> Tous les forums > Forum Sécurité
 suppression virus rootkit impossibleSujet résolu
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
No action taken
  Posté le 25/08/2010 @ 05:51 
Aller en bas de la page 
Nouvel astucien

Bonjour

J'ai chopé il y a de cela plusieurs jours une floppé de virus et autres.

J'ai essayé 36 solutions avec la meilleure volonté du monde, mais hélas, impossible de supprimer quoi que se soit.... (je suis plutôt novice dans le domaine)

Alors niveau config j'ai windows 7 ,avira en antivirus, malwarebytes, ccleaner, vundofix et rsit en complément.

Si une âme charitable pouvait jeter un coup d'oeil ou/et me dire la marche a suivre je lui en saurais vraiment gré.

Merci d'avance.

Donc voici le rapport de mbam:

Malwarebytes' Anti-Malware 1.46
Version de la base de données: 4473
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
25/08/2010 04:35:24
mbam-log-2010-08-25 (04-35-24).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 209218
Temps écoulé: 29 minute(s), 42 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Users\Yoann\AppData\Roaming\9DEBA093379629E433D339D32B884676\newsecureapp70700.exe (Malware.Packer.Gen) -> No action taken.
C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}\components\gpff.dll (Adware.Agent) -> No action taken.
C:\Windows\System32\drivers\vbslka.sys (Rootkit.Bubnix) -> No action taken.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Version de la base de données: 4473

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

25/08/2010 04:35:24

mbam-log-2010-08-25 (04-35-24).txt

Type d'examen: Examen complet (C:\|)

Elément(s) analysé(s): 209218

Temps écoulé: 29 minute(s), 42 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 3

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

C:\Users\Yoann\AppData\Roaming\9DEBA093379629E433D339D32B884676\newsecureapp70700.exe (Malware.Packer.Gen) -> No action taken.

C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}\components\gpff.dll (Adware.Agent) -> No action taken.

C:\Windows\System32\drivers\vbslka.sys (Rootkit.Bubnix) -> No action taken.

Publicité
No action taken
 Posté le 25/08/2010 à 05:52 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Et ici le rapport de rsit:

Logfile of random's system information tool 1.08 (written by random/random)

Run by Yoann at 2010-08-25 05:31:22

Microsoft Windows 7 Professionnel Service Pack 2

System drive C: has 15 GB (18%) free of 82 GB

Total RAM: 3327 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 05:31:23, on 25/08/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\wuauclt.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\Desktop\RSIT.exe

C:\Program Files\trend micro\Yoann.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6522

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm

O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm

O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--

End of file - 19832 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2577767139-3837605839-1481408203-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2577767139-3837605839-1481408203-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]

FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-08 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]

"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

C:\Users\Yoann\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-06 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]

C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]

C:\Windows\vVX3000.exe [2010-05-20 762736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

2010-08-25 04:53:12 ----D---- C:\rsit

2010-08-24 19:16:19 ----A---- C:\VundoFix.txt

2010-08-24 19:10:42 ----A---- C:\ComboFix.txt

2010-08-24 19:10:01 ----SHD---- C:\$RECYCLE.BIN

2010-08-24 19:03:49 ----A---- C:\Windows\SWXCACLS.exe

2010-08-24 17:53:32 ----A---- C:\Windows\zip.exe

2010-08-24 17:53:32 ----A---- C:\Windows\SWSC.exe

2010-08-24 17:53:32 ----A---- C:\Windows\SWREG.exe

2010-08-24 17:53:32 ----A---- C:\Windows\sed.exe

2010-08-24 17:53:32 ----A---- C:\Windows\PEV.exe

2010-08-24 17:53:32 ----A---- C:\Windows\NIRCMD.exe

2010-08-24 17:53:32 ----A---- C:\Windows\MBR.exe

2010-08-24 17:53:32 ----A---- C:\Windows\grep.exe

2010-08-24 17:53:25 ----D---- C:\Windows\ERDNT

2010-08-24 17:49:27 ----D---- C:\Qoobox

2010-08-24 17:47:16 ----D---- C:\Program Files\trend micro

2010-08-24 07:43:33 ----A---- C:\Windows\ntbtlog.txt

2010-08-23 22:37:17 ----D---- C:\VundoFix Backups

2010-08-23 22:20:29 ----D---- C:\ProgramData\Spybot - Search & Destroy

2010-08-23 22:20:29 ----D---- C:\Program Files\Spybot - Search & Destroy

2010-08-23 22:02:08 ----D---- C:\Windows\Minidump

2010-08-23 21:23:51 ----HDC---- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}

2010-08-23 21:22:56 ----D---- C:\ProgramData\Lavasoft

2010-08-23 21:22:56 ----D---- C:\Program Files\Lavasoft

2010-08-22 08:53:36 ----D---- C:\Users\Yoann\AppData\Roaming\TeamViewer

2010-08-22 08:53:26 ----D---- C:\Program Files\TeamViewer

2010-08-20 04:35:55 ----A---- C:\Windows\system32\drivers\vbslka.sys

2010-08-20 04:35:20 ----D---- C:\Users\Yoann\AppData\Roaming\9DEBA093379629E433D339D32B884676

2010-08-20 03:43:48 ----D---- C:\Users\Yoann\AppData\Roaming\Mozilla

2010-08-20 03:43:40 ----D---- C:\Program Files\Mozilla Firefox

2010-08-19 03:00:36 ----D---- C:\Program Files\MSXML 4.0

2010-08-17 23:54:10 ----D---- C:\Program Files\Microsoft Games

2010-08-12 20:21:19 ----A---- C:\Windows\system32\drivers\tcpip.sys

2010-08-12 20:21:04 ----A---- C:\Windows\system32\ir32_32.dll

2010-08-12 20:21:04 ----A---- C:\Windows\system32\iccvid.dll

2010-08-12 20:21:02 ----A---- C:\Windows\system32\rtutils.dll

2010-08-12 20:21:00 ----A---- C:\Windows\system32\msxml3.dll

2010-08-12 20:20:59 ----A---- C:\Windows\system32\drivers\srvnet.sys

2010-08-12 20:20:59 ----A---- C:\Windows\system32\drivers\srv2.sys

2010-08-12 20:20:59 ----A---- C:\Windows\system32\drivers\srv.sys

2010-08-12 20:20:56 ----A---- C:\Windows\system32\ntoskrnl.exe

2010-08-12 20:20:56 ----A---- C:\Windows\system32\ntkrnlpa.exe

2010-08-12 20:20:53 ----A---- C:\Windows\system32\wininet.dll

2010-08-12 20:20:53 ----A---- C:\Windows\system32\urlmon.dll

2010-08-12 20:20:53 ----A---- C:\Windows\system32\mshtml.dll

2010-08-12 20:20:53 ----A---- C:\Windows\system32\ieframe.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\mstime.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\msfeedssync.exe

2010-08-12 20:20:52 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\jsproxy.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\ieui.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\iepeers.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\iedkcs32.dll

