Security tool et win32 app

Résolu
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention   -  
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

J'ai regardé sur le forum pour tenter de règler le problème moi même, mais je n'y arrive plus.

Security tool est apparue. J'ai tenté de faire une restauration du système, mais elle n'a pas fonctionné... j'imagine à cause du malware.
J'ai ensuite tenté de l'enlever avec Malwarebytes et Rogue killer, mais je suis bloqué par la Win 32 application qui m'empêche d'ouvrir les 2 fichiers.

De win 32, avec l'autre page d'aide sur ccm, elle ne m'avancait pas trop. J'ai seulement compris que je crois que j'ai recu un Bagle...

J'ai utiliser [taskkill /f /im 95856900.exe] qui a au moins enlever les fenetres de security tool de mon écran.

Si vous pouvez m'aider pour le reste ce serait très apprécié!

Autres questions: Si je continues a utiliser microsoft word pendant ce temps, est ce que ca pose problème?
Et est-ce que je devrais fermer mon ordi ou la laisser ouverte jusqu'à temps que le problème ne se règle?

Merci davance pour votre aide.

Charles


A voir également:

54 réponses

Précédent
Réponse 21 / 54
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
* Télécharge load_tdsskiller (de Loup Blanc) sur ton Bureau

http://fradesch.perso.cegetel.net/transf/Load_tdsskiller.exe

* Lance load_tdsskiller en faisant un double-clic dessus / Lance par un clic-droit dessus ? Exécuter en temps qu'administrateur pour vista ou seven
* L'outil va se connecter pour télécharger une copie à jour de TDSSKiller, puis va lancer une analyse

* Lorsque l'outil a terminé son travail d'inspection, si des nuisibles ("Malicious objects") ont été trouvés, vérifier que l'option (Cure) est sélectionnée,
* Si des objects suspects ("Suspicious objects") ont été détectés, sur l'écran de demande de confirmation, modifier l'action à entreprendre et indiquer Quarantine (au lieu de Skip),



* A la fin, il te sera demandé d'appuyer sur une touche, puis le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (C:\tdsskiller\report.txt)
0
Réponse 22 / 54
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
À la fin de l'analyse, il n'y avait aucun problème.
Il n'y avait rien d'écrit dans le rapport qui est sorti automatiquement.

J'ai donc cliqué sur report et c'est ce qui est sorti.

J'ai également reçu par courriel un message qui n'est pas sur le forum.
Tu me disais de télécharger OTL de OLDTimer et le reste du processus.
Dois-je le faire également?


