Bonjour

je viens de constater l'utilisation frauduleuse de ma carte bleue, probablement par le numéro à 16 chiffres utilisé dans les achats en ligne.

Après plainte déposée à la police et bloquage par la banque du compte je voudrais m'assurer qu'il n'y a pas de malwere présents ou encore présents sur mon pc W7

j'ai 3 rapports: rsit, gmer et combofix ( je sais qu'il ne faut pas l'utiliser )

je ne sais pas interpréter ces rapports et je vous sollicite pour me rassurer éventuellement.

J'envisage de changer systématiquement mes mots de passe liés au commerce en ligne.

Un grand merci

Remarque comme je ne sais pas comment joindre un fichier sur ce forum je joins sur la même page un copier-coller des 3 rapports

Logfile of random's system information tool 1.09 (written by random/random)
Run by andre at 2011-08-04 17:26:22
Microsoft Windows 7 Professionnel Service Pack 1
System drive C: has 131 GB (55%) free of 239 GB
Total RAM: 3579 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:26:23, on 04/08/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\notepad.exe
C:\Windows\explorer.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\andre\Desktop\coucou.exe
C:\Program Files\Trend Micro\HijackThis\andre.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss&mntrId=da051ad700000000000000241dd39c6a&tlver=1.4.19.19&affID=17160
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [CTRegRun] C:\Windows\CTRegRun.EXE
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 23718 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RegistryBooster.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
CescrtHlpr Object - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [2010-11-07 225720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-14 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll [2010-11-07 184760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-04-11 56080]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-04-11 56080]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-17 281768]
"UVS11 Preload"=C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-07-23 341232]
"CTRegRun"=C:\Windows\CTRegRun.EXE [2006-10-06 53248]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2011-05-29 1047656]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"Launch LCDMon"=C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe [2006-07-19 549376]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2011-05-29 1047656]
"BabylonToolbar"=C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe [2010-11-07 286720]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-03-28 10029672]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2010-08-09 248832]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-18 203776]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"MSVideo"=VfWWDM32.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.yv12"=yv12vfw.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.DIVX"=divx.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.ZMBV"=zmbv.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 2 months======

2011-08-04 17:12:45 ----SHD---- C:\$RECYCLE.BIN
2011-08-04 17:12:43 ----A---- C:\ComboFix.txt
2011-08-04 17:07:25 ----A---- C:\Windows\zip.exe
2011-08-04 17:07:25 ----A---- C:\Windows\SWSC.exe
2011-08-04 17:07:25 ----A---- C:\Windows\SWREG.exe
2011-08-04 17:07:25 ----A---- C:\Windows\sed.exe
2011-08-04 17:07:25 ----A---- C:\Windows\PEV.exe
2011-08-04 17:07:25 ----A---- C:\Windows\NIRCMD.exe
2011-08-04 17:07:25 ----A---- C:\Windows\MBR.exe
2011-08-04 17:07:25 ----A---- C:\Windows\grep.exe
2011-08-04 17:06:39 ----D---- C:\Windows\ERDNT
2011-08-04 17:05:25 ----D---- C:\Qoobox
2011-08-04 12:09:45 ----D---- C:\rsit
2011-07-27 21:12:33 ----D---- C:\Windows\system32\SPReview
2011-07-27 21:11:17 ----D---- C:\Windows\system32\EventProviders
2011-07-21 17:55:42 ----D---- C:\Users\andre\AppData\Roaming\HPAppData
2011-07-19 15:49:53 ----A---- C:\Windows\system32\javaws.exe
2011-07-19 15:49:53 ----A---- C:\Windows\system32\javaw.exe
2011-07-19 15:49:53 ----A---- C:\Windows\system32\java.exe
2011-07-13 15:27:47 ----D---- C:\Python32
2011-07-13 15:19:22 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 15:19:22 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 15:19:22 ----A---- C:\Windows\system32\conhost.exe
2011-07-13 15:19:19 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 15:19:18 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-13 15:19:16 ----A---- C:\Windows\system32\win32k.sys
2011-07-10 21:51:42 ----A---- C:\Windows\system32\python32.dll
2011-06-29 19:05:32 ----D---- C:\Program Files\Common Files\Adobe
2011-06-29 19:05:32 ----D---- C:\Program Files\Adobe
2011-06-29 14:30:22 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 14:30:22 ----A---- C:\Windows\system32\cfgmgr32.dll
2011-06-29 14:30:18 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 14:30:18 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 14:30:17 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 14:30:17 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 14:30:17 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 14:30:17 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 14:30:17 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 14:30:17 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 14:30:17 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-22 13:49:18 ----HDC---- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-06-16 14:43:38 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-16 14:43:37 ----A---- C:\Windows\system32\jscript9.dll
2011-06-16 14:43:37 ----A---- C:\Windows\system32\jscript.dll
2011-06-16 14:43:37 ----A---- C:\Windows\system32\ieui.dll
2011-06-16 14:43:37 ----A---- C:\Windows\system32\iertutil.dll
2011-06-16 14:43:36 ----A---- C:\Windows\system32\urlmon.dll
2011-06-16 14:43:36 ----A---- C:\Windows\system32\mshtml.dll
2011-06-16 14:43:36 ----A---- C:\Windows\system32\ieframe.dll
2011-06-16 14:30:03 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-16 14:30:03 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-16 14:30:03 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-16 14:30:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-16 14:30:00 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2011-06-16 14:30:00 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-16 14:29:57 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-16 14:29:56 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-16 14:29:55 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-16 14:29:55 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-16 14:29:55 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-06-16 14:29:55 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-06-16 14:29:55 ----A---- C:\Windows\system32\d3d10_1.dll
2011-06-16 13:41:40 ----D---- C:\eclipse
2011-06-07 15:58:19 ----D---- C:\Program Files\Sun
2011-06-07 15:54:42 ----D---- C:\Program Files\Common Files\Java