2010-08-12 20:20:43 ----A---- C:\Windows\system32\schannel.dll

2010-08-12 20:20:42 ----A---- C:\Windows\system32\win32k.sys

2010-08-11 04:38:36 ----D---- C:\Program Files\uTorrent

2010-08-11 04:38:07 ----D---- C:\Users\Yoann\AppData\Roaming\uTorrent

2010-08-06 06:07:56 ----D---- C:\Program Files\StarCraft II bêta

2010-08-06 06:07:35 ----D---- C:\ProgramData\Blizzard

2010-08-05 03:05:24 ----D---- C:\ProgramData\Blizzard Entertainment

2010-08-05 03:05:23 ----D---- C:\Program Files\StarCraft II

2010-08-05 03:05:23 ----D---- C:\Program Files\Common Files\Blizzard Entertainment

2010-08-05 02:59:47 ----A---- C:\Windows\system32\drivers\sptd.sys

2010-08-05 02:59:34 ----D---- C:\Program Files\DAEMON Tools Lite

2010-08-05 02:59:10 ----D---- C:\Users\Yoann\AppData\Roaming\DAEMON Tools Lite

2010-08-05 02:59:02 ----D---- C:\ProgramData\DAEMON Tools Lite

2010-08-05 00:10:46 ----D---- C:\Downloads

2010-08-05 00:09:49 ----D---- C:\Users\Yoann\AppData\Roaming\Free Download Manager

2010-08-05 00:09:47 ----D---- C:\ProgramData\FreeDownloadManager.ORG

2010-08-05 00:09:47 ----D---- C:\Program Files\Free Download Manager

2010-08-04 23:23:35 ----D---- C:\Windows\system32\appmgmt

2010-08-03 09:09:48 ----A---- C:\Windows\system32\shell32.dll

2010-07-27 17:59:16 ----DC---- C:\Windows\system32\DRVSTORE

2010-07-27 17:59:16 ----A---- C:\Windows\system32\GEARAspi.dll

2010-07-27 17:59:16 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys

2010-07-27 17:59:04 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-07-27 17:59:04 ----D---- C:\Program Files\iTunes

2010-07-27 17:59:04 ----D---- C:\Program Files\iPod

2010-07-27 17:51:45 ----D---- C:\ProgramData\Apple Computer

2010-07-27 17:51:45 ----D---- C:\Program Files\QuickTime

2010-07-27 17:51:16 ----D---- C:\Program Files\Apple Software Update

2010-07-27 17:50:56 ----D---- C:\Program Files\Bonjour

2010-07-24 02:10:43 ----D---- C:\Program Files\Full Tilt Poker

2010-07-12 22:38:08 ----A---- C:\Windows\system32\kernel32.dll

2010-07-12 22:38:07 ----A---- C:\Windows\system32\apphelp.dll

2010-07-06 22:41:53 ----D---- C:\Heroes of Might and Magic 3_The Shadow of Death

2010-07-05 22:52:24 ----D---- C:\Users\Yoann\AppData\Roaming\Apple Computer

2010-07-05 20:40:21 ----D---- C:\Program Files\Common Files\Apple

2010-07-05 20:40:13 ----D---- C:\ProgramData\Apple

2010-07-01 16:39:18 ----D---- C:\ProgramData\Adobe

2010-07-01 16:39:16 ----D---- C:\Program Files\Common Files\Adobe

2010-07-01 16:39:16 ----D---- C:\Program Files\Adobe

2010-06-30 16:50:31 ----D---- C:\Users\Yoann\AppData\Roaming\Malwarebytes

2010-06-30 16:50:24 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys

2010-06-30 16:50:22 ----D---- C:\ProgramData\Malwarebytes

2010-06-30 16:50:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-06-30 16:50:22 ----A---- C:\Windows\system32\drivers\mbam.sys

2010-06-30 16:39:57 ----D---- C:\Program Files\CCleaner

2010-06-26 02:52:44 ----D---- C:\Program Files\Microsoft.NET

2010-06-24 03:00:43 ----A---- C:\Windows\system32\PresentationHostProxy.dll

2010-06-24 03:00:43 ----A---- C:\Windows\system32\PresentationHost.exe

2010-06-24 03:00:43 ----A---- C:\Windows\system32\netfxperf.dll

2010-06-24 03:00:43 ----A---- C:\Windows\system32\mscoree.dll

2010-06-24 03:00:43 ----A---- C:\Windows\system32\dfshim.dll

2010-06-23 23:29:03 ----A---- C:\Windows\system32\ntdll.dll

2010-06-23 23:29:02 ----A---- C:\Windows\system32\msdri.dll

2010-06-23 23:29:02 ----A---- C:\Windows\system32\CPFilters.dll

2010-06-16 05:03:52 ----A---- C:\Windows\system32\BnetLog.txt

2010-06-16 04:58:12 ----D---- C:\Users\Yoann\AppData\Roaming\WinRAR

2010-06-16 04:57:23 ----D---- C:\Program Files\WinRAR

2010-06-12 23:29:46 ----D---- C:\Users\Yoann\AppData\Roaming\dvdcss

2010-06-12 07:45:10 ----D---- C:\ProgramData\Symantec

2010-06-12 07:45:10 ----D---- C:\ProgramData\Norton

2010-06-12 07:45:09 ----D---- C:\ProgramData\NortonInstaller

2010-06-12 04:46:13 ----D---- C:\Program Files\Common Files\DivX Shared

2010-06-12 04:45:53 ----D---- C:\Program Files\DivX

2010-06-12 04:44:56 ----D---- C:\ProgramData\DivX

2010-06-11 03:31:18 ----D---- C:\Windows\system32\Wat

2010-06-10 15:15:34 ----A---- C:\Windows\system32\asycfilt.dll

2010-06-10 15:15:13 ----A---- C:\Windows\system32\atmlib.dll

2010-06-10 15:15:13 ----A---- C:\Windows\system32\atmfd.dll

2010-06-08 03:09:40 ----D---- C:\Users\Yoann\AppData\Roaming\OpenOffice.org

2010-06-08 03:08:06 ----D---- C:\Program Files\JRE

2010-06-08 03:08:00 ----D---- C:\Program Files\OpenOffice.org 3

2010-06-08 03:07:37 ----D---- C:\ProgramData\Sun

2010-06-08 03:07:36 ----D---- C:\Program Files\Common Files\Java

2010-06-08 03:07:28 ----A---- C:\Windows\system32\javaws.exe

2010-06-08 03:07:28 ----A---- C:\Windows\system32\javaw.exe

2010-06-08 03:07:28 ----A---- C:\Windows\system32\java.exe

2010-06-08 03:07:16 ----D---- C:\Program Files\Java

2010-06-08 03:03:41 ----A---- C:\Windows\system32\msv1_0.dll

2010-06-08 03:01:04 ----A---- C:\Windows\system32\browserchoice.exe

2010-06-07 23:23:23 ----D---- C:\Program Files\Common Files\InstallShield

2010-06-07 21:37:28 ----D---- C:\Program Files\GameSpy Arcade

2010-06-07 16:27:35 ----D---- C:\ProgramData\NVIDIA

2010-06-07 16:27:14 ----D---- C:\Program Files\NVIDIA Corporation

2010-06-07 16:26:40 ----A---- C:\Windows\system32\OpenCL.dll

2010-06-07 16:26:40 ----A---- C:\Windows\system32\nvoglv32.dll

2010-06-07 16:26:40 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys

2010-06-07 16:26:40 ----A---- C:\Windows\system32\dpinst.exe

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcuvid.dll

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcuvenc.dll

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcuda.dll

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcompiler.dll

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcod1914.dll

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcod.dll

2010-06-07 16:26:37 ----A---- C:\Windows\system32\nvapi.dll

2010-06-07 16:26:34 ----D---- C:\NVIDIA

2010-06-07 16:18:44 ----HD---- C:\Program Files\InstallShield Installation Information