2010/11/20 17:23:53.0247 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12
2010/11/20 17:23:53.0247 ================================================================================
2010/11/20 17:23:53.0247 SystemInfo:
2010/11/20 17:23:53.0247
2010/11/20 17:23:53.0247 OS Version: 6.0.6002 ServicePack: 2.0
2010/11/20 17:23:53.0247 Product type: Workstation
2010/11/20 17:23:53.0247 ComputerName: CHARLES-PC
2010/11/20 17:23:53.0247 UserName: Charles
2010/11/20 17:23:53.0247 Windows directory: C:\Windows
2010/11/20 17:23:53.0247 System windows directory: C:\Windows
2010/11/20 17:23:53.0247 Processor architecture: Intel x86
2010/11/20 17:23:53.0247 Number of processors: 2
2010/11/20 17:23:53.0247 Page size: 0x1000
2010/11/20 17:23:53.0247 Boot type: Normal boot
2010/11/20 17:23:53.0247 ================================================================================
2010/11/20 17:23:53.0715 Initialize success
2010/11/20 17:24:07.0194 ================================================================================
2010/11/20 17:24:07.0194 Scan started
2010/11/20 17:24:07.0194 Mode: Manual;
2010/11/20 17:24:07.0194 ================================================================================
2010/11/20 17:24:08.0098 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/11/20 17:24:08.0223 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2010/11/20 17:24:08.0348 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2010/11/20 17:24:08.0457 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2010/11/20 17:24:08.0566 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2010/11/20 17:24:08.0691 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2010/11/20 17:24:08.0800 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2010/11/20 17:24:08.0894 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/11/20 17:24:08.0972 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2010/11/20 17:24:09.0081 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2010/11/20 17:24:09.0144 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2010/11/20 17:24:09.0253 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2010/11/20 17:24:09.0300 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2010/11/20 17:24:09.0440 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2010/11/20 17:24:09.0534 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2010/11/20 17:24:09.0596 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/20 17:24:09.0690 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/11/20 17:24:09.0799 ATSWPDRV (69e65a2ce11619f0c868967ca9540b80) C:\Windows\system32\DRIVERS\ATSwpDrv.sys
2010/11/20 17:24:09.0908 avgntflt (1eb7d72a82f94f7e9496d363fce00b68) C:\Windows\system32\DRIVERS\avgntflt.sys
2010/11/20 17:24:09.0970 avipbb (f8c56231ed5ecf7d1b46b0330880ccef) C:\Windows\system32\DRIVERS\avipbb.sys
2010/11/20 17:24:10.0080 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
2010/11/20 17:24:10.0189 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/11/20 17:24:10.0298 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2010/11/20 17:24:10.0454 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/20 17:24:10.0641 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/11/20 17:24:10.0704 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/11/20 17:24:10.0813 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/11/20 17:24:10.0906 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/11/20 17:24:11.0000 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/11/20 17:24:11.0062 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/11/20 17:24:11.0187 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/11/20 17:24:11.0281 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/11/20 17:24:11.0390 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2010/11/20 17:24:11.0515 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2010/11/20 17:24:11.0640 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2010/11/20 17:24:11.0733 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\Windows\system32\drivers\btwaudio.sys
2010/11/20 17:24:11.0858 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
2010/11/20 17:24:11.0983 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
2010/11/20 17:24:12.0139 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/20 17:24:12.0248 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/20 17:24:12.0310 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2010/11/20 17:24:12.0404 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/11/20 17:24:12.0513 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/20 17:24:12.0607 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2010/11/20 17:24:12.0716 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/20 17:24:12.0747 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2010/11/20 17:24:12.0841 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2010/11/20 17:24:12.0966 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/11/20 17:24:13.0075 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/11/20 17:24:13.0215 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/11/20 17:24:13.0324 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/20 17:24:13.0434 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/11/20 17:24:13.0590 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/11/20 17:24:13.0714 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2010/11/20 17:24:13.0839 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2010/11/20 17:24:13.0964 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/11/20 17:24:14.0073 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/11/20 17:24:14.0182 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/20 17:24:14.0292 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/11/20 17:24:14.0370 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/11/20 17:24:14.0448 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/20 17:24:14.0526 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/11/20 17:24:14.0635 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/20 17:24:14.0744 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2010/11/20 17:24:14.0869 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/11/20 17:24:14.0994 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2010/11/20 17:24:15.0118 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/20 17:24:15.0243 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/11/20 17:24:15.0337 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/11/20 17:24:15.0446 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/20 17:24:15.0571 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2010/11/20 17:24:15.0680 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2010/11/20 17:24:15.0774 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
