Rapport Hijackthis

[dami69]

Bonsoir à tous,

 

j'ai eu une infection trojan découverte par Kapersky, apparement elle a disparue mais je suis pas sur!

Après MBAM a découvert un spyware que j'ai supprimé, depuis plus rien.

 

Cependant j'ai 1 programme office que je n'arrive pas a desinstaller!!!

 

du coup j'ai analysé l'ordi avec Hijackthis mais comme j'ai un 64 bits ça a pas l'air de bien marcher !?!

 

Je poste les 3 rapports - Est-ce que quelqu'un peut m'aider parce que là je n'y comprends rien ?

 

Hijackthis :

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:34:43, on 29/09/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Users\DREAM- TEAM\Desktop\Programme STEF\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe -AutoStart

O4 - Global Startup: SRS Premium Sound.lnk = ?

O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Mon Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll

O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing)

O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerVistaADP-2.0.0.1.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service de gestion du système CryproStorage (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @%Systemroot%\system32\iprip.dll,-200 (iprip) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmp.exe,-3 (SNMP) - Unknown owner - C:\Windows\System32\snmp.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30003 (W3SVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

 

--

End of file - 25312 bytes

 

Kapersky :

Analyse Complète: terminé il y a 5 heures (événements : 24, objets : 372857, durée : 14:09:31)

29/09/2010 10:32:21 Compacté: ASPack Fichier C:\Windows\SysWOW64\Asus_Camera_ScreenSaver dir\ saver1.dll

29/09/2010 10:32:38 Compacté: PE_Patch Fichier C:\Windows\SysWOW64\drivers\ StarOpen.sys

29/09/2010 11:47:22 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\B3VEl5u5DvNzgIua1+Zd4Uxt2FLs=.dt2/ KoiPond.swf

29/09/2010 11:47:22 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\hyiJu8sDcRCbJhl+Ccy2CjQR8lA=.dt2/ mad_scientist.swf

29/09/2010 11:47:23 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\jdI6F7DFhC2OSW2FJWOBKjulvAds=.dt2/ Pixies.swf

29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\+8UdQGeB2FwWIYG+mC+vuvUy9zEw=.dt2/ notes.swf

29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\72FjqK0b2FzFkbJWZ+BlMs1OxQprI=.dt2/ bouncy_ball.swf

29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\alxGH2FFbmTzeLEdtRHmv6GBUzdw=.dt2/ kiss.swf

29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\AzBXDxf+Tcdvcans2TCRnoXh2Fjg=.dt2/ guitar_smash.swf

29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\enMqwlYLN4AvpmaOrIfYLWsVAdA=.dt2/ eyeball.swf

29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\lnHW2s0zHIsgKVjOiirk1ZBZ54g=.dt2/ silly_face.swf

29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\Nt2FqWL50Iag4EvPJjVS0IoDBFQ4=.dt2/ bow.swf

29/09/2010 11:47:24 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\rXcZb6ekO9S3jB29KleJkBOXYmY=.dt2/ knock.swf

29/09/2010 11:47:25 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\Sgj64GS+QyVyVxkslxY2FFsRARkg=.dt2/ heart.swf

29/09/2010 11:47:25 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\SrJJm7YJAcA15VowAhBWXri5yLc=.dt2/ stars.swf

29/09/2010 11:47:25 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 2.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\tn+dOhziBZ+E4zoUS7frcglxoz0=.dt2/ love_letter.swf

29/09/2010 11:48:16 Compacté: PE_Patch Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/ Binary_jet40sp6_xp.exe

29/09/2010 11:48:18 Compacté: PE_Patch Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/ Binary_jet40sp6_w2k.exe

29/09/2010 11:48:31 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ splash.dat

29/09/2010 11:48:34 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ connect_att.dat

29/09/2010 11:48:37 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ connect_ani.dat

29/09/2010 11:48:42 Compacté: Swf2Swc Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ npsguide.dat

29/09/2010 11:48:45 Compacté: PE_Patch Fichier D:\DREAM-TEAM-PC\Backup Set 2010-07-06 134002\Backup Files 2010-07-06 134002\Backup files 3.zip/C\Users\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ staropen.sys

29/09/2010 12:04:54 Fin de la tâche

Analyse Rapide: terminé il y a 6 heures (événements : 2, objets : 3999, durée : 00:04:49)

29/09/2010 11:23:54 Fin de la tâche

29/09/2010 11:19:04 Lancement de la tâche

Recherche d'outils de dissimulation d'activité: échec (événements : 1, objets : 424, durée : 00:08:19)

29/09/2010 12:10:49 Lancement de la tâche

Analyse Complète: échec (événements : 1, objets : 2, durée : Inconnu)

29/09/2010 12:19:04 Lancement de la tâche

Recherche d'outils de dissimulation d'activité: arrêté il y a 4 heures (événements : 2, objets : 279, durée : 00:02:03)