======List of files/folders modified in the last 2 months======

2011-08-04 17:26:22 ----D---- C:\Windows\Temp
2011-08-04 17:12:28 ----D---- C:\Windows\system32\Tasks
2011-08-04 17:12:27 ----D---- C:\Windows\Tasks
2011-08-04 17:11:47 ----D---- C:\Windows
2011-08-04 17:11:47 ----A---- C:\Windows\system.ini
2011-08-04 17:11:43 ----D---- C:\Windows\system32\drivers\etc
2011-08-04 17:11:23 ----D---- C:\Program Files
2011-08-04 17:09:41 ----D---- C:\Windows\system32\drivers
2011-08-04 17:09:41 ----D---- C:\Windows\System32
2011-08-04 17:09:41 ----D---- C:\Windows\AppPatch
2011-08-04 17:09:40 ----D---- C:\Program Files\Common Files
2011-08-04 11:44:47 ----D---- C:\Windows\system32\config
2011-08-04 11:25:38 ----SHD---- C:\System Volume Information
2011-08-04 11:03:56 ----D---- C:\Windows\debug
2011-08-04 11:01:48 ----D---- C:\Windows\inf
2011-08-04 11:01:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-04 10:55:52 ----D---- C:\ProgramData\NVIDIA
2011-08-01 16:22:52 ----D---- C:\Windows\system32\catroot2
2011-07-29 22:34:12 ----D---- C:\Windows\Microsoft.NET
2011-07-29 22:33:59 ----RSD---- C:\Windows\assembly
2011-07-29 21:26:10 ----D---- C:\Windows\winsxs
2011-07-28 21:02:58 ----D---- C:\Windows\system32\catroot
2011-07-27 21:28:48 ----D---- C:\Boot
2011-07-27 21:28:46 ----D---- C:\Windows\system32\DriverStore
2011-07-27 21:20:56 ----D---- C:\Program Files\Windows Sidebar
2011-07-27 21:20:56 ----D---- C:\Program Files\Windows Portable Devices
2011-07-27 21:20:56 ----D---- C:\Program Files\Windows Media Player
2011-07-27 21:20:56 ----D---- C:\Program Files\Windows Mail
2011-07-27 21:20:56 ----D---- C:\Program Files\Internet Explorer
2011-07-27 21:20:56 ----D---- C:\Program Files\DVD Maker
2011-07-27 21:20:55 ----D---- C:\Program Files\Windows Photo Viewer
2011-07-27 21:20:55 ----D---- C:\Program Files\Windows Journal
2011-07-27 21:20:52 ----D---- C:\Windows\servicing
2011-07-27 21:20:52 ----D---- C:\Windows\ehome
2011-07-27 21:20:52 ----D---- C:\Program Files\Windows Defender
2011-07-27 21:20:46 ----D---- C:\Windows\system32\sysprep
2011-07-27 21:20:46 ----D---- C:\Windows\system32\oobe
2011-07-27 21:20:46 ----D---- C:\Windows\system32\migration
2011-07-27 21:20:46 ----D---- C:\Windows\system32\da-DK
2011-07-27 21:20:46 ----D---- C:\Windows\PolicyDefinitions
2011-07-27 21:20:41 ----D---- C:\Windows\system32\fr-FR
2011-07-27 21:20:41 ----D---- C:\Windows\system32\AdvancedInstallers
2011-07-27 21:20:40 ----D---- C:\Windows\system32\sppui
2011-07-27 21:20:40 ----D---- C:\Windows\system32\Setup
2011-07-27 21:20:40 ----D---- C:\Windows\system32\manifeststore
2011-07-27 21:20:40 ----D---- C:\Windows\system32\es-ES
2011-07-27 21:20:40 ----D---- C:\Windows\system32\drivers\fr-FR
2011-07-27 21:20:40 ----D---- C:\Windows\system32\cs-CZ
2011-07-27 21:20:39 ----D---- C:\Windows\system32\wbem
2011-07-27 21:20:39 ----D---- C:\Windows\system32\migwiz
2011-07-27 21:20:39 ----D---- C:\Windows\system32\Dism
2011-07-27 21:20:20 ----RSD---- C:\Windows\Fonts
2011-07-27 21:20:10 ----D---- C:\Windows\system32\Boot
2011-07-27 21:17:49 ----A---- C:\Windows\system32\msclmd.dll
2011-07-27 11:25:04 ----D---- C:\Windows\system32\NDF
2011-07-26 15:50:46 ----D---- C:\Windows\Prefetch
2011-07-19 22:03:31 ----SHD---- C:\Windows\Installer
2011-07-19 22:03:31 ----D---- C:\Config.Msi
2011-07-19 22:03:23 ----D---- C:\Program Files\Google
2011-07-19 15:49:52 ----D---- C:\Program Files\Java