2010-06-07 16:18:44 ----D---- C:\Program Files\Black Isle

2010-06-07 15:44:22 ----A---- C:\Windows\system32\drivers\fvevol.sys

2010-06-07 15:44:18 ----A---- C:\Windows\system32\winlogon.exe

2010-06-07 15:44:18 ----A---- C:\Windows\explorer.exe

2010-06-07 15:44:16 ----A---- C:\Windows\system32\msasn1.dll

2010-06-07 15:44:14 ----A---- C:\Windows\system32\lsasrv.dll

2010-06-07 15:44:14 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2010-06-07 15:44:12 ----A---- C:\Windows\system32\inetcomm.dll

2010-06-07 15:44:11 ----A---- C:\Windows\system32\wmp.dll

2010-06-07 15:44:10 ----A---- C:\Windows\system32\wmploc.DLL

2010-06-07 15:44:10 ----A---- C:\Windows\system32\winresume.exe

2010-06-07 15:44:10 ----A---- C:\Windows\system32\winload.exe

2010-06-07 15:44:10 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2010-06-07 15:44:10 ----A---- C:\Windows\system32\CertEnroll.dll

2010-06-07 15:44:07 ----A---- C:\Windows\system32\jscript.dll

2010-06-07 15:44:05 ----A---- C:\Windows\system32\t2embed.dll

2010-06-07 15:44:05 ----A---- C:\Windows\system32\fontsub.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\tsbyuv.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\quartz.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\msyuv.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\msvidc32.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\msrle32.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\mciavi32.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\iyuv_32.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\avifil32.dll

2010-06-07 15:44:00 ----A---- C:\Windows\system32\psisdecd.dll

2010-06-07 15:43:58 ----A---- C:\Windows\system32\vbscript.dll

2010-06-07 15:43:57 ----A---- C:\Windows\system32\secproc_ssp_isv.dll

2010-06-07 15:43:57 ----A---- C:\Windows\system32\secproc_ssp.dll

2010-06-07 15:43:57 ----A---- C:\Windows\system32\secproc_isv.dll

2010-06-07 15:43:57 ----A---- C:\Windows\system32\secproc.dll

2010-06-07 15:43:57 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe

2010-06-07 15:43:57 ----A---- C:\Windows\system32\RMActivate_ssp.exe

2010-06-07 15:43:57 ----A---- C:\Windows\system32\RMActivate_isv.exe

2010-06-07 15:43:57 ----A---- C:\Windows\system32\RMActivate.exe

2010-06-07 15:43:55 ----A---- C:\Windows\system32\tzres.dll

2010-06-07 15:43:41 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys

2010-06-07 15:43:41 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys

2010-06-07 15:43:41 ----A---- C:\Windows\system32\drivers\mrxsmb.sys

2010-06-06 21:42:29 ----D---- C:\Program Files\Common Files\Steam

2010-06-06 21:42:28 ----D---- C:\Program Files\Steam

2010-06-06 20:38:22 ----D---- C:\Program Files\Google

2010-06-06 20:35:52 ----D---- C:\Users\Yoann\AppData\Roaming\Macromedia

2010-06-06 20:35:52 ----D---- C:\Users\Yoann\AppData\Roaming\Adobe

2010-06-06 20:33:24 ----D---- C:\Windows\system32\Macromed

2010-06-06 20:26:52 ----D---- C:\Users\Yoann\AppData\Roaming\vlc

2010-06-06 20:26:10 ----D---- C:\Program Files\VideoLAN

2010-06-06 19:00:31 ----D---- C:\Program Files\Microsoft

2010-06-06 19:00:11 ----D---- C:\Program Files\Windows Live SkyDrive

2010-06-06 18:59:53 ----D---- C:\Program Files\Windows Live

2010-06-06 18:59:34 ----D---- C:\Windows\PCHEALTH

2010-06-06 18:56:57 ----D---- C:\Program Files\Common Files\Windows Live

2010-06-06 18:53:33 ----D---- C:\ProgramData\Avira

2010-06-06 18:53:33 ----D---- C:\Program Files\Avira

2010-06-06 18:53:33 ----A---- C:\Windows\system32\drivers\ssmdrv.sys

2010-06-06 18:53:33 ----A---- C:\Windows\system32\drivers\avipbb.sys

2010-06-06 18:53:33 ----A---- C:\Windows\system32\drivers\avgntflt.sys

2010-06-06 18:44:19 ----A---- C:\Windows\system32\deploytk.dll

2010-06-06 18:43:19 ----D---- C:\Program Files\PS3 Media Server

2010-06-06 18:37:36 ----D---- C:\Windows\Panther

2010-06-06 18:30:32 ----D---- C:\Program Files\Microsoft LifeCam

2010-06-06 18:30:28 ----A---- C:\Windows\system32\D3DX9_42.dll

2010-06-06 18:30:28 ----A---- C:\Windows\system32\D3DCompiler_42.dll

2010-06-06 18:29:44 ----SHD---- C:\Windows\Installer

2010-06-06 18:27:22 ----A---- C:\Windows\VX3000.ini

2010-06-06 18:27:22 ----A---- C:\Windows\system32\LCCoin14.dll

2010-06-06 18:07:59 ----N---- C:\Windows\system32\MpSigStub.exe

2010-06-06 18:06:09 ----A---- C:\Windows\system32\wintrust.dll

2010-06-06 18:06:06 ----A---- C:\Windows\system32\cabview.dll

2010-06-06 17:50:11 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-06-06 17:48:00 ----D---- C:\Users\Yoann\AppData\Roaming\Identities

2010-06-06 17:47:50 ----SD---- C:\Users\Yoann\AppData\Roaming\Microsoft

2010-06-06 17:47:50 ----D---- C:\Users\Yoann\AppData\Roaming\Media Center Programs

2010-06-06 17:47:43 ----SHD---- C:\ProgramData\Modèles

2010-06-06 17:47:43 ----SHD---- C:\ProgramData\Menu Démarrer

2010-06-06 17:47:43 ----SHD---- C:\ProgramData\Favoris

2010-06-06 17:47:43 ----SHD---- C:\ProgramData\Bureau

2010-06-06 17:47:43 ----SHD---- C:\Program Files\Fichiers communs

2010-06-06 17:47:43 ----D---- C:\Recovery

2010-06-06 17:41:33 ----D---- C:\Windows\SoftwareDistribution

2010-06-06 17:38:58 ----D---- C:\Windows\Prefetch

2010-06-06 17:38:42 ----ASH---- C:\pagefile.sys

2010-06-06 17:38:40 ----SHD---- C:\System Volume Information

2010-06-06 17:38:40 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 3 months======