2010/11/20 17:24:15.0883 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2010/11/20 17:24:16.0008 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2010/11/20 17:24:16.0148 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2010/11/20 17:24:16.0257 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2010/11/20 17:24:16.0366 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/20 17:24:16.0460 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
2010/11/20 17:24:16.0569 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2010/11/20 17:24:16.0710 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/11/20 17:24:16.0866 IntcAzAudAddService (2967e9c168cb5e0108a8a243ae179bad) C:\Windows\system32\drivers\RTKVHDA.sys
2010/11/20 17:24:17.0022 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2010/11/20 17:24:17.0100 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/20 17:24:17.0209 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/20 17:24:17.0365 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2010/11/20 17:24:17.0443 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/11/20 17:24:17.0552 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/11/20 17:24:17.0646 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2010/11/20 17:24:17.0755 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/20 17:24:17.0848 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/11/20 17:24:17.0926 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/11/20 17:24:17.0989 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/20 17:24:18.0098 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/11/20 17:24:18.0192 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/20 17:24:18.0332 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/20 17:24:18.0457 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2010/11/20 17:24:18.0566 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2010/11/20 17:24:18.0660 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2010/11/20 17:24:18.0753 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/11/20 17:24:18.0847 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2010/11/20 17:24:18.0972 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2010/11/20 17:24:19.0081 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/11/20 17:24:19.0159 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/20 17:24:19.0206 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/20 17:24:19.0299 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/20 17:24:19.0393 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/11/20 17:24:19.0502 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2010/11/20 17:24:19.0611 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/20 17:24:19.0705 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/11/20 17:24:19.0798 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/11/20 17:24:19.0861 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/20 17:24:19.0954 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/20 17:24:20.0048 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/20 17:24:20.0142 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2010/11/20 17:24:20.0220 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2010/11/20 17:24:20.0344 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/11/20 17:24:20.0422 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/11/20 17:24:20.0547 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/20 17:24:20.0641 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/20 17:24:20.0734 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/11/20 17:24:20.0828 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/11/20 17:24:20.0922 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/20 17:24:21.0015 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/11/20 17:24:21.0109 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/11/20 17:24:21.0202 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/20 17:24:21.0312 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/11/20 17:24:21.0421 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/20 17:24:21.0499 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/20 17:24:21.0608 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/20 17:24:21.0702 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/11/20 17:24:21.0780 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/20 17:24:21.0873 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/20 17:24:22.0060 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
2010/11/20 17:24:22.0216 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/11/20 17:24:22.0357 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/11/20 17:24:22.0466 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/20 17:24:22.0591 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/11/20 17:24:22.0716 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/11/20 17:24:22.0809 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/11/20 17:24:22.0918 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
2010/11/20 17:24:23.0215 nvlddmkm (24000b817cc84ac1555f41929879af5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/11/20 17:24:23.0386 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2010/11/20 17:24:23.0480 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2010/11/20 17:24:23.0574 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2010/11/20 17:24:23.0792 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/20 17:24:23.0917 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/11/20 17:24:23.0995 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/11/20 17:24:24.0073 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/11/20 17:24:24.0182 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/11/20 17:24:24.0276 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2010/11/20 17:24:24.0385 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/11/20 17:24:24.0525 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/11/20 17:24:24.0712 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/20 17:24:24.0822 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2010/11/20 17:24:24.0931 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/20 17:24:25.0056 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2010/11/20 17:24:25.0180 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/11/20 17:24:25.0305 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/20 17:24:25.0383 