2011-07-18 21:21:13 ----D---- C:\Users\andre\AppData\Roaming\gtk-2.0
2011-07-13 15:37:35 ----A---- C:\Windows\system32\MRT.exe
2011-07-12 19:26:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-11 11:41:19 ----D---- C:\Windows\Minidump
2011-07-09 10:27:17 ----D---- C:\Program Files\Mozilla Thunderbird
2011-07-06 19:28:45 ----D---- C:\Windows\system32\wfp
2011-07-06 19:27:54 ----D---- C:\Windows\registration
2011-07-06 19:27:54 ----D---- C:\ProgramData\Ulead Systems
2011-07-02 15:33:07 ----D---- C:\Program Files\Mozilla Firefox
2011-07-01 18:41:43 ----D---- C:\Users\andre\AppData\Roaming\FileZilla
2011-06-30 18:05:51 ----D---- C:\Program Files\FileZilla FTP Client
2011-06-29 19:05:33 ----D---- C:\ProgramData\Adobe
2011-06-22 13:49:18 ----D---- C:\ProgramData
2011-06-16 14:43:58 ----D---- C:\Program Files\Microsoft Silverlight
2011-06-15 21:57:33 ----D---- C:\exercicesjava
2011-06-14 18:26:11 ----D---- C:\Windows\Logs
2011-06-14 18:25:26 ----D---- C:\Program Files\CCleaner
2011-06-07 18:29:07 ----RD---- C:\Users
2011-06-07 15:48:15 ----D---- C:\Users\andre\AppData\Roaming\vlc
2011-06-07 15:48:15 ----D---- C:\ProgramData\HP
2011-06-07 15:48:14 ----RSD---- C:\Windows\Media
2011-06-07 15:48:14 ----D---- C:\Windows\system32\fr
2011-06-07 15:48:14 ----D---- C:\Windows\system32\CodeIntegrity
2011-06-07 15:48:14 ----D---- C:\Windows\AppCompat
2011-06-07 15:34:32 ----D---- C:\Program Files\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-04-04 137656]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-12-14 61960]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35088]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-04-06 3464104]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-04-11 20496]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-10-16 1168896]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S2 P0250BUK;Creative PC-CAM 550 (Still); C:\Windows\System32\Drivers\p0250Buk.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Pilote de filtre du bus AMD AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 catchme;catchme; \??\C:\Users\andre\AppData\Local\Temp\catchme.sys []
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2007-04-11 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2007-04-11 79376]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]
S3 mbr;mbr; \??\C:\Allah\mbr.sys []
S3 P0250VID;Creative PC-CAM 550 (Video); C:\Windows\system32\DRIVERS\p0250v2k.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtre de bus AGP SIS; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 uglorpob;uglorpob; \??\C:\Users\andre\AppData\Local\Temp\uglorpob.sys []
S3 viaagp;Filtre de bus AGP VIA; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-04-04 269480]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 600680]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 WDDMService;WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-09-08 237056]
R2 WDFME;WD File Management Engine; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2010-09-08 1034752]
R2 WDSC;WD File Management Shadow Engine; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2010-09-08 484352]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-14 135664]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-17 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-13 79360]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-14 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400]