2010-08-25 05:31:22 ----D---- C:\Windows\Temp

2010-08-25 04:50:49 ----D---- C:\Windows\system32\drivers

2010-08-25 04:50:49 ----D---- C:\Windows\ShellNew

2010-08-25 04:49:54 ----D---- C:\Windows\system32\config

2010-08-25 04:45:51 ----RSD---- C:\Windows\Fonts

2010-08-25 04:43:56 ----D---- C:\Windows\System32

2010-08-25 04:43:56 ----D---- C:\Windows\inf

2010-08-24 19:08:42 ----D---- C:\Windows

2010-08-24 19:08:42 ----A---- C:\Windows\system.ini

2010-08-24 19:06:30 ----D---- C:\Windows\AppPatch

2010-08-24 19:06:29 ----D---- C:\Program Files\Common Files

2010-08-24 18:00:34 ----D---- C:\Windows\system32\drivers\etc

2010-08-24 17:47:16 ----RD---- C:\Program Files

2010-08-24 17:31:03 ----D---- C:\Windows\system32\catroot2

2010-08-24 17:13:21 ----SD---- C:\ProgramData\Microsoft

2010-08-23 22:58:31 ----D---- C:\Windows\Tasks

2010-08-23 22:58:31 ----D---- C:\Windows\system32\wfp

2010-08-23 22:58:31 ----D---- C:\Windows\system32\DriverStore

2010-08-23 22:58:30 ----D---- C:\Windows\system32\wbem

2010-08-23 22:58:30 ----D---- C:\Windows\system32\NDF

2010-08-23 22:58:29 ----D---- C:\Windows\AppCompat

2010-08-23 22:58:25 ----D---- C:\Windows\registration

2010-08-23 22:58:24 ----D---- C:\Windows\winsxs

2010-08-23 22:58:22 ----D---- C:\Windows\system32\Tasks

2010-08-23 22:58:21 ----D---- C:\Windows\system32\catroot

2010-08-23 22:20:29 ----D---- C:\ProgramData

2010-08-22 10:20:17 ----D---- C:\Windows\system32\LogFiles

2010-08-20 04:36:06 ----D---- C:\Windows\system32\sysprep

2010-08-13 07:14:26 ----D---- C:\Windows\Microsoft.NET

2010-08-13 07:14:05 ----RSD---- C:\Windows\assembly

2010-08-13 03:16:14 ----D---- C:\Windows\system32\migration

2010-08-13 03:16:14 ----D---- C:\Program Files\Internet Explorer

2010-06-30 17:34:06 ----D---- C:\Windows\security

2010-06-30 16:42:01 ----D---- C:\Windows\debug

2010-06-30 05:29:07 ----D---- C:\Windows\system32\wdi

2010-06-26 02:54:22 ----D---- C:\Windows\system32\fr-FR

2010-06-26 02:52:45 ----D---- C:\Windows\system32\en-US

2010-06-24 03:00:36 ----D---- C:\Windows\ehome

2010-06-17 18:32:05 ----D---- C:\Windows\system32\drivers\UMDF

2010-06-08 18:27:14 ----D---- C:\Windows\rescache

2010-06-08 06:49:55 ----D---- C:\Windows\system32\Boot

2010-06-08 06:49:55 ----D---- C:\Program Files\Windows Media Player

2010-06-08 06:49:55 ----D---- C:\Program Files\Windows Mail

2010-06-07 16:27:29 ----D---- C:\Windows\Help

2010-06-07 01:53:02 ----D---- C:\Windows\Logs

2010-06-06 19:00:16 ----D---- C:\Program Files\Common Files\microsoft shared

2010-06-06 18:27:23 ----D---- C:\Windows\twain_32

2010-06-06 18:06:10 ----D---- C:\Windows\system32\restore

2010-06-06 17:53:13 ----D---- C:\Windows\system32\CodeIntegrity

2010-06-06 17:47:50 ----RD---- C:\Users

2010-06-06 17:47:43 ----D---- C:\Program Files\Windows NT

2010-06-06 17:39:24 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdxata;amdxata; C:\Windows\system32\DRIVERS\amdxata.sys [2009-07-14 23616]

R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2009-07-14 369568]

R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2009-09-26 194488]

R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2009-07-14 13904]

R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2009-12-11 133720]

R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2009-07-14 43088]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]

R0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2009-07-14 40896]

R0 vdrvroot;Pilote d’énumérateur de lecteur virtuel Microsoft; C:\Windows\system32\DRIVERS\vdrvroot.sys [2009-07-14 32832]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]

R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-06 28520]

R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-06-06 56816]

R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]

R3 CompositeBus;Pilote de l’énumérateur de bus composite; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]

R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]

R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-04-04 11573800]

R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]

R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]

R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-07-14 80640]

R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys [2010-05-20 1961328]

R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]

R3 yukonw7;Pilote Miniport NDIS6.2 pour contrôleur Ethernet Marvell Yukon; C:\Windows\system32\DRIVERS\yk62x86.sys [2009-07-14 311296]

S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]

S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]

S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]

S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]

S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]

S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-14 430080]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

S3 catchme;catchme; \??\C:\Users\Yoann\AppData\Local\Temp\catchme.sys []

S3 drmkaud;Pilotes audio approuvés par Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2009-07-14 5120]

S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-14 3100160]

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]

S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]

S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-14 26624]

S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]

S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]

S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]

S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]

S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-14 8320]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-14 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2009-07-14 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]

S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]

S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]

S3 RimUsb;Téléphone intelligent BlackBerry ; C:\Windows\System32\Drivers\RimUsb.sys [2007-05-14 22656]

S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]

S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]

S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]

S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]

S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]

S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]

S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]

S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]

S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-05 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-06-06 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-06-06 185089]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]

R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]

R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06 136176]

S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]

S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-07-22 407336]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-11 1343400]

S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

pear
 Posté le 25/08/2010 à 13:26 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Bonjour,

Téléchargez Hijackthis de TrendMicro.
* Décompressez le dans un dossier à la racine du disque dur(généralement C:\)
* Lancer le fichier Hijackthis.exe
image
* Cliquer sur Do a system scan and save a log file
Cochez:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6522

Cliquez sur fix checked.

Les infections Koobface installent un proxy , empêchant une connexion normale
Désactivez le proxy ajouté par l'infection
pour cela :
Sous Firefox
Menu Editions / Préférences puis onglet Avancés.
Cliquez sur Réseau et Paramètres.
Choisissez "Ne pas mettre de Proxy".
Sous Internet Explorer
menu Outils ->Options Internet.
Onglet Connexions puis en bas,désactiver le proxy.
Redémarrez l'ordinateur
Sous Vista,
la désactivation du proxy dans IE ne suffit pas à rétablir les mises à jour.

Pour rétablir Windows Update, il faut lancer la commande suivante (avec les droits administrateur):
Démarrer->Exécuter
netsh winhttp reset proxy

Télécharger The Avenger par Swandog46 sur le Bureau.

Cliquez Enregistrer
Cliquer sur Bureau
Fermer la fenêtre:
Dézipper:par clic droit->Extraire ici:
Fermez toutes les fenêtres et toutes les applications en cours,
puis double-cliquez sur l'icône placée sur votre bureau(L'Epée):

Vérifiez que la case "Scan for rootkits" est bien décochée.( Elle est cochée par défaut).
image

***Copier tout le texte ci-dessous : mettre en surbrillance et appuyer sur les touches(Ctrl+C):
Begin copying here:
drivers:
vbslka
Drivers to disable:
vbslka
drivers to delete:
vbslka
Files to Delete:
C:\Windows\System32\drivers\vbslka.sys
C:\Users\Yoann\AppData\Roaming\9DEBA093379629E433D339D32B884676\newsecureapp70700.exe
C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}\components\gpff.dll
Registry values to delete:
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = | http=127.0.0.1:6522

Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur.
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.