29/09/2010 13:19:09 Tâche arrêtée

29/09/2010 13:17:05 Lancement de la tâche

Recherche d'outils de dissimulation d'activité: terminé il y a 3 heures (événements : 6, objets : 2117, durée : 00:08:29)

29/09/2010 14:00:48 Fin de la tâche

29/09/2010 13:56:56 Compacté: PECompact Fichier C:\Program Files (x86)\Everest Poker.fr\gvcrt.dll/PE_Patch.PECompact/ PecBundle

29/09/2010 13:56:56 Compacté: PecBundle Fichier C:\Program Files (x86)\Everest Poker.fr\gvcrt.dll/ PE_Patch.PECompact

29/09/2010 13:56:56 Compacté: PE_Patch.PECompact Fichier C:\Program Files (x86)\Everest Poker.fr\ gvcrt.dll

29/09/2010 13:56:25 Compacté: Swc2Exe Fichier C:\Windows\ ASUS Camera ScreenSaver.exe

29/09/2010 13:52:19 Lancement de la tâche

Analyse Complète: terminé il y a 5 minutes (événements : 116, objets : 312655, durée : 03:24:18)

29/09/2010 14:02:47 Lancement de la tâche

29/09/2010 14:32:51 Compacté: PE_Patch Fichier C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\Kaspersky PURE 9.0.0.192\French\KasperskyPURE.fr.msi/KPURE.cab/ VirtualContainerDriverw2kSysx86.330C26E4_9D96_45DE_8DE8_FAB177773E5C

29/09/2010 14:32:51 Compacté: PE_Patch Fichier C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\Kaspersky PURE 9.0.0.192\French\KasperskyPURE.fr.msi/KPURE.cab/ VirtualContainerDriverwxpSysx86.330C26E4_9D96_45DE_8DE8_FAB177773E5C

29/09/2010 14:32:51 Compacté: PE_Patch Fichier C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\Kaspersky PURE 9.0.0.192\French\KasperskyPURE.fr.msi/KPURE.cab/ CryptoFSDriverw2kSysx86.330C26E4_9D96_45DE_8DE8_FAB177773E5C

29/09/2010 14:32:53 Compacté: PE_Patch Fichier C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\Kaspersky PURE 9.0.0.192\French\KasperskyPURE.fr.msi/KPURE.cab/ _74A127B3CCA94E3C8C7CE357DFA1281B.E2301B6F7AA34DF09419B10AE06FB3E6

29/09/2010 14:32:54 Compacté: ASProtect Fichier C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\Kaspersky PURE 9.0.0.192\French\KasperskyPURE.fr.msi/KPURE.cab/_74A127B3CCA94E3C8C7CE357DFA1281B.E2301B6F7AA34DF09419B10AE06FB3E6/ PE_Patch

29/09/2010 14:34:22 Compacté: Swf2Swc Fichier C:\Documents and Settings\All Users\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\ Game List.swf

29/09/2010 14:34:26 Compacté: Swf2Swc Fichier C:\Documents and Settings\All Users\Skype\{D103C4BA-F905-437A-8049-DB24763BBE36}\Skype.msi/Product.CAB/ Easygame01

29/09/2010 14:34:43 Compacté: PE_Patch Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/ Binary_jet40sp6_xp.exe

29/09/2010 14:34:46 Compacté: PE_Patch Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/ Binary_jet40sp6_w2k.exe

29/09/2010 14:35:00 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/Data1.cab/ splash.dat

29/09/2010 14:35:01 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ splash.dat

29/09/2010 14:35:01 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/Data1.cab/ connect_att.dat

29/09/2010 14:35:02 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ connect_att.dat

29/09/2010 14:35:04 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/Data1.cab/ connect_ani.dat

29/09/2010 14:35:04 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ connect_ani.dat

29/09/2010 14:35:08 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/Data1.cab/ npsguide.dat

29/09/2010 14:35:08 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Downloaded Installations\{B181384A-BE88-47DD-9FD5-CD1D088CE140}\Samsung New PC Studio.msi/Data1.cab/ npsguide.dat

29/09/2010 14:35:10 Compacté: PE_Patch Fichier C:\Documents and Settings\DREAM- TEAM\Samsung New PC Studio.msi/Data1.cab/ staropen.sys

29/09/2010 14:35:22 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\B3VEl5u5DvNzgIua1+Zd4Uxt2FLs=.dt2/ KoiPond.swf

29/09/2010 14:35:22 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\hyiJu8sDcRCbJhl+Ccy2CjQR8lA=.dt2/ mad_scientist.swf

29/09/2010 14:35:22 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\foune@hotmail.fr\ObjectStore\DynamicBackgrounds\jdI6F7DFhC2OSW2FJWOBKjulvAds=.dt2/ Pixies.swf

