FFsRARkg=.dt2/ heart.swf 29/09/2010 11:47:25 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\SrJJm7YJAcA15VowAhBWXri5yLc=.dt2/ stars.swf 29/09/2010 11:47:25 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\tn+dOhziBZ+E4zoUS7frcglxoz0=.dt2/ love_letter.swf 29/09/2010 11:48:16 Compacté: PE_Patch Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/ Binary_jet40sp6_xp.exe 29/09/2010 11:48:18 Compacté: PE_Patch Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/ Binary_jet40sp6_w2k.exe 29/09/2010 11:48:31 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ splash.dat 29/09/2010 11:48:34 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ connect_att.dat 29/09/2010 11:48:37 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ connect_ani.dat 29/09/2010 11:48:42 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ npsguide.dat 29/09/2010 11:48:45 Compacté: PE_Patch Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ staropen.sys 29/09/2010 12:04:54 Fin de la tâche Analyse Rapide: terminé il y a 6 heures (événements : 2, objets : 3999, durée : 00:04:49) 29/09/2010 11:23:54 Fin de la tâche 29/09/2010 11:19:04 Lancement de la tâche Recherche d'outils de dissimulation d'activité: échec (événements : 1, objets : 424, durée : 00:08:19) 29/09/2010 12:10:49 Lancement de la tâche Analyse Complète: échec (événements : 1, objets : 2, durée : Inconnu) 29/09/2010 12:19:04 Lancement de la tâche Recherche d'outils de dissimulation d'activité: arrêté il y a 4 heures (événements : 2, objets : 279, durée : 00:02:03) 29/09/2010 13:19:09 Tâche arrêtée 29/09/2010 13:17:05 Lancement de la tâche Recherche d'outils de dissimulation d'activité: terminé il y a 3 heures (événements : 6, objets : 2117, durée : 00:08:29) 29/09/2010 14:00:48 Fin de la tâche 29/09/2010 13:56:56 Compacté: PECompact Fichier C:\Program Files (x86)\Everest Poker.fr\gvcrt.dll/PE_Patch.PECompact/ PecBundle 29/09/2010 13:56:56 Compacté: PecBundle Fichier C:\Program Files (x86)\Everest Poker.fr\gvcrt.dll/ PE_Patch.PECompact 29/09/2010 13:56:56 Compacté: PE_Patch.PECompact Fichier C:\Program Files (x86)\Everest Poker.fr\ gvcrt.dll 29/09/2010 13:56:25 Compacté: Swc2Exe Fichier C:\Windows\ ASUS Camera ScreenSaver.exe 29/09/2010 13:52:19 Lancement de la tâche Analyse Complète: terminé il y a 5 minutes (événements : 116, objets : 312655, durée : 03:24:18) 29/09/2010 14:02:47 Lancement de la tâche 29/09/2010 14:32:51 Compacté: PE_Patch Fichier C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\Kaspersky PURE 9.0.0.192\French\KasperskyPURE.fr.msi/KPURE.cab/ VirtualContainerDriverw2kSysx86.330C26E4_9D96_45DE_8DE8_FAB177773E5C 29/09/2010 14:32:51 Compacté: PE_Patch Fichier C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\Kaspersky PURE 9.0.0.192\French\KasperskyPURE.fr.msi/KPURE.cab/ VirtualContainerDriverwxpSysx86.330C26E4_9D96_45DE_8DE8_FAB177773E5C 29/09/2010 14:32:51 Compacté: PE_Patch Fichier C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\Kaspersky PURE 9.0.0.192\French\KasperskyPURE.fr.msi/KPURE.cab/ CryptoFSDriverw2kSysx86.330C26E4_9D96_45DE_8DE8_FAB177773E5C 29/09/2010 14:32:53 Compacté: PE_Patch Fichier C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\Kaspersky PURE 9.0.0.192\French\KasperskyPURE.fr.msi/KPURE.cab/ _74A127B3CCA94E3C8C7CE357DFA1281B.E2301B6F7AA34DF09419B10AE06FB3E6 29/09/2010 14:32:54 Compacté: ASProtect Fichier C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\Kaspersky PURE 9.0.0.192\French\KasperskyPURE.fr.msi/KPURE.cab/_74A127B3CCA94E3C8C7CE357DFA1281B.E2301B6F7AA34DF09419B10AE06FB3E6/ PE_Patch 29/09/2010 14:34:22 Compacté: Swf2Swc Fichier C:\Documents and Settings\All Users\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\ Game List.swf 29/09/2010 14:34:26 Compacté: Swf2Swc Fichier C:\Documents and Settings\All Users\Skype\{D103C4BA-F905-437A-8049-DB24763BBE36}\Skype.msi/Product.CAB/ Easygame01 29/09/2010 14:34:43 Compacté: PE_Patch Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/ Binary_jet40sp6_xp.exe 29/09/2010 14:34:46 Compacté: PE_Patch Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/ Binary_jet40sp6_w2k.exe 29/09/2010 14:35:00 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/Data1.cab/ splash.dat 29/09/2010 14:35:01 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ splash.dat 29/09/2010 14:35:01 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/Data1.cab/ connect_att.dat 29/09/2010 14:35:02 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ connect_att.dat 29/09/2010 14:35:04 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/Data1.cab/ connect_ani.dat 29/09/2010 14:35:04 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ connect_ani.dat 29/09/2010 14:35:08 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/Data1.cab/ npsguide.dat 29/09/2010 14:35:08 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ npsguide.dat 29/09/2010 14:35:10 Compacté: PE_Patch Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/Data1.cab/ staropen.sys 29/09/2010 14:35:22 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\B3VEl5u5DvNzgIua1+Zd4Uxt2FLs=.dt2/ KoiPond.swf 29/09/2010 14:35:22 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\hyiJu8sDcRCbJhl+Ccy2CjQR8lA=.dt2/ mad_scientist.swf 29/09/2010 14:35:22 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\jdI6F7DFhC2OSW2FJWOBKjulvAds=.dt2/ Pixies.swf 29/09/2010 14:35:25 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\hugodu69150@hotmail.fr\ObjectStore\DynamicBackgrounds\B3VEl5u5DvNzgIua1+Zd4Uxt2FLs=.dt2/ KoiPond.swf 29/09/2010 14:35:25 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\hugodu69150@hotmail.fr\ObjectStore\DynamicBackgrounds\hyiJu8sDcRCbJhl+Ccy2CjQR8lA=.dt2/ mad_scientist.swf 29/09/2010 14:35:25 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\hugodu69150@hotmail.fr\ObjectStore\DynamicBackgrounds\jdI6F7DFhC2OSW2FJWOBKjulvAds=.dt2/ Pixies.swf 29/09/2010 14:35:28 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\B3VEl5u5DvNzgIua1+Zd4Uxt2FLs=.dt2/ KoiPond.swf 29/09/2010 14:35:28 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\jdI6F7DFhC2OSW2FJWOBKjulvAds=.dt2/ Pixies.swf 29/09/2010 14:35:28 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\hyiJu8sDcRCbJhl+Ccy2CjQR8lA=.dt2/ mad_scientist.swf 29/09/2010 14:35:34 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\+8UdQGeB2FwWIYG+mC+vuvUy9zEw=.dt2/ notes.swf 29/09/2010 14:35:34 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\72FjqK0b2FzFkbJWZ+BlMs1OxQprI=.dt2/ bouncy_ball.swf 29/09/2010 14:35:34 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\alxGH2FFbmTzeLEdtRHmv6GBUzdw=.dt2/ kiss.swf 29/09/2010 14:35:34 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\AzBXDxf+Tcdvcans2TCRnoXh2Fjg=.dt2/ guitar_smash.swf 29/09/2010 14:35:35 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\enMqwlYLN4AvpmaOrIfYLWsVAdA=.dt2/ eyeball.swf 29/09/2010 14:35:35 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\lnHW2s0zHIsgKVjOiirk1ZBZ54g=.dt2/ silly_face.swf 29/09/2010 14:35:35 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\Nt2FqWL50Iag4EvPJjVS0IoDBFQ4=.dt2/ bow.swf 29/09/2010 14:35:35 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\rXcZb6ekO9S3jB29KleJkBOXYmY=.dt2/ knock.swf 29/09/2010 14:35:36 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\Sgj64GS+QyVyVxkslxY2FFsRARkg=.dt2/ heart.swf 29/09/2010 14:35:36 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\SrJJm7YJAcA15VowAhBWXri5yLc=.dt2/ stars.swf 29/09/2010 14:35:36 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\tn+dOhziBZ+E4zoUS7frcglxoz0=.dt2/ love_letter.swf 29/09/2010 14:44:43 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Documents\DREAM-TEAM-PC\Backup Set 2009-12-21 135444\Backup Files 2009-12-21 135444\Backup files 1.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\B3VEl5u5DvNzgIua1+Zd4Uxt2FLs=.dt2/ KoiPond.swf 29/09/2010 14:44:43 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Documents\DREAM-TEAM-PC\Backup Set 2009-12-21 135444\Backup Files 2009-12-21 135444\Backup files 1.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\hyiJu8sDcRCbJhl+Ccy2CjQR8lA=.dt2/ mad_scientist.swf 29/09/2010 14:44:43 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Documents\DREAM-TEAM-PC\Backup Set 2009-12-21 135444\Backup Files 2009-12-21 135444\Backup files 1.