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/20 17:24:25.0477 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/20 17:24:25.0586 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/20 17:24:25.0680 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/11/20 17:24:25.0773 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/20 17:24:25.0867 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/20 17:24:25.0960 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2010/11/20 17:24:26.0070 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/20 17:24:26.0179 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/11/20 17:24:26.0304 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/11/20 17:24:26.0397 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2010/11/20 17:24:26.0491 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2010/11/20 17:24:26.0569 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2010/11/20 17:24:26.0694 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/20 17:24:26.0787 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys
2010/11/20 17:24:26.0896 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/11/20 17:24:27.0021 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2010/11/20 17:24:27.0115 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/11/20 17:24:27.0208 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/11/20 17:24:27.0333 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/11/20 17:24:27.0427 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/11/20 17:24:27.0536 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/11/20 17:24:27.0630 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2010/11/20 17:24:27.0739 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/11/20 17:24:27.0832 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/11/20 17:24:27.0942 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2010/11/20 17:24:28.0051 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2010/11/20 17:24:28.0144 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2010/11/20 17:24:28.0238 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/11/20 17:24:28.0363 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys
2010/11/20 17:24:28.0519 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/11/20 17:24:28.0612 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2010/11/20 17:24:28.0706 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/20 17:24:28.0815 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/20 17:24:28.0909 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2010/11/20 17:24:29.0018 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/20 17:24:29.0112 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/11/20 17:24:29.0299 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/11/20 17:24:29.0392 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/11/20 17:24:29.0486 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys
2010/11/20 17:24:29.0626 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2010/11/20 17:24:29.0751 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/20 17:24:29.0860 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/20 17:24:29.0954 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/11/20 17:24:30.0048 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/11/20 17:24:30.0141 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/20 17:24:30.0235 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/20 17:24:30.0375 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/20 17:24:30.0469 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/11/20 17:24:30.0562 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/20 17:24:30.0656 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2010/11/20 17:24:30.0765 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/20 17:24:30.0890 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2010/11/20 17:24:30.0999 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2010/11/20 17:24:31.0124 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/11/20 17:24:31.0218 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/11/20 17:24:31.0311 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/20 17:24:31.0420 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2010/11/20 17:24:31.0530 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/20 17:24:31.0608 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/11/20 17:24:31.0717 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/20 17:24:31.0810 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/20 17:24:31.0920 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
2010/11/20 17:24:32.0013 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2010/11/20 17:24:32.0122 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/20 17:24:32.0200 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/20 17:24:32.0294 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2010/11/20 17:24:32.0388 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/11/20 17:24:32.0481 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/11/20 17:24:32.0575 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2010/11/20 17:24:32.0684 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2010/11/20 17:24:32.0778 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2010/11/20 17:24:32.0887 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/11/20 17:24:32.0980 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/11/20 17:24:33.0090 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/11/20 17:24:33.0183 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2010/11/20 17:24:33.0308 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/11/20 17:24:33.0417 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/20 17:24:33.0433 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/20 17:24:33.0542 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2010/11/20 17:24:33.0651 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2010/11/20 17:24:33.0807 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2010/11/20 17:24:33.0994 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/11/20 17:24:34.0135 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/11/20 17:24:34.0260 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/11/20 17:24:34.0353 ================================================================================
2010/11/20 17:24:34.0353 Scan finished
2010/11/20 17:24:34.0353 ================================================================================
0
Réponse 23 / 54
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
Télécharge OTL de OLDTimer