29/09/2010 14:35:25 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\hugodu69150@hotmail.fr\ObjectStore\DynamicBackgrounds\B3VEl5u5DvNzgIua1+Zd4Uxt2FLs=.dt2/ KoiPond.swf

29/09/2010 14:35:25 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\hugodu69150@hotmail.fr\ObjectStore\DynamicBackgrounds\hyiJu8sDcRCbJhl+Ccy2CjQR8lA=.dt2/ mad_scientist.swf

29/09/2010 14:35:25 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\hugodu69150@hotmail.fr\ObjectStore\DynamicBackgrounds\jdI6F7DFhC2OSW2FJWOBKjulvAds=.dt2/ Pixies.swf

29/09/2010 14:35:28 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\B3VEl5u5DvNzgIua1+Zd4Uxt2FLs=.dt2/ KoiPond.swf

29/09/2010 14:35:28 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\jdI6F7DFhC2OSW2FJWOBKjulvAds=.dt2/ Pixies.swf

29/09/2010 14:35:28 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\hyiJu8sDcRCbJhl+Ccy2CjQR8lA=.dt2/ mad_scientist.swf

29/09/2010 14:35:34 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\+8UdQGeB2FwWIYG+mC+vuvUy9zEw=.dt2/ notes.swf

29/09/2010 14:35:34 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\72FjqK0b2FzFkbJWZ+BlMs1OxQprI=.dt2/ bouncy_ball.swf

29/09/2010 14:35:34 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\alxGH2FFbmTzeLEdtRHmv6GBUzdw=.dt2/ kiss.swf

29/09/2010 14:35:34 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\AzBXDxf+Tcdvcans2TCRnoXh2Fjg=.dt2/ guitar_smash.swf

29/09/2010 14:35:35 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\enMqwlYLN4AvpmaOrIfYLWsVAdA=.dt2/ eyeball.swf

29/09/2010 14:35:35 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\lnHW2s0zHIsgKVjOiirk1ZBZ54g=.dt2/ silly_face.swf

29/09/2010 14:35:35 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\Nt2FqWL50Iag4EvPJjVS0IoDBFQ4=.dt2/ bow.swf

29/09/2010 14:35:35 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\rXcZb6ekO9S3jB29KleJkBOXYmY=.dt2/ knock.swf

29/09/2010 14:35:36 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\Sgj64GS+QyVyVxkslxY2FFsRARkg=.dt2/ heart.swf

29/09/2010 14:35:36 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\SrJJm7YJAcA15VowAhBWXri5yLc=.dt2/ stars.swf

29/09/2010 14:35:36 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\Winks3\tn+dOhziBZ+E4zoUS7frcglxoz0=.dt2/ love_letter.swf

29/09/2010 14:44:43 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Documents\DREAM-TEAM-PC\Backup Set 2009-12-21 135444\Backup Files 2009-12-21 135444\Backup files 1.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\B3VEl5u5DvNzgIua1+Zd4Uxt2FLs=.dt2/ KoiPond.swf

29/09/2010 14:44:43 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Documents\DREAM-TEAM-PC\Backup Set 2009-12-21 135444\Backup Files 2009-12-21 135444\Backup files 1.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\hyiJu8sDcRCbJhl+Ccy2CjQR8lA=.dt2/ mad_scientist.swf

29/09/2010 14:44:43 Compacté: Swf2Swc Fichier C:\Documents and Settings\DREAM- TEAM\Documents\DREAM-TEAM-PC\Backup Set 2009-12-21 135444\Backup Files 2009-12-21 135444\Backup files 1.zip/C\Users\DREAM- TEAM\AppData\Local\Microsoft\Messenger\nadrissi@hotmail.fr\ObjectStore\DynamicBackgrounds\jdI6F7DFhC2OSW2FJWOBKjulvAds=.dt2/ Pixies.swf

29/09/2010 14:56:37 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\mauby.air/bin-debug/ AppContainer_en_US_prod.swf

29/09/2010 14:56:37 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/Adobe AIR/Versions/1.0/ Adobe AIR Application Installer.swf

29/09/2010 14:56:39 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/Adobe AIR/Versions/1.0/Resources/ setup.swf

29/09/2010 14:56:39 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/Adobe AIR/Versions/1.0/ Adobe AIR Application Installer.swf

29/09/2010 14:56:39 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/Adobe AIR/Versions/1.0/Resources/ setup.swf

29/09/2010 14:56:39 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/ setup.swf

29/09/2010 14:56:39 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/ setup.swf

29/09/2010 14:56:44 Compacté: PE_Patch Fichier C:\Program Files (x86)\ASUS\AI Recovery\ rcdio.sys

29/09/2010 14:56:45 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/ #

29/09/2010 14:56:45 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/ #

29/09/2010 14:56:45 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\Adobe AIR Installer.exe/ #