Dans cette fenêtre "Input Script here" , coller le texte précédemment copié sur le bureau par les touches (Ctrl+V).
CliquerExecute

le système va redémarrer. (Si le script contient un/des "Drivers to Unload", The Avenger redémarrera une seconde fois.)
Pendant le re-démarrage, une fenêtre de commande de windows noire apparaitra brièvement sur votre bureau, c'est NORMAL.
Après le redémarrage, un fichier log s'ouvrira que vous retrouverez ici : C:\avenger.txt
Tout ce que vous aurez demandé de supprimer sera sauvegardé , compacté(zipped) et l'archive zip tranférée ici : C:\avenger\backup.zip.



Nettoyage
Relancez Mbam
Sélectionnez "Exécuter un examen complet"
Cliquez sur "Rechercher"
L' analyse prendra un certain temps, soyez patient !
A la fin , un message affichera :
L'examen s'est terminé normalement.
Sélectionnez tout et cliquez sur Supprimer la sélection ,
MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.
Copiez-collez ce rapport dans la prochaine réponse.



Modifié par pear le 25/08/2010 13:42
No action taken
 Posté le 25/08/2010 à 18:49 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Alors tout d'abord merci de me venir en aide.

Le log de mbam:

Malwarebytes' Anti-Malware 1.46
Version de la base de données: 4473
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
25/08/2010 17:51:09
mbam-log-2010-08-25 (17-51-09).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 210181
Temps écoulé: 28 minute(s), 47 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Version de la base de données: 4473

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

25/08/2010 17:51:09

mbam-log-2010-08-25 (17-51-09).txt

Type d'examen: Examen complet (C:\|D:\|)

Elément(s) analysé(s): 210181

Temps écoulé: 28 minute(s), 47 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

le log de avenger:
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows NT 6.1 (build 7600)
Wed Aug 25 17:17:16 2010
17:17:02: Error: Invalid registry syntax in command:
"HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =|http=127.0.0.1:6522"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry value deletion mode)
//////////////////////////////////////////
Logfile of The Avenger Version 2.0, (c) by Swandog46
Platform: Windows Vista
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Driver "vbslka" disabled successfully.
Driver "vbslka" deleted successfully.
File "C:\Windows\System32\drivers\vbslka.sys" deleted successfully.
Error: file "C:\Users\Yoann\AppData\Roaming\9DEBA093379629E433D339D32B884676\newsecureapp70700.exe" not found!
Deletion of file "C:\Users\Yoann\AppData\Roaming\9DEBA093379629E433D339D32B884676\newsecureapp70700.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Error: file "C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}\components\gpff.dll" not found!
Deletion of file "C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}\components\gpff.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Completed script processing.
*******************
Finished! Terminate.

pear
 Posté le 25/08/2010 à 19:28 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Postez un nouveau log.file de Rsit, svp.

No action taken
 Posté le 25/08/2010 à 19:50 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

voici le log de rsit:

Logfile of random's system information tool 1.08 (written by random/random)

Run by Yoann at 2010-08-25 19:40:01

Microsoft Windows 7 Professionnel Service Pack 2

System drive C: has 14 GB (17%) free of 82 GB

Total RAM: 3327 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:40:10, on 25/08/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Yoann\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

C:\Users\Yoann\Downloads\Ad-AwareInstall.exe

C:\Users\Yoann\AppData\Local\Temp\mia5B79.tmp\Ad-AwareInstall.exe

C:\Users\Yoann\Desktop\RSIT.exe

C:\Program Files\trend micro\Yoann.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm

O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm

O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--

End of file - 19697 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2577767139-3837605839-1481408203-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2577767139-3837605839-1481408203-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]

FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-08 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]

"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

C:\Users\Yoann\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-06 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]

C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]

C:\Windows\vVX3000.exe [2010-05-20 762736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

2010-08-25 17:19:07 ----D---- C:\Avenger

2010-08-25 17:17:16 ----A---- C:\avenger.txt

2010-08-25 04:53:12 ----D---- C:\rsit

2010-08-24 19:16:19 ----A---- C:\VundoFix.txt

2010-08-24 19:10:42 ----A---- C:\ComboFix.txt

2010-08-24 19:10:01 ----SHD---- C:\$RECYCLE.BIN

2010-08-24 19:03:49 ----A---- C:\Windows\SWXCACLS.exe

2010-08-24 17:53:32 ----A---- C:\Windows\zip.exe

2010-08-24 17:53:32 ----A---- C:\Windows\SWSC.exe

2010-08-24 17:53:32 ----A---- C:\Windows\SWREG.exe

2010-08-24 17:53:32 ----A---- C:\Windows\sed.exe

2010-08-24 17:53:32 ----A---- C:\Windows\PEV.exe

2010-08-24 17:53:32 ----A---- C:\Windows\NIRCMD.exe

2010-08-24 17:53:32 ----A---- C:\Windows\MBR.exe

2010-08-24 17:53:32 ----A---- C:\Windows\grep.exe

2010-08-24 17:53:25 ----D---- C:\Windows\ERDNT

2010-08-24 17:49:27 ----D---- C:\Qoobox

2010-08-24 17:47:16 ----D---- C:\Program Files\trend micro

2010-08-24 07:43:33 ----A---- C:\Windows\ntbtlog.txt

2010-08-23 22:37:17 ----D---- C:\VundoFix Backups

2010-08-23 22:20:29 ----D---- C:\ProgramData\Spybot - Search & Destroy

2010-08-23 22:20:29 ----D---- C:\Program Files\Spybot - Search & Destroy

2010-08-23 22:02:08 ----D---- C:\Windows\Minidump

2010-08-23 21:23:51 ----HDC---- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}

2010-08-23 21:22:56 ----D---- C:\ProgramData\Lavasoft

2010-08-23 21:22:56 ----D---- C:\Program Files\Lavasoft

2010-08-22 08:53:36 ----D---- C:\Users\Yoann\AppData\Roaming\TeamViewer

2010-08-22 08:53:26 ----D---- C:\Program Files\TeamViewer

2010-08-20 04:35:20 ----D---- C:\Users\Yoann\AppData\Roaming\9DEBA093379629E433D339D32B884676

2010-08-20 03:43:48 ----D---- C:\Users\Yoann\AppData\Roaming\Mozilla

2010-08-19 03:00:36 ----D---- C:\Program Files\MSXML 4.0

2010-08-17 23:54:10 ----D---- C:\Program Files\Microsoft Games

2010-08-12 20:21:19 ----A---- C:\Windows\system32\drivers\tcpip.sys

2010-08-12 20:21:04 ----A---- C:\Windows\system32\ir32_32.dll

2010-08-12 20:21:04 ----A---- C:\Windows\system32\iccvid.dll

2010-08-12 20:21:02 ----A---- C:\Windows\system32\rtutils.dll

2010-08-12 20:21:00 ----A---- C:\Windows\system32\msxml3.dll

2010-08-12 20:20:59 ----A---- C:\Windows\system32\drivers\srvnet.sys

2010-08-12 20:20:59 ----A---- C:\Windows\system32\drivers\srv2.sys

2010-08-12 20:20:59 ----A---- C:\Windows\system32\drivers\srv.sys

2010-08-12 20:20:56 ----A---- C:\Windows\system32\ntoskrnl.exe

2010-08-12 20:20:56 ----A---- C:\Windows\system32\ntkrnlpa.exe

2010-08-12 20:20:53 ----A---- C:\Windows\system32\wininet.dll

2010-08-12 20:20:53 ----A---- C:\Windows\system32\urlmon.dll

2010-08-12 20:20:53 ----A---- C:\Windows\system32\mshtml.dll

2010-08-12 20:20:53 ----A---- C:\Windows\system32\ieframe.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\mstime.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\msfeedssync.exe