http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/


enregistre le sur ton Bureau.

Double clic ( pour vista / 7 => clic droit "executer en tant qu'administrateur") sur OTL.exe pour le lancer.

Coche les 2 cases Lop et Purity

Coche la case devant tous les utilisateurs

ègle age du fichier sur "60 jours"

dans la moitié gauche , mets tout sur "tous"

ne modifie pas ceci :

"fichiers créés" et "fichiers Modifiés"
Clic sur Analyse.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

Clique sur Parcourir et cherche le fichier ci-dessus.

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.

0
Réponse 24 / 54
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
OTL:
http://www.cijoint.fr/cjlink.php?file=cj201011/cijVQCc9RL.txt

EXTRA:
http://www.cijoint.fr/cjlink.php?file=cj201011/cijiNlM0b4.txt
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 54
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
Relance OTL
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
* L'interface principale s'ouvre :
* Dans la partie du bas "Personnalisation", copie/colle la liste en citation :

:OTL
PRC - [2010-11-19 19:35:49 | 000,128,000 | ---- | M] () -- C:\Users\Charles\AppData\Roaming\Microsoft\svchost.exe [comLaunch]
PRC - [2010-11-19 17:21:16 | 000,133,632 | ---- | M] () -- C:\Users\Charles\AppData\Local\Temp\dwm.exe
PRC - [2010-11-19 17:21:01 | 000,138,240 | ---- | M] () -- C:\Users\Charles\AppData\Roaming\Microsoft\Windows\shell.exe
IE - HKU\S-1-5-21-3197797478-1381546659-3490569594-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3197797478-1381546659-3490569594-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370
O4 - HKLM..\Run: [svchost] C:\Users\Charles\AppData\Roaming\Microsoft\svchost.exe ()
O4 - HKU\S-1-5-21-3197797478-1381546659-3490569594-1000..\Run: [svchost] C:\Users\Charles\AppData\Roaming\Microsoft\svchost.exe ()
O4 - Startup: C:\Users\Charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chkntfs.exe ()
F3 - HKU\S-1-5-21-3197797478-1381546659-3490569594-1000 WinNT: Load - (C:\Users\Charles\AppData\Local\Temp\dwm.exe) - C:\Users\Charles\AppData\Local\Temp\dwm.exe ()
O20 - HKU\S-1-5-21-3197797478-1381546659-3490569594-1000 Winlogon: Shell - (C:\Users\Charles\AppData\Roaming\Microsoft\Windows\shell.exe) - C:\Users\Charles\AppData\Roaming\Microsoft\Windows\shell.exe ()

:Commands
[emptyflash]
[emptytemp]


* Clique sur le bouton Correction, patiente pendant le travail de l'outil, il va redémarrer le PC.
* Accepte en cliquant sur OK
* Le rapport indiquant les actions réalisées par OTL doit s'ouvrir spontanément
* Copie/colle le dans ton prochain message

Tu peux le retrouver le fichier à la racine du disque : C:\_OTL\MovedFiles (Vérifie la date si besoin : jjmmaaaa_xxxxxxxx.log)
0
Réponse 26 / 54
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
OTL logfile created on: 2010-11-20 17:45:04 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Charles\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220,81 Gb Total Space | 75,63 Gb Free Space | 34,25% Space Free | Partition Type: NTFS
Drive D: | 12,07 Gb Total Space | 1,54 Gb Free Space | 12,75% Space Free | Partition Type: NTFS