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\jdI6F7DFhC2OSW2FJWOBKjulvAds=.dt2/ Pixies.swf 29/09/2010 14:56:37 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\mauby.air/bin-debug/ AppContainer_en_US_prod.swf 29/09/2010 14:56:37 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/Adobe AIR/Versions/1.0/ Adobe AIR Application Installer.swf 29/09/2010 14:56:39 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/Adobe AIR/Versions/1.0/Resources/ setup.swf 29/09/2010 14:56:39 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/Adobe AIR/Versions/1.0/ Adobe AIR Application Installer.swf 29/09/2010 14:56:39 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/Adobe AIR/Versions/1.0/Resources/ setup.swf 29/09/2010 14:56:39 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/ setup.swf 29/09/2010 14:56:39 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/ setup.swf 29/09/2010 14:56:44 Compacté: PE_Patch Fichier C:\Program Files (x86)\ASUS\AI Recovery\ rcdio.sys 29/09/2010 14:56:45 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/ # 29/09/2010 14:56:45 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/ # 29/09/2010 14:56:45 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/ # 29/09/2010 14:56:48 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/ # 29/09/2010 14:56:48 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/ # 29/09/2010 14:56:49 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/ # 29/09/2010 14:56:49 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/mauby.air/bin-debug/ AppContainer_en_US_prod.swf 29/09/2010 15:02:04 Compacté: PE_Patch.PECompact Fichier C:\Program Files (x86)\Betclic Poker.fr\ gvcrt.dll 29/09/2010 15:02:04 Compacté: PecBundle Fichier C:\Program Files (x86)\Betclic Poker.fr\gvcrt.dll/ PE_Patch.PECompact 29/09/2010 15:02:04 Compacté: PECompact Fichier C:\Program Files (x86)\Betclic Poker.fr\gvcrt.dll/PE_Patch.PECompact/ PecBundle 29/09/2010 15:02:09 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Betclic Poker.fr\data\wallet\br\ login_dialog.swf 29/09/2010 15:02:20 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\ setup.swf 29/09/2010 15:03:31 Compacté: PE_Patch Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\a42ce9e01ca7a7d\ Silverlight.2.0.exe 29/09/2010 15:03:40 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/bouncy_ball.mct/ bouncy_ball.swf 29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/bow.mct/ bow.swf 29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/eyeball.mct/ eyeball.swf 29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/guitar_smash.mct/ guitar_smash.swf 29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/heart.mct/ heart.swf 29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/kiss.mct/ kiss.swf 29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/knock.mct/ knock.swf 29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/love_letter.mct/ love_letter.swf 29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/notes.mct/ notes.swf 29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/silly_face.mct/ silly_face.swf 29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/stars.mct/ stars.swf 29/09/2010 15:04:15 Compacté: UPX Fichier C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ ISSetup.dll 29/09/2010 15:04:16 Compacté: UPX Fichier C:\Program Files (x86)\InstallShield Installation Information\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}\ ISSetup.dll 29/09/2010 15:04:16 Compacté: UPX Fichier C:\Program Files (x86)\InstallShield Installation Information\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\ ISSetup.dll 29/09/2010 15:04:17 Compacté: PE_Patch.PECompact Fichier C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\ ISSetup.dll 29/09/2010 15:04:17 Compacté: PecBundle Fichier C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\ISSetup.dll/ PE_Patch.PECompact 29/09/2010 15:04:17 Compacté: PECompact Fichier C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\ISSetup.dll/PE_Patch.PECompact/ PecBundle 29/09/2010 15:04:18 Compacté: UPX Fichier C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ ISSetup.dll 29/09/2010 15:04:18 Compacté: UPX Fichier C:\Program Files (x86)\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\ ISSetup.dll 29/09/2010 15:04:21 Compacté: PE_Patch.PECompact Fichier C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\ ISSetup.dll 29/09/2010 15:04:21 Compacté: PecBundle Fichier C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\ISSetup.dll/ PE_Patch.PECompact 29/09/2010 15:04:21 Compacté: PECompact Fichier C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\ISSetup.dll/PE_Patch.PECompact/ PecBundle 29/09/2010 15:06:26 Compacté: PE_Patch Fichier