-----------------EOF-----------------


=======================

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: STM3500418AS rev.CC37 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-6

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

=====================

ComboFix 11-08-04.01 - andre 04/08/2011 17:08:01.1.4 - x86
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3579.1835 [GMT 2:00]
Lancé depuis: c:\users\andre\Desktop\Allah.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Uninstall.exe
c:\program files\version.txt
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-07-04 au 2011-08-04 ))))))))))))))))))))))))))))))))))))
.
.
2011-08-04 15:11 . 2011-08-04 15:11 -------- d-----w- c:\users\andre\AppData\Local\temp
2011-08-04 15:11 . 2011-08-04 15:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-04 10:09 . 2011-08-04 10:09 -------- d-----w- C:\rsit
2011-08-02 08:04 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FA103795-5F2D-4BCE-B4FA-9FD80ECBD23C}\mpengine.dll
2011-07-27 19:12 . 2011-07-27 19:12 -------- d-----w- c:\windows\system32\SPReview
2011-07-27 19:11 . 2011-07-27 19:11 -------- d-----w- c:\windows\system32\EventProviders
2011-07-21 15:55 . 2011-07-21 15:55 -------- d-----w- c:\users\andre\AppData\Roaming\HPAppData
2011-07-13 13:27 . 2011-07-14 15:52 -------- d-----w- C:\Python32
2011-07-10 19:51 . 2011-07-10 19:51 2230272 ----a-w- c:\windows\system32\python32.dll
2011-07-06 16:18 . 2011-07-27 08:43 -------- d-----w- c:\users\andre\.idlerc
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-27 19:17 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-06-22 07:13 . 2011-06-22 07:13 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-14 09:49 . 2011-06-14 09:49 0 ---ha-w- c:\users\andre\AppData\Local\BIT9194.tmp
2011-05-29 07:11 . 2010-02-11 15:15 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2010-02-11 15:15 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 17:14 . 2009-11-07 12:47 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-24 10:44 . 2011-06-29 12:30 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-09 18:44 . 2011-01-02 16:26 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-05-09 18:44 . 2011-01-02 16:26 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-05-06 16:06 . 2011-01-05 16:07 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-05-06 16:06 . 2011-01-05 16:07 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-05-06 16:06 . 2011-01-02 16:26 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-07-08 19:01 . 2010-07-08 19:01 57344 ----a-w- c:\program files\AptanaStudio.exe
2009-08-20 13:07 . 2009-08-20 13:07 9816064 ----a-w- c:\program files\openofficeorg31.msi
2002-03-11 09:06 . 2002-03-11 09:06 1822520 ----a-w- c:\program files\instmsiw.exe
2002-03-11 08:45 . 2002-03-11 08:45 1708856 ----a-w- c:\program files\instmsia.exe
2011-07-02 13:33 . 2011-04-23 15:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 341232]
"CTRegRun"="c:\windows\CTRegRun.EXE" [2006-10-06 53248]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-29 1047656]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Launch LCDMon"="c:\program files\Common Files\Logitech\LCD Manager\lcdmon.exe" [2006-07-19 549376]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"P17RunE"="P17RunE.dll" [2008-03-28 14848]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-29 1047656]
"BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-03-28 10029672]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-9-8 5185536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-14 135664]