Computer Name: CHARLES-PC | User Name: Charles | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-11-20 17:39:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Charles\Desktop\OTL.exe
PRC - [2010-11-19 19:35:49 | 000,128,000 | ---- | M] () -- C:\Users\Charles\AppData\Roaming\Microsoft\svchost.exe [comLaunch]
PRC - [2010-11-19 17:21:16 | 000,133,632 | ---- | M] () -- C:\Users\Charles\AppData\Local\Temp\dwm.exe
PRC - [2010-11-19 17:21:01 | 000,138,240 | ---- | M] () -- C:\Users\Charles\AppData\Roaming\Microsoft\Windows\shell.exe
PRC - [2010-11-02 09:06:07 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-11-02 09:06:07 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-11-02 09:06:07 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-09-08 02:02:42 | 000,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2010-09-01 02:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010-08-17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolsv.exe
PRC - [2010-07-21 15:53:04 | 000,141,608 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2010-07-21 15:52:54 | 000,540,968 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2010-06-10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-04-16 22:12:52 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2010-04-16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010-01-28 10:40:04 | 008,914,608 | ---- | M] (Druide informatique inc.) -- C:\Program Files\Druide\Antidote 7\Programmes32\antido32.exe
PRC - [2010-01-27 22:16:02 | 000,617,152 | ---- | M] (Druide informatique inc.) -- C:\Program Files\Druide\Antidote 7\Programmes32\agentantidote.exe
PRC - [2010-01-26 20:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashUtil10e.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-10-03 11:40:00 | 000,219,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvsvc.exe
PRC - [2009-08-06 22:24:04 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
PRC - [2009-06-15 08:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsass.exe
PRC - [2009-04-11 02:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winlogon.exe
PRC - [2009-04-11 02:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskeng.exe
PRC - [2009-04-11 02:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smss.exe
PRC - [2009-04-11 02:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 02:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SearchIndexer.exe
PRC - [2009-04-11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\services.exe
PRC - [2009-04-11 02:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SLsvc.exe
PRC - [2009-04-11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-04-11 02:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dwm.exe
PRC - [2009-04-11 02:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
PRC - [2008-06-16 08:02:28 | 000,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
PRC - [2008-01-20 22:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\csrss.exe
PRC - [2008-01-20 22:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsm.exe
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe [comLaunch]
PRC - [2008-01-20 22:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininit.exe
PRC - [2008-01-20 22:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-18 07:31:32 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2008-01-18 07:31:22 | 001,033,512 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007-12-19 23:28:34 | 000,271,760 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
PRC - [2007-12-19 23:28:34 | 000,112,016 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007-12-19 23:27:50 | 000,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
PRC - [2007-10-24 06:02:16 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007-10-24 06:02:14 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007-10-09 12:59:30 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007-09-20 15:12:02 | 000,671,744 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe
PRC - [2007-09-20 15:02:58 | 000,299,008 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2007-09-19 18:31:34 | 000,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2007-09-13 12:47:52 | 000,480,560 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2007-09-05 17:09:54 | 001,620,520 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007-09-05 17:09:54 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007-09-04 17:54:20 | 000,554,320 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
PRC - [2007-08-23 17:40:48 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007-08-23 17:36:30 | 000,455,968 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2007-07-12 08:00:36 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
PRC - [2007-05-16 14:43:06 | 000,677,432 | R--- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2007-05-08 20:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007-01-17 09:34:18 | 000,634,880 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2007-01-08 19:53:06 | 000,311,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
PRC - [2006-05-02 19:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-11-20 17:39:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Charles\Desktop\OTL.exe
MOD - [2010-08-31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-07-26 11:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shell32.dll
MOD - [2010-06-28 13:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ole32.dll
MOD - [2010-04-16 12:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\usp10.dll
MOD - [2009-09-24 18:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winspool.drv
MOD - [2009-07-17 09:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\atl.dll
MOD - [2009-06-15 10:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\secur32.dll
MOD - [2009-06-15 10:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpk.dll
MOD - [2009-04-23 08:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rpcrt4.dll
MOD - [2009-04-11 02:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssapi.dll
MOD - [2009-04-11 02:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\user32.dll
MOD - [2009-04-11 02:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Wldap32.dll
MOD - [2009-04-11 02:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\userenv.dll
MOD - [2009-04-11 02:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\version.dll
MOD - [2009-04-11 02:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\setupapi.dll
MOD - [2009-04-11 02:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shdocvw.dll
MOD - [2009-04-11 02:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shlwapi.dll
MOD - [2009-04-11 02:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spp.dll
MOD - [2009-04-11 02:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\samlib.dll
MOD - [2009-04-11 02:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\propsys.dll
MOD - [2009-04-11 02:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaut32.dll
MOD - [2009-04-11 02:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi32.dll
MOD - [2009-04-11 02:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmarta.dll
MOD - [2009-04-11 02:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\olepro32.dll
MOD - [2009-04-11 02:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrt.dll
MOD - [2009-04-11 02:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kernel32.dll
MOD - [2009-04-11 02:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msctf.dll
MOD - [2009-04-11 02:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\imm32.dll
MOD - [2009-04-11 02:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mpr.dll
MOD - [2009-04-11 02:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gdi32.dll
MOD - [2009-04-11 02:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.dll
MOD - [2009-04-11 02:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\authz.dll
MOD - [2009-04-11 02:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\advapi32.dll
MOD - [2009-04-11 02:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\apphelp.dll
MOD - [2009-04-11 02:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntdll.dll
MOD - [2008-01-20 22:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
MOD - [2008-01-20 22:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ws2_32.dll
MOD - [2008-01-20 22:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nsi.dll
MOD - [2008-01-20 22:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
MOD - [2008-01-20 22:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx
MOD - [2008-01-20 22:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vsstrace.dll
MOD - [2008-01-20 22:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
MOD - [2008-01-20 22:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.dll
MOD - [2006-11-02 05:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\psapi.dll


[color=#E56717]========== Win32 Services (All) ==========[/color]