C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Kaspersky Password Manager\Module Retargetable Folder\ stpass.exe 29/09/2010 15:06:27 Compacté: ASProtect Fichier C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Kaspersky Password Manager\Module Retargetable Folder\stpass.exe/ PE_Patch 29/09/2010 15:54:10 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\dynamicbackgrounds.mct/koipond.mct/ KoiPond.swf 29/09/2010 15:54:10 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\dynamicbackgrounds.mct/mad.mct/ mad_scientist.swf 29/09/2010 15:54:10 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\dynamicbackgrounds.mct/pixies.mct/ Pixies.swf 29/09/2010 15:54:12 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/bouncy_ball.mct/ bouncy_ball.swf 29/09/2010 15:54:12 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/bow.mct/ bow.swf 29/09/2010 15:54:12 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/eyeball.mct/ eyeball.swf 29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/guitar_smash.mct/ guitar_smash.swf 29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/heart.mct/ heart.swf 29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/kiss.mct/ kiss.swf 29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/knock.mct/ knock.swf 29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/love_letter.mct/ love_letter.swf 29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/notes.mct/ notes.swf 29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/silly_face.mct/ silly_face.swf 29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/stars.mct/ stars.swf 29/09/2010 15:59:20 Compacté: UPX Fichier C:\Programs\PartyFrance\PartyPokerFr\ Uninstall.exe 29/09/2010 15:59:21 Compacté: UPX Fichier C:\Programs\PartyFrance\PartyPokerFr\Uninstall.exe/ # 29/09/2010 16:20:29 Compacté: Swc2Exe Fichier C:\Windows\ ASUS Camera ScreenSaver.exe 29/09/2010 16:32:06 Compacté: PE_Patch Fichier C:\Windows\SoftwareDistribution\Download\ 05a32d6f38e9bb8aec7835b347c9677eb61eb740 29/09/2010 16:35:31 Compacté: MIME.Broken Fichier C:\Windows\System32\DriverStore\FileRepository\atiriol6.inf_amd64_neutral_bde34ad5722cca75\ CTRL.s3 29/09/2010 16:36:09 Compacté: PE_Patch.PECompact Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_667bc38bcde8d2a3\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ ISSetup.dll 29/09/2010 16:36:09 Compacté: PecBundle Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_667bc38bcde8d2a3\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ISSetup.dll/ PE_Patch.PECompact 29/09/2010 16:36:09 Compacté: PECompact Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_667bc38bcde8d2a3\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ISSetup.dll/PE_Patch.PECompact/ PecBundle 29/09/2010 16:36:11 Compacté: PE_Patch.PECompact Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_cb0848cd05af6872\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ ISSetup.dll 29/09/2010 16:36:11 Compacté: PecBundle Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_cb0848cd05af6872\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ISSetup.dll/ PE_Patch.PECompact 29/09/2010 16:36:11 Compacté: PECompact Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_cb0848cd05af6872\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ISSetup.dll/PE_Patch.PECompact/ PecBundle 29/09/2010 16:41:48 Compacté: Swf2Swc Fichier C:\Windows\SysWOW64\Asus_Camera_ScreenSaver dir\ ASUS Camera ScreenSaver.swf 29/09/2010 16:41:48 Compacté: ASPack Fichier C:\Windows\SysWOW64\Asus_Camera_ScreenSaver dir\ saver1.dll 29/09/2010 16:44:10 Compacté: MIME.Broken Fichier C:\Windows\winsxs\amd64_atiriol6.inf_31bf3856ad364e35_6.1.7600.16385_none_a909ad21d26d5bd0\ CTRL.s3 29/09/2010 17:27:05 Fin de la tâche MBAM : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4716 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 29/09/2010 18:04:58 mbam-log-2010-09-29 (18-04-58).txt Type d'examen: Examen rapide Elément(s) analysé(s): 145506 Temps écoulé: 9 minute(s), 17 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Merci d'avance
- le 29 septembre 2010
- 5 réponses

Connexion

dami69

Compteur de contenus

Inscription

Dernière visite

Autres informations

dami69's Achievements

Junior Member (3/12)

Réputation sur la communauté

Rapport Hijackthis

Rapport Hijackthis

Rapport Hijackthis

Zebulon

Outils en ligne

Naviguer