29/09/2010 14:56:48 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/ #

29/09/2010 14:56:48 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/ #

29/09/2010 14:56:49 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/Adobe AIR Installer.exe/ #

29/09/2010 14:56:49 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\AcroRead.msi/AirInIExpress/data0000.cab/mauby.air/bin-debug/ AppContainer_en_US_prod.swf

29/09/2010 15:02:04 Compacté: PE_Patch.PECompact Fichier C:\Program Files (x86)\Betclic Poker.fr\ gvcrt.dll

29/09/2010 15:02:04 Compacté: PecBundle Fichier C:\Program Files (x86)\Betclic Poker.fr\gvcrt.dll/ PE_Patch.PECompact

29/09/2010 15:02:04 Compacté: PECompact Fichier C:\Program Files (x86)\Betclic Poker.fr\gvcrt.dll/PE_Patch.PECompact/ PecBundle

29/09/2010 15:02:09 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Betclic Poker.fr\data\wallet\br\ login_dialog.swf

29/09/2010 15:02:20 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\ setup.swf

29/09/2010 15:03:31 Compacté: PE_Patch Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\a42ce9e01ca7a7d\ Silverlight.2.0.exe

29/09/2010 15:03:40 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/bouncy_ball.mct/ bouncy_ball.swf

29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/bow.mct/ bow.swf

29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/eyeball.mct/ eyeball.swf

29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/guitar_smash.mct/ guitar_smash.swf

29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/heart.mct/ heart.swf

29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/kiss.mct/ kiss.swf

29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/knock.mct/ knock.swf

29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/love_letter.mct/ love_letter.swf

29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/notes.mct/ notes.swf

29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/silly_face.mct/ silly_face.swf

29/09/2010 15:03:41 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Common Files\Windows Live\.cache\9633ba301ca7a82\Messenger.msi/MsgrCore.cab/winksmct/stars.mct/ stars.swf

29/09/2010 15:04:15 Compacté: UPX Fichier C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ ISSetup.dll

29/09/2010 15:04:16 Compacté: UPX Fichier C:\Program Files (x86)\InstallShield Installation Information\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}\ ISSetup.dll

29/09/2010 15:04:16 Compacté: UPX Fichier C:\Program Files (x86)\InstallShield Installation Information\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\ ISSetup.dll

29/09/2010 15:04:17 Compacté: PE_Patch.PECompact Fichier C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\ ISSetup.dll

29/09/2010 15:04:17 Compacté: PecBundle Fichier C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\ISSetup.dll/ PE_Patch.PECompact

29/09/2010 15:04:17 Compacté: PECompact Fichier C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\ISSetup.dll/PE_Patch.PECompact/ PecBundle

29/09/2010 15:04:18 Compacté: UPX Fichier C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ ISSetup.dll

29/09/2010 15:04:18 Compacté: UPX Fichier C:\Program Files (x86)\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\ ISSetup.dll

29/09/2010 15:04:21 Compacté: PE_Patch.PECompact Fichier C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\ ISSetup.dll

29/09/2010 15:04:21 Compacté: PecBundle Fichier C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\ISSetup.dll/ PE_Patch.PECompact

29/09/2010 15:04:21 Compacté: PECompact Fichier C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\ISSetup.dll/PE_Patch.PECompact/ PecBundle

29/09/2010 15:06:26 Compacté: PE_Patch Fichier C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Kaspersky Password Manager\Module Retargetable Folder\ stpass.exe

29/09/2010 15:06:27 Compacté: ASProtect Fichier C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Kaspersky Password Manager\Module Retargetable Folder\stpass.exe/ PE_Patch

29/09/2010 15:54:10 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\dynamicbackgrounds.mct/koipond.mct/ KoiPond.swf

29/09/2010 15:54:10 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\dynamicbackgrounds.mct/mad.mct/ mad_scientist.swf

29/09/2010 15:54:10 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\dynamicbackgrounds.mct/pixies.mct/ Pixies.swf

29/09/2010 15:54:12 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/bouncy_ball.mct/ bouncy_ball.swf

29/09/2010 15:54:12 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/bow.mct/ bow.swf

29/09/2010 15:54:12 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/eyeball.mct/ eyeball.swf

29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/guitar_smash.mct/ guitar_smash.swf

29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/heart.mct/ heart.swf

29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/kiss.mct/ kiss.swf

29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/knock.mct/ knock.swf

29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/love_letter.mct/ love_letter.swf

29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/notes.mct/ notes.swf

29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/silly_face.mct/ silly_face.swf

29/09/2010 15:54:13 Compacté: Swf2Swc Fichier C:\Program Files (x86)\Windows Live\Messenger\winks.mct/stars.mct/ stars.swf

29/09/2010 15:59:20 Compacté: UPX Fichier C:\Programs\PartyFrance\PartyPokerFr\ Uninstall.exe