2010-08-12 20:20:52 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\jsproxy.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\ieui.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\iepeers.dll

2010-08-12 20:20:52 ----A---- C:\Windows\system32\iedkcs32.dll

2010-08-12 20:20:43 ----A---- C:\Windows\system32\schannel.dll

2010-08-12 20:20:42 ----A---- C:\Windows\system32\win32k.sys

2010-08-11 04:38:36 ----D---- C:\Program Files\uTorrent

2010-08-11 04:38:07 ----D---- C:\Users\Yoann\AppData\Roaming\uTorrent

2010-08-06 06:07:56 ----D---- C:\Program Files\StarCraft II bêta

2010-08-06 06:07:35 ----D---- C:\ProgramData\Blizzard

2010-08-05 03:05:24 ----D---- C:\ProgramData\Blizzard Entertainment

2010-08-05 03:05:23 ----D---- C:\Program Files\StarCraft II

2010-08-05 03:05:23 ----D---- C:\Program Files\Common Files\Blizzard Entertainment

2010-08-05 02:59:47 ----A---- C:\Windows\system32\drivers\sptd.sys

2010-08-05 02:59:34 ----D---- C:\Program Files\DAEMON Tools Lite

2010-08-05 02:59:10 ----D---- C:\Users\Yoann\AppData\Roaming\DAEMON Tools Lite

2010-08-05 02:59:02 ----D---- C:\ProgramData\DAEMON Tools Lite

2010-08-05 00:10:46 ----D---- C:\Downloads

2010-08-05 00:09:49 ----D---- C:\Users\Yoann\AppData\Roaming\Free Download Manager

2010-08-05 00:09:47 ----D---- C:\ProgramData\FreeDownloadManager.ORG

2010-08-05 00:09:47 ----D---- C:\Program Files\Free Download Manager

2010-08-04 23:23:35 ----D---- C:\Windows\system32\appmgmt

2010-08-03 09:09:48 ----A---- C:\Windows\system32\shell32.dll

2010-07-27 17:59:16 ----DC---- C:\Windows\system32\DRVSTORE

2010-07-27 17:59:16 ----A---- C:\Windows\system32\GEARAspi.dll

2010-07-27 17:59:16 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys

2010-07-27 17:59:04 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-07-27 17:59:04 ----D---- C:\Program Files\iTunes

2010-07-27 17:59:04 ----D---- C:\Program Files\iPod

2010-07-27 17:51:45 ----D---- C:\ProgramData\Apple Computer

2010-07-27 17:51:45 ----D---- C:\Program Files\QuickTime

2010-07-27 17:51:16 ----D---- C:\Program Files\Apple Software Update

2010-07-27 17:50:56 ----D---- C:\Program Files\Bonjour

2010-07-24 02:10:43 ----D---- C:\Program Files\Full Tilt Poker

2010-07-12 22:38:08 ----A---- C:\Windows\system32\kernel32.dll

2010-07-12 22:38:07 ----A---- C:\Windows\system32\apphelp.dll

2010-07-06 22:41:53 ----D---- C:\Heroes of Might and Magic 3_The Shadow of Death

2010-07-05 22:52:24 ----D---- C:\Users\Yoann\AppData\Roaming\Apple Computer

2010-07-05 20:40:21 ----D---- C:\Program Files\Common Files\Apple

2010-07-05 20:40:13 ----D---- C:\ProgramData\Apple

2010-07-01 16:39:18 ----D---- C:\ProgramData\Adobe

2010-07-01 16:39:16 ----D---- C:\Program Files\Common Files\Adobe

2010-07-01 16:39:16 ----D---- C:\Program Files\Adobe

2010-06-30 16:50:31 ----D---- C:\Users\Yoann\AppData\Roaming\Malwarebytes

2010-06-30 16:50:24 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys

2010-06-30 16:50:22 ----D---- C:\ProgramData\Malwarebytes

2010-06-30 16:50:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-06-30 16:50:22 ----A---- C:\Windows\system32\drivers\mbam.sys