R2 P0250BUK;Creative PC-CAM 550 (Still);c:\windows\system32\Drivers\p0250Buk.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-17 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-13 79360]
R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-14 135664]
R3 P0250VID;Creative PC-CAM 550 (Video);c:\windows\system32\DRIVERS\p0250v2k.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-09-08 237056]
S2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2010-09-08 1034752]
S2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2010-09-08 484352]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - UGLORPOB
*Deregistered* - uglorpob
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'
.
2011-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-14 14:27]
.
2011-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-14 14:27]
.
2011-08-04 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 09:42]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=da051ad700000000000000241dd39c6a&tlver=1.4.19.19&affID=17160
uSearchMigratedDefaultURL = hxxp://www.durable.com/result?cx=partner-pub-7902900401080901%3Azbljezwsgul&cof=FORID%3A10&ie=UTF-8&q={searchTerms}
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
FF - ProfilePath -
.
- - - - ORPHELINS SUPPRIMES - - - -
.
MSConfigStartUp-PATHPILOT - c:\program files\Kat MP3 Recorder\Kat MP3 Recorder.exe
AddRemove-Aptana Studio 2.0 - c:\program files\uninstall.exe
AddRemove-installer - c:\program files\Installer\un_installer_21627.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2452613740-2217742116-3615030344-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4B3F1D04-A647-D4D0-CD0C-A1EF2BF3D23B}*]
"haeifkkplhjkhccd"=hex:6b,61,61,66,65,63,69,66,6c,64,66,65,6d,68,6c,69,69,61,
6f,62,63,63,00,01
"iakhfoogbfooggibkn"=hex:6b,61,70,65,68,63,61,67,6b,69,62,6b,6a,6f,65,62,62,6d,
70,65,65,6c,00,00
"haoohkeoaiijflfa"=hex:62,62,6d,6a,6c,66,62,63,70,6c,6e,6d,6e,64,67,66,6b,62,
6b,67,6d,62,61,6d,61,64,64,65,6b,6f,70,6b,6c,67,62,6e,00,00
"haoohkeofjjhjmjl"=hex:70,62,6c,65,6f,70,6b,67,62,6b,70,65,6d,61,63,6e,6c,64,
68,69,70,69,6c,69,63,63,64,65,6a,6f,6f,62,6d,70,6e,6b,6f,6e,6b,65,68,6e,70,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-08-04 17:12:42
ComboFix-quarantined-files.txt 2011-08-04 15:12
.
Avant-CF: 136 994 332 672 octets libres
Après-CF: 137 394 634 752 octets libres
.
- - End Of File - - 5490FF180B87168BDA78EC6EA6598949

Bonjour,

https://forum.pcastuces.com/aide_au_diagnostic_un_pc_infecte_pcastuces-f25s17490.htm

bonjour

1/

Télécharge Ad-remover :

http://www.teamxscript.org/adremoverTelechargement.html

VISTA : installation et lancement par Clic droit et "Exécuter en tant qu'administrateur"

• Installe Ad-remover ,
• Lance Ad-remover à partir de l’icône sur le bureau,
• Au menu principal choisis scanner,
poste le rapport obtenu ( C:\Ad-report.log ).


AD-REMOVER : Étape 2
• Relancez "Ad-remover",
• Sélectionner >> nettoyer
► Affichez le rapport généré (C:\Ad-report-date.log )

/!\ Si le Bureau ne réapparait pas pressez <Ctrl> <Alt> <Suppr>,
/!\ Onglet "Fichier" --> "Nouvelle tâche" ,
/!\ Entrez explorer.exe et validez

► Réactiver votre antivirus.

2/

suis ces consignes et poste les rapports demandés

aide au diagnostic PC infecté

Fichier joint : Ad-Report-SCAN[1].txt

Fichier joint : Ad-Report.txt

suis ces consignes et poste les rapports demandés

aide au diagnostic PC infecté