29/09/2010 15:59:21 Compacté: UPX Fichier C:\Programs\PartyFrance\PartyPokerFr\Uninstall.exe/ #

29/09/2010 16:20:29 Compacté: Swc2Exe Fichier C:\Windows\ ASUS Camera ScreenSaver.exe

29/09/2010 16:32:06 Compacté: PE_Patch Fichier C:\Windows\SoftwareDistribution\Download\ 05a32d6f38e9bb8aec7835b347c9677eb61eb740

29/09/2010 16:35:31 Compacté: MIME.Broken Fichier C:\Windows\System32\DriverStore\FileRepository\atiriol6.inf_amd64_neutral_bde34ad5722cca75\ CTRL.s3

29/09/2010 16:36:09 Compacté: PE_Patch.PECompact Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_667bc38bcde8d2a3\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ ISSetup.dll

29/09/2010 16:36:09 Compacté: PecBundle Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_667bc38bcde8d2a3\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ISSetup.dll/ PE_Patch.PECompact

29/09/2010 16:36:09 Compacté: PECompact Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_667bc38bcde8d2a3\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ISSetup.dll/PE_Patch.PECompact/ PecBundle

29/09/2010 16:36:11 Compacté: PE_Patch.PECompact Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_cb0848cd05af6872\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ ISSetup.dll

29/09/2010 16:36:11 Compacté: PecBundle Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_cb0848cd05af6872\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ISSetup.dll/ PE_Patch.PECompact

29/09/2010 16:36:11 Compacté: PECompact Fichier C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_cb0848cd05af6872\NvCplSetupInt.exe/NVIDIA Control Panel.msi/ISSetup.dll/PE_Patch.PECompact/ PecBundle

29/09/2010 16:41:48 Compacté: Swf2Swc Fichier C:\Windows\SysWOW64\Asus_Camera_ScreenSaver dir\ ASUS Camera ScreenSaver.swf

29/09/2010 16:41:48 Compacté: ASPack Fichier C:\Windows\SysWOW64\Asus_Camera_ScreenSaver dir\ saver1.dll

29/09/2010 16:44:10 Compacté: MIME.Broken Fichier C:\Windows\winsxs\amd64_atiriol6.inf_31bf3856ad364e35_6.1.7600.16385_none_a909ad21d26d5bd0\ CTRL.s3

29/09/2010 17:27:05 Fin de la tâche

 

MBAM :

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4716

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

29/09/2010 18:04:58

mbam-log-2010-09-29 (18-04-58).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 145506

Temps écoulé: 9 minute(s), 17 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Merci d'avance

[Apollo]

Bonsoir,

 

Il vaudrait mieux faire une analyse complète avec MBAM; je te donnerai la procédure correcte.

 

Quelle est la couleur du feu de Kaspersky? Si elle est au vert, c'est qu'il n'y a aucune menace active.

14 heures d'analyse? C'est ta première?

 

 

En effet, Hijackthis n'est pas adapté aux 64 Bits, il faut faire avec ceci:

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

 

Pour les systèmes 64 Bits: Télécharger RSIT 64 Bits

 

• Double-clique sur RSIT.exe afin de lancer RSIT.
   
  Important :
  * Sous Vista : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
   
  * Sous Windows 7 : Il faut mettre le fichier RSIT.exe sur le bureau, faire un clic droit dessus et dans Propriétés, onglet Compatibilité, cocher la case "Exécuter ce programme en mode compatibilité pour" et dans le menu choisir Vista SP2 et la case dans Niveau de privilège.
  Valide par Appliquer.
   
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  

 

>>>Tu peux héberger les deux rapports de RSIT ici: Cijoint.fr - Service gratuit de dépôt de fichiers et me donner les liens pour que je puisse les consulter.

 

Pour l'instant, il vaut mieux procéder de la sorte pour ne pas planter le sujet du forum.

 

@++

[dami69]

salut apollo je tiens a te remercier pour le temps que m'a consacre

 

Ce n est pas la premiere analyse que je fait et l'analyse n a pas duree 14 h ???

et kaspersky est toujours vert ,regle sur analyse quotidienne et approndie "

 

Jai suivi a lettre tes conseils et voici rapport.

 

et merci d'avance

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by DREAM- TEAM at 2010-10-02 16:14:38

Microsoft Windows 7 Édition Familiale Premium Service Pack 2

System drive C: has 163 GB (68%) free of 238 GB

Total RAM: 4095 MB (60% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:14:54, on 02/10/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe

C:\Program Files\trend micro\DREAM- TEAM.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Recherche France Toolbar - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files (x86)\Recherche_France\tbRec0.dll

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ccleaner] "C:\Program Files (x86)\CCleaner\CCleaner.exe" /AUTO

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O4 - Global Startup: SRS Premium Sound.lnk = ?