2010-06-30 16:39:57 ----D---- C:\Program Files\CCleaner

2010-06-26 02:52:44 ----D---- C:\Program Files\Microsoft.NET

2010-06-24 03:00:43 ----A---- C:\Windows\system32\PresentationHostProxy.dll

2010-06-24 03:00:43 ----A---- C:\Windows\system32\PresentationHost.exe

2010-06-24 03:00:43 ----A---- C:\Windows\system32\netfxperf.dll

2010-06-24 03:00:43 ----A---- C:\Windows\system32\mscoree.dll

2010-06-24 03:00:43 ----A---- C:\Windows\system32\dfshim.dll

2010-06-23 23:29:03 ----A---- C:\Windows\system32\ntdll.dll

2010-06-23 23:29:02 ----A---- C:\Windows\system32\msdri.dll

2010-06-23 23:29:02 ----A---- C:\Windows\system32\CPFilters.dll

2010-06-16 05:03:52 ----A---- C:\Windows\system32\BnetLog.txt

2010-06-16 04:58:12 ----D---- C:\Users\Yoann\AppData\Roaming\WinRAR

2010-06-16 04:57:23 ----D---- C:\Program Files\WinRAR

2010-06-12 23:29:46 ----D---- C:\Users\Yoann\AppData\Roaming\dvdcss

2010-06-12 07:45:10 ----D---- C:\ProgramData\Symantec

2010-06-12 07:45:10 ----D---- C:\ProgramData\Norton

2010-06-12 07:45:09 ----D---- C:\ProgramData\NortonInstaller

2010-06-12 04:46:13 ----D---- C:\Program Files\Common Files\DivX Shared

2010-06-12 04:45:53 ----D---- C:\Program Files\DivX

2010-06-12 04:44:56 ----D---- C:\ProgramData\DivX

2010-06-11 03:31:18 ----D---- C:\Windows\system32\Wat

2010-06-10 15:15:34 ----A---- C:\Windows\system32\asycfilt.dll

2010-06-10 15:15:13 ----A---- C:\Windows\system32\atmlib.dll

2010-06-10 15:15:13 ----A---- C:\Windows\system32\atmfd.dll

2010-06-08 03:09:40 ----D---- C:\Users\Yoann\AppData\Roaming\OpenOffice.org

2010-06-08 03:08:06 ----D---- C:\Program Files\JRE

2010-06-08 03:08:00 ----D---- C:\Program Files\OpenOffice.org 3

2010-06-08 03:07:37 ----D---- C:\ProgramData\Sun

2010-06-08 03:07:36 ----D---- C:\Program Files\Common Files\Java

2010-06-08 03:07:28 ----A---- C:\Windows\system32\javaws.exe

2010-06-08 03:07:28 ----A---- C:\Windows\system32\javaw.exe

2010-06-08 03:07:28 ----A---- C:\Windows\system32\java.exe

2010-06-08 03:07:16 ----D---- C:\Program Files\Java

2010-06-08 03:03:41 ----A---- C:\Windows\system32\msv1_0.dll

2010-06-08 03:01:04 ----A---- C:\Windows\system32\browserchoice.exe

2010-06-07 23:23:23 ----D---- C:\Program Files\Common Files\InstallShield

2010-06-07 21:37:28 ----D---- C:\Program Files\GameSpy Arcade

2010-06-07 16:27:35 ----D---- C:\ProgramData\NVIDIA

2010-06-07 16:27:14 ----D---- C:\Program Files\NVIDIA Corporation

2010-06-07 16:26:40 ----A---- C:\Windows\system32\OpenCL.dll

2010-06-07 16:26:40 ----A---- C:\Windows\system32\nvoglv32.dll

2010-06-07 16:26:40 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys

2010-06-07 16:26:40 ----A---- C:\Windows\system32\dpinst.exe

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcuvid.dll

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcuvenc.dll

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcuda.dll

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcompiler.dll

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcod1914.dll

2010-06-07 16:26:38 ----A---- C:\Windows\system32\nvcod.dll

2010-06-07 16:26:37 ----A---- C:\Windows\system32\nvapi.dll

2010-06-07 16:26:34 ----D---- C:\NVIDIA

2010-06-07 16:18:44 ----HD---- C:\Program Files\InstallShield Installation Information

2010-06-07 16:18:44 ----D---- C:\Program Files\Black Isle

2010-06-07 15:44:22 ----A---- C:\Windows\system32\drivers\fvevol.sys

2010-06-07 15:44:18 ----A---- C:\Windows\system32\winlogon.exe

2010-06-07 15:44:18 ----A---- C:\Windows\explorer.exe

2010-06-07 15:44:16 ----A---- C:\Windows\system32\msasn1.dll

2010-06-07 15:44:14 ----A---- C:\Windows\system32\lsasrv.dll

2010-06-07 15:44:14 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2010-06-07 15:44:12 ----A---- C:\Windows\system32\inetcomm.dll

2010-06-07 15:44:11 ----A---- C:\Windows\system32\wmp.dll

2010-06-07 15:44:10 ----A---- C:\Windows\system32\wmploc.DLL

2010-06-07 15:44:10 ----A---- C:\Windows\system32\winresume.exe

2010-06-07 15:44:10 ----A---- C:\Windows\system32\winload.exe

2010-06-07 15:44:10 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2010-06-07 15:44:10 ----A---- C:\Windows\system32\CertEnroll.dll

2010-06-07 15:44:07 ----A---- C:\Windows\system32\jscript.dll

2010-06-07 15:44:05 ----A---- C:\Windows\system32\t2embed.dll

2010-06-07 15:44:05 ----A---- C:\Windows\system32\fontsub.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\tsbyuv.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\quartz.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\msyuv.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\msvidc32.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\msrle32.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\mciavi32.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\iyuv_32.dll

2010-06-07 15:44:04 ----A---- C:\Windows\system32\avifil32.dll

2010-06-07 15:44:00 ----A---- C:\Windows\system32\psisdecd.dll

2010-06-07 15:43:58 ----A---- C:\Windows\system32\vbscript.dll

2010-06-07 15:43:57 ----A---- C:\Windows\system32\secproc_ssp_isv.dll

2010-06-07 15:43:57 ----A---- C:\Windows\system32\secproc_ssp.dll

2010-06-07 15:43:57 ----A---- C:\Windows\system32\secproc_isv.dll

2010-06-07 15:43:57 ----A---- C:\Windows\system32\secproc.dll

2010-06-07 15:43:57 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe

2010-06-07 15:43:57 ----A---- C:\Windows\system32\RMActivate_ssp.exe

2010-06-07 15:43:57 ----A---- C:\Windows\system32\RMActivate_isv.exe

2010-06-07 15:43:57 ----A---- C:\Windows\system32\RMActivate.exe

2010-06-07 15:43:55 ----A---- C:\Windows\system32\tzres.dll

2010-06-07 15:43:41 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys

2010-06-07 15:43:41 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys

2010-06-07 15:43:41 ----A---- C:\Windows\system32\drivers\mrxsmb.sys

2010-06-06 21:42:29 ----D---- C:\Program Files\Common Files\Steam

2010-06-06 21:42:28 ----D---- C:\Program Files\Steam

2010-06-06 20:38:22 ----D---- C:\Program Files\Google

2010-06-06 20:35:52 ----D---- C:\Users\Yoann\AppData\Roaming\Macromedia

2010-06-06 20:35:52 ----D---- C:\Users\Yoann\AppData\Roaming\Adobe

2010-06-06 20:33:24 ----D---- C:\Windows\system32\Macromed

2010-06-06 20:26:52 ----D---- C:\Users\Yoann\AppData\Roaming\vlc

2010-06-06 20:26:10 ----D---- C:\Program Files\VideoLAN

2010-06-06 19:00:31 ----D---- C:\Program Files\Microsoft

2010-06-06 19:00:11 ----D---- C:\Program Files\Windows Live SkyDrive

2010-06-06 18:59:53 ----D---- C:\Program Files\Windows Live

2010-06-06 18:59:34 ----D---- C:\Windows\PCHEALTH

2010-06-06 18:56:57 ----D---- C:\Program Files\Common Files\Windows Live

2010-06-06 18:53:33 ----D---- C:\ProgramData\Avira

2010-06-06 18:53:33 ----D---- C:\Program Files\Avira

2010-06-06 18:53:33 ----A---- C:\Windows\system32\drivers\ssmdrv.sys

2010-06-06 18:53:33 ----A---- C:\Windows\system32\drivers\avipbb.sys

2010-06-06 18:53:33 ----A---- C:\Windows\system32\drivers\avgntflt.sys

2010-06-06 18:44:19 ----A---- C:\Windows\system32\deploytk.dll

2010-06-06 18:43:19 ----D---- C:\Program Files\PS3 Media Server

2010-06-06 18:37:36 ----D---- C:\Windows\Panther

2010-06-06 18:30:32 ----D---- C:\Program Files\Microsoft LifeCam

2010-06-06 18:30:28 ----A---- C:\Windows\system32\D3DX9_42.dll

2010-06-06 18:30:28 ----A---- C:\Windows\system32\D3DCompiler_42.dll

2010-06-06 18:29:44 ----SHD---- C:\Windows\Installer

2010-06-06 18:27:22 ----A---- C:\Windows\VX3000.ini

2010-06-06 18:27:22 ----A---- C:\Windows\system32\LCCoin14.dll

2010-06-06 18:07:59 ----N---- C:\Windows\system32\MpSigStub.exe

2010-06-06 18:06:09 ----A---- C:\Windows\system32\wintrust.dll

2010-06-06 18:06:06 ----A---- C:\Windows\system32\cabview.dll

2010-06-06 17:50:11 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-06-06 17:48:00 ----D---- C:\Users\Yoann\AppData\Roaming\Identities

2010-06-06 17:47:50 ----SD---- C:\Users\Yoann\AppData\Roaming\Microsoft

2010-06-06 17:47:50 ----D---- C:\Users\Yoann\AppData\Roaming\Media Center Programs