O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Mon Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll

O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing)

O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerVistaADP-2.0.0.1.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service de gestion du système CryproStorage (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @%Systemroot%\system32\iprip.dll,-200 (iprip) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmp.exe,-3 (SNMP) - Unknown owner - C:\Windows\System32\snmp.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30003 (W3SVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

 

--

End of file - 25507 bytes

 

======Listing Processes======

 

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

winlogon.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"

"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k apphost

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe" -r

"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"

C:\Windows\system32\CISVC.EXE

"C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe"

"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k ipripsvc

C:\Windows\system32\mqsvc.exe

"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"

C:\Windows\System32\tcpsvcs.exe

C:\Windows\System32\snmp.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k iissvcs

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

WLIDSvcM.exe 2372

"taskhost.exe"

taskeng.exe {ACEC537F-34E3-4D21-AD4E-BEEBDB3D39FC}

"C:\Program Files\P4G\BatteryLife.exe"

"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"

"C:\Windows\system32\Dwm.exe"

"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"

"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"

"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"

C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"

Atouch64.exe

"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding

ATKOSD.exe

KBFiltr.exe

WDC.exe

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"

"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"

"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"

"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"

"C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"

"C:\Windows\AsScrPro.exe"

"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

C:\Windows\System32\svchost.exe -k secsvcs

"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Internet Explorer\iexplore.exe"

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3188 CREDAT:71937

"C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtblfs.exe" -Embedding

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -Embedding

"C:\Users\DREAM- TEAM\Desktop\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]

Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-06 132448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll [2009-12-25 61456]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]

FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll [2009-12-25 345104]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll [2009-12-25 68112]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5b75883-e809-4120-bfeb-8d707d5dfbe3}]

Recherche France Toolbar - C:\Program Files (x86)\Recherche_France\tbRec0.dll [2009-05-20 2085400]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]

FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll [2009-12-25 268816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{d5b75883-e809-4120-bfeb-8d707d5dfbe3} - Recherche France Toolbar - C:\Program Files (x86)\Recherche_France\tbRec0.dll [2009-05-20 2085400]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-20 7981088]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-02 16330272]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

"ccleaner"=C:\Program Files (x86)\CCleaner\CCleaner.exe [2010-09-24 1786168]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]

C:\Program Files (x86)\eMule\emule.exe -AutoStart []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper]

c:\programdata\SetWallpaper.cmd []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]

C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]

C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]

C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-09-26 12862]

 

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]

"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]

"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [2009-12-25 340456]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

"AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-09-08 47904]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-09-24 421160]

 

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

 

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ADSMTray]

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

 

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]

C:\Windows\AsScrProlog.exe [2009-09-26 72248]

 

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]

C:\Windows\AsScrPro.exe [2009-09-26 3054136]

 

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer]

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll,C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]

C:\Windows\System32\klogon.dll [2009-12-25 224272]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"NoDriveTypeAutoRun"=60

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2010-10-02 16:14:40 ----D---- C:\Program Files\trend micro

2010-10-02 16:14:38 ----D---- C:\rsit

2010-10-02 15:27:45 ----D---- C:\Program Files\Microsoft Office

2010-10-02 15:27:25 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8

2010-09-30 19:18:52 ----D---- C:\Program Files (x86)\Everest Poker.fr

2010-09-30 00:10:10 ----A---- C:\Windows\system32\drivers\usbvideo.sys

2010-09-30 00:10:10 ----A---- C:\Windows\system32\drivers\ks.sys

2010-09-29 21:57:57 ----HD---- C:\Windows\AxInstSV

2010-09-29 17:53:07 ----D---- C:\Users\DREAM- TEAM\AppData\Roaming\Malwarebytes

2010-09-29 17:52:44 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys

2010-09-29 17:52:42 ----D---- C:\ProgramData\Malwarebytes

2010-09-29 17:52:42 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2010-09-29 17:52:42 ----A---- C:\Windows\system32\drivers\mbam.sys

2010-09-29 13:13:33 ----D---- C:\Program Files (x86)\CCleaner

2010-09-29 12:54:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio

2010-09-29 12:16:21 ----SHD---- C:\Config.Msi

2010-09-29 10:42:50 ----A---- C:\Windows\SYSWOW64\tzres.dll

2010-09-29 10:42:50 ----A---- C:\Windows\system32\tzres.dll

2010-09-28 14:06:44 ----D---- C:\Program Files\iPod

2010-09-28 14:06:42 ----D---- C:\Program Files\iTunes

2010-09-28 14:06:42 ----D---- C:\Program Files (x86)\iTunes

2010-09-28 13:47:59 ----D---- C:\Program Files (x86)\QuickTime

2010-09-28 13:39:17 ----D---- C:\Program Files\Bonjour

2010-09-28 13:39:17 ----D---- C:\Program Files (x86)\Bonjour

2010-09-16 00:21:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2010-09-16 00:21:44 ----A---- C:\Windows\system32\iertutil.dll

2010-09-15 22:21:16 ----A---- C:\Windows\system32\spoolsv.exe

2010-09-10 17:58:42 ----D---- C:\Users\DREAM- TEAM\AppData\Roaming\Mozilla-Cache

2010-09-10 17:58:39 ----D---- C:\Users\DREAM- TEAM\AppData\Roaming\Mozilla

2010-09-10 17:55:40 ----D---- C:\Programs

 

======List of files/folders modified in the last 1 months======

 

2010-10-02 16:14:46 ----D---- C:\Windows\Temp

2010-10-02 16:14:40 ----RD---- C:\Program Files

2010-10-02 15:57:06 ----D---- C:\Windows

2010-10-02 15:52:07 ----D---- C:\Windows\system32\config

2010-10-02 15:45:27 ----SD---- C:\Users\DREAM- TEAM\AppData\Roaming\Microsoft

2010-10-02 15:42:21 ----SHD---- C:\Windows\Installer

2010-10-02 15:42:01 ----D---- C:\ProgramData\Microsoft Help

2010-10-02 15:41:51 ----RSD---- C:\Windows\assembly

2010-10-02 15:41:26 ----D---- C:\Windows\winsxs

2010-10-02 15:38:38 ----D---- C:\Program Files (x86)\MSBuild

2010-10-02 15:38:04 ----SD---- C:\ProgramData\Microsoft

2010-10-02 15:30:58 ----D---- C:\Program Files\Common Files\Microsoft Shared

2010-10-02 15:27:25 ----RD---- C:\Program Files (x86)

2010-10-02 15:27:06 ----D---- C:\Windows\ShellNew

2010-10-02 15:26:46 ----A---- C:\Windows\win.ini

2010-10-02 15:26:42 ----D---- C:\Program Files (x86)\Microsoft Office

2010-10-02 15:25:14 ----D---- C:\Windows\SysWOW64

2010-10-02 15:23:22 ----SHD---- C:\System Volume Information

2010-10-02 14:55:48 ----D---- C:\Windows\System32

2010-10-02 14:55:48 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-10-02 14:55:45 ----D---- C:\Windows\inf

2010-10-02 11:52:24 ----D---- C:\ProgramData\Kaspersky Lab

2010-09-30 18:56:44 ----A---- C:\Windows\system32\acovcnt.exe

2010-09-30 18:17:54 ----HD---- C:\ProgramData

2010-09-30 18:17:47 ----D---- C:\Windows\Downloaded Program Files

2010-09-30 18:12:59 ----D---- C:\Windows\SYSWOW64\fr-FR

2010-09-30 18:12:59 ----D---- C:\Windows\system32\fr-FR

2010-09-30 18:12:58 ----D---- C:\Program Files (x86)\Internet Explorer

2010-09-30 18:12:56 ----D---- C:\Program Files\Internet Explorer

2010-09-30 18:12:55 ----D---- C:\Windows\system32\drivers

2010-09-30 18:12:52 ----D---- C:\Windows\system32\DriverStore

2010-09-30 18:11:37 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2010-09-30 00:10:25 ----D---- C:\Windows\system32\catroot