2010-06-06 17:47:43 ----SHD---- C:\ProgramData\Modèles

2010-06-06 17:47:43 ----SHD---- C:\ProgramData\Menu Démarrer

2010-06-06 17:47:43 ----SHD---- C:\ProgramData\Favoris

2010-06-06 17:47:43 ----SHD---- C:\ProgramData\Bureau

2010-06-06 17:47:43 ----SHD---- C:\Program Files\Fichiers communs

2010-06-06 17:47:43 ----D---- C:\Recovery

2010-06-06 17:41:33 ----D---- C:\Windows\SoftwareDistribution

2010-06-06 17:38:58 ----D---- C:\Windows\Prefetch

2010-06-06 17:38:42 ----ASH---- C:\pagefile.sys

2010-06-06 17:38:40 ----SHD---- C:\System Volume Information

2010-06-06 17:38:40 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 3 months======

2010-08-25 19:40:06 ----D---- C:\Windows\Temp

2010-08-25 19:25:34 ----D---- C:\Windows\system32\config

2010-08-25 19:15:24 ----D---- C:\Windows\winsxs

2010-08-25 17:19:07 ----D---- C:\Windows\system32\drivers

2010-08-25 17:05:05 ----RD---- C:\Program Files

2010-08-25 14:31:11 ----D---- C:\Windows\system32\catroot

2010-08-25 04:50:49 ----D---- C:\Windows\ShellNew

2010-08-25 04:45:51 ----RSD---- C:\Windows\Fonts

2010-08-25 04:43:56 ----D---- C:\Windows\System32

2010-08-25 04:43:56 ----D---- C:\Windows\inf

2010-08-24 19:08:42 ----D---- C:\Windows

2010-08-24 19:08:42 ----A---- C:\Windows\system.ini

2010-08-24 19:06:30 ----D---- C:\Windows\AppPatch

2010-08-24 19:06:29 ----D---- C:\Program Files\Common Files

2010-08-24 18:00:34 ----D---- C:\Windows\system32\drivers\etc

2010-08-24 17:31:03 ----D---- C:\Windows\system32\catroot2

2010-08-24 17:13:21 ----SD---- C:\ProgramData\Microsoft

2010-08-23 22:58:31 ----D---- C:\Windows\Tasks

2010-08-23 22:58:31 ----D---- C:\Windows\system32\wfp

2010-08-23 22:58:31 ----D---- C:\Windows\system32\DriverStore

2010-08-23 22:58:30 ----D---- C:\Windows\system32\wbem

2010-08-23 22:58:30 ----D---- C:\Windows\system32\NDF

2010-08-23 22:58:29 ----D---- C:\Windows\AppCompat

2010-08-23 22:58:25 ----D---- C:\Windows\registration

2010-08-23 22:58:22 ----D---- C:\Windows\system32\Tasks

2010-08-23 22:20:29 ----D---- C:\ProgramData

2010-08-22 10:20:17 ----D---- C:\Windows\system32\LogFiles

2010-08-20 04:36:06 ----D---- C:\Windows\system32\sysprep

2010-08-13 07:14:26 ----D---- C:\Windows\Microsoft.NET

2010-08-13 07:14:05 ----RSD---- C:\Windows\assembly

2010-08-13 03:16:14 ----D---- C:\Windows\system32\migration

2010-08-13 03:16:14 ----D---- C:\Program Files\Internet Explorer

2010-06-30 17:34:06 ----D---- C:\Windows\security

2010-06-30 16:42:01 ----D---- C:\Windows\debug

2010-06-30 05:29:07 ----D---- C:\Windows\system32\wdi

2010-06-26 02:54:22 ----D---- C:\Windows\system32\fr-FR

2010-06-26 02:52:45 ----D---- C:\Windows\system32\en-US

2010-06-24 03:00:36 ----D---- C:\Windows\ehome

2010-06-17 18:32:05 ----D---- C:\Windows\system32\drivers\UMDF

2010-06-08 18:27:14 ----D---- C:\Windows\rescache

2010-06-08 06:49:55 ----D---- C:\Windows\system32\Boot

2010-06-08 06:49:55 ----D---- C:\Program Files\Windows Media Player

2010-06-08 06:49:55 ----D---- C:\Program Files\Windows Mail

2010-06-07 16:27:29 ----D---- C:\Windows\Help

2010-06-07 01:53:02 ----D---- C:\Windows\Logs

2010-06-06 19:00:16 ----D---- C:\Program Files\Common Files\microsoft shared

2010-06-06 18:27:23 ----D---- C:\Windows\twain_32

2010-06-06 18:06:10 ----D---- C:\Windows\system32\restore

2010-06-06 17:53:13 ----D---- C:\Windows\system32\CodeIntegrity

2010-06-06 17:47:50 ----RD---- C:\Users

2010-06-06 17:47:43 ----D---- C:\Program Files\Windows NT

2010-06-06 17:39:24 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdxata;amdxata; C:\Windows\system32\DRIVERS\amdxata.sys [2009-07-14 23616]

R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2009-07-14 369568]

R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2009-09-26 194488]

R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2009-07-14 13904]

R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2009-12-11 133720]

R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2009-07-14 43088]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]

R0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2009-07-14 40896]

R0 vdrvroot;Pilote d’énumérateur de lecteur virtuel Microsoft; C:\Windows\system32\DRIVERS\vdrvroot.sys [2009-07-14 32832]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]

R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-06 28520]

R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-06-06 56816]

R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]

R3 CompositeBus;Pilote de l’énumérateur de bus composite; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]

R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]

R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-04-04 11573800]

R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]

R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]

R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-07-14 80640]

R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys [2010-05-20 1961328]

R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]

R3 yukonw7;Pilote Miniport NDIS6.2 pour contrôleur Ethernet Marvell Yukon; C:\Windows\system32\DRIVERS\yk62x86.sys [2009-07-14 311296]

S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]

S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]

S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]

S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]

S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]

S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-14 430080]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

S3 catchme;catchme; \??\C:\Users\Yoann\AppData\Local\Temp\catchme.sys []

S3 drmkaud;Pilotes audio approuvés par Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2009-07-14 5120]

S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-14 3100160]

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]

S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]

S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-14 26624]

S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]

S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]

S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]

S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]

S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-14 8320]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-14 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2009-07-14 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]

S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]

S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]

S3 RimUsb;Téléphone intelligent BlackBerry ; C:\Windows\System32\Drivers\RimUsb.sys [2007-05-14 22656]

S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]

S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]

S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]

S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]

S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]

S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]

S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]

S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]

S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-05 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-06-06 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-06-06 185089]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]

R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]

R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06 136176]

S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]

S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-07-22 407336]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-11 1343400]

S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

pear
 Posté le 25/08/2010 à 20:45 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Bonsoir,

Pour moi, c'est bon.

Encore quelque souci ?

No action taken
 Posté le 25/08/2010 à 22:49 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

J'ai l'impression que c'est bon aussi.

En te remerciant pour la marche à suivre que tu m'as indiquée et qui fut bien efficace.



Modifié par No action taken le 26/08/2010 02:22
Page : [1] 
Page 1 sur 1

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
Suppression virus "PHYSICALDRIVE0" impossible !
suppression de virus impossible sous avast
Suppression impossible, Virus
virus "google redirection" , browser redirigé chaque seconde .. ( rootkit?)
virus (?) faisant buguer le texte + M.A.J. impossible de windows
MISE a jour automatique defintion de virus avira impossible
Installation anti-virus impossible
Suppression Spyware impossible
impossible de finir l'analyse de l'anti virus
Suppression des virus par restauration du système
Plus de sujets relatifs à suppression virus rootkit impossible
 > Tous les forums > Forum Sécurité