2010-09-29 17:52:44 ----D---- C:\Windows\SYSWOW64\drivers

2010-09-29 17:35:21 ----D---- C:\Windows\system32\Tasks

2010-09-29 13:18:10 ----D---- C:\Windows\debug

2010-09-29 12:55:35 ----RSD---- C:\Windows\Fonts

2010-09-29 12:05:35 ----D---- C:\Program Files (x86)\Microsoft

2010-09-29 10:41:34 ----D---- C:\Windows\system32\catroot2

2010-09-29 10:36:07 ----D---- C:\Windows\Prefetch

2010-09-29 10:35:55 ----RD---- C:\Program Files (x86)\Skype

2010-09-28 13:34:48 ----D---- C:\Program Files (x86)\Safari

2010-09-27 21:22:01 ----D---- C:\Windows\Tasks

2010-09-27 21:22:01 ----D---- C:\Windows\system32\wfp

2010-09-27 21:22:01 ----D---- C:\Windows\system32\wbem

2010-09-27 21:22:01 ----D---- C:\Windows\system32\CodeIntegrity

2010-09-27 21:22:01 ----D---- C:\ProgramData\P4G

2010-09-27 21:21:56 ----D---- C:\Windows\registration

2010-09-24 13:16:15 ----SHD---- C:\$Recycle.Bin

2010-09-23 17:24:01 ----D---- C:\Windows\Microsoft.NET

2010-09-22 21:17:05 ----D---- C:\Program Files (x86)\Betclic Poker.fr

2010-09-22 20:43:48 ----D---- C:\Windows\SYSWOW64\en-US

2010-09-22 20:43:48 ----D---- C:\Windows\system32\en-US

2010-09-22 20:43:47 ----D---- C:\Program Files (x86)\Microsoft.NET

2010-09-16 22:13:56 ----D---- C:\Windows\SYSWOW64\inetsrv

2010-09-16 22:13:56 ----D---- C:\Windows\system32\inetsrv

2010-09-16 00:22:36 ----A---- C:\Windows\system32\MRT.exe

2010-09-07 19:08:51 ----D---- C:\Users\DREAM- TEAM\AppData\Roaming\Skype

2010-09-07 18:40:11 ----D---- C:\Users\DREAM- TEAM\AppData\Roaming\skypePM

2010-09-07 00:34:53 ----D---- C:\Windows\system32\NDF

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 amdxata;amdxata; C:\Windows\system32\DRIVERS\amdxata.sys [2009-07-14 28752]

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-09-26 35384]

R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2009-07-14 460504]

R0 CSCrySec;InfoWatch Encrypt Sector Library driver; C:\Windows\system32\DRIVERS\CSCrySec.sys [2009-12-14 85048]

R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2009-09-26 223448]

R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2009-07-14 14416]

R0 KLBG;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\DRIVERS\klbg.sys [2009-10-14 40464]

R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2009-12-11 153160]

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-06-29 240672]

R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2009-07-14 50768]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]

R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver; C:\Windows\system32\DRIVERS\vdrvroot.sys [2009-07-14 36432]

R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2009-12-14 66104]

R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 40448]

R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 157712]

R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2010-05-09 353296]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-09-14 27152]

R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 8192]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 12800]

R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]

R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 38912]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-20 1831968]

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]

R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 21008]

R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2009-07-14 189440]

R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-05-11 81952]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-02 11528096]

R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704]

R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 60416]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]

R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-20 1799680]

R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys [2009-07-14 24576]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 112128]

S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 227840]

S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 12288]

S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 60928]

S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 106576]

S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 194128]

S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]

S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 61440]

S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys [2009-06-10 468480]

S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2009-06-10 270848]

S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2009-07-14 5632]

S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys [2009-06-10 3286016]

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 9728]

S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]

S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 55376]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-06 61280]

S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-06-10 31232]

S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 350208]

S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 26624]

S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 77888]

S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 65600]

S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 284736]

S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 8192]

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-14 11136]

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-14 7168]

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2009-07-14 6784]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 8064]

S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 15360]

S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 35328]

S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 24064]

S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 29696]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 24656]

S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []

S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 9728]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2010-04-19 50688]

S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2010-03-04 184832]

S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 217680]

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 22096]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 172544]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]

R2 AVP;Kaspersky PURE; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [2009-12-25 340456]

R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-07-27 345376]

R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456]

R2 CSObjectsSrv;Service de gestion du système CryproStorage; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]

R2 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 31232]

R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]

R2 iprip;@%Systemroot%\system32\iprip.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2009-07-14 9216]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-02 382496]

R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 10240]

R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2009-07-14 49664]

R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]

R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 932640]

R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3524608]

S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992]

S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 31232]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-28 1255736]

S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S4 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]

S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 81920]

 

-----------------EOF-----------------

[Apollo]

Bonjour,

Une analyse hebdomadaire est largement suffisante, la protection résidente de Kaspersky est assez efficace pour travailler toute seule

 

Règle tes mises à jour à "toutes les 2 heures" et ce sera impec.

 

Microsoft Windows Live OneCare Family Safety

 

C'est un antivirus! S'il est toujours sur la machine, désinstalle-le; ça crée des conflits avec KAV...

De même, à part MBAM (toléré) n'installe jamais d'autres machins comme des antispywares, Kaspersky contient tout ça, d'autant que tu as PURE si je me souviens bien.

 

Supprime ce fichier: c:\programdata\SetWallpaper.cmd

Comment afficher les dossiers/fichiers cachés sous Vista

 

C'est pour Vista mais je suppose que 7 y ressemble un pneu lol. Je sais pas jamais vu de vista ou de 7 de ma vie, suis trop pauvre moua

 

Ton pc va bien à part ça?

 

Si tu te posais un jour des questions sur ton produit PURE: Kaspersky Lab Forum -> Forum des Utilisateurs Français

 

De même, très utile en cas de pépin: Mon Espace Personnel

 

@++

[dami69]

salut apollo

 

le programme Microsoft Windows Live OneCare Family Safety n'est poas present ni le fichier Microsoft Windows Live OneCare Family Safety

j ai regle kasper comme tu me l' a dis pour l'ordinateur et il marche bien

 

Merci encore pour ton aide

JE VAIS ALLER ME BALADER SUR LE FORUM KASPER THX

[Apollo]

Re

 

Si tu ne joues pas avec le feu (P2P, cracks, keygen) tu as une protection formidable sur ta machine.

 

Tu ne risques donc pas grand-chose si tu restes prudent(e)

 

@++