SRV - [2010-11-02 09:06:07 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-11-02 09:06:07 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-09-06 12:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010-08-17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\spoolsv.exe -- (Spooler)
SRV - [2010-07-21 15:52:54 | 000,540,968 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2010-06-10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-18 09:30:03 | 000,200,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - [2009-10-03 11:40:00 | 000,219,752 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\System32\nvvsvc.exe -- (nvsvc)
SRV - [2009-09-30 21:01:54 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2009-09-24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\FntCache.dll -- (FontCache)
SRV - [2009-08-24 07:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009-08-06 22:23:45 | 001,929,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\wuaueng.dll -- (wuauserv)
SRV - [2009-07-11 15:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009-06-15 08:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\lsass.exe -- (SamSs)
SRV - [2009-06-15 08:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009-06-15 08:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\lsass.exe -- (Netlogon)
SRV - [2009-06-15 08:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\lsass.exe -- (KeyIso)
SRV - [2009-06-10 07:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009-04-11 02:28:26 | 000,747,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\WsmSvc.dll -- (WinRM) Windows Remote Management (WS-Management)
SRV - [2009-04-11 02:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\wscsvc.dll -- (wscsvc)
SRV - [2009-04-11 02:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009-04-11 02:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA)
SRV - [2009-04-11 02:28:25 | 000,413,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2009-04-11 02:28:25 | 000,282,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\w32time.dll -- (W32Time)
SRV - [2009-04-11 02:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2009-04-11 02:28:25 | 000,199,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\WebClnt.dll -- (WebClient)
SRV - [2009-04-11 02:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009-04-11 02:28:25 | 000,140,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2009-04-11 02:28:25 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\wersvc.dll -- (WerSvc)
SRV - [2009-04-11 02:28:25 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\uxsms.dll -- (UxSms)
SRV - [2009-04-11 02:28:24 | 000,595,456 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\WINDOWS\System32\schedsvc.dll -- (Schedule)
SRV - [2009-04-11 02:28:24 | 000,558,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\sysmain.dll -- (SysMain)
SRV - [2009-04-11 02:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\WINDOWS\System32\rpcss.dll -- (RpcSs) Remote Procedure Call (RPC)
SRV - [2009-04-11 02:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\WINDOWS\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009-04-11 02:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\termsrv.dll -- (TermService)
SRV - [2009-04-11 02:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\swprv.dll -- (swprv)
SRV - [2009-04-11 02:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\rasmans.dll -- (RasMan)
SRV - [2009-04-11 02:28:24 | 000,247,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\shsvcs.dll -- (Themes)
SRV - [2009-04-11 02:28:24 | 000,247,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009-04-11 02:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009-04-11 02:28:24 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2009-04-11 02:28:24 | 000,095,232 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2009-04-11 02:28:24 | 000,060,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\SLUINotify.dll -- (SLUINotify)
SRV - [2009-04-11 02:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\qmgr.dll -- (BITS)
SRV - [2009-04-11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\p2psvc.dll -- (PNRPsvc)
SRV - [2009-04-11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\p2psvc.dll -- (PNRPAutoReg)
SRV - [2009-04-11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\p2psvc.dll -- (p2psvc)
SRV - [2009-04-11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\p2psvc.dll -- (p2pimsvc)
SRV - [2009-04-11 02:28:23 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\QAGENTRT.DLL -- (napagent)
SRV - [2009-04-11 02:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\profsvc.dll -- (ProfSvc)
SRV - [2009-04-11 02:28:20 | 000,438,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2009-04-11 02:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009-04-11 02:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2009-04-11 02:28:19 | 000,576,512 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\WINDOWS\System32\gpsvc.dll -- (gpsvc)
SRV - [2009-04-11 02:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2009-04-11 02:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\es.dll -- (EventSystem)
SRV - [2009-04-11 02:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\hidserv.dll -- (hidserv)
SRV - [2009-04-11 02:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\BFE.DLL -- (BFE)
SRV - [2009-04-11 02:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009-04-11 02:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2009-04-11 02:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009-04-11 02:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dot3svc.dll -- (dot3svc)
SRV - [2009-04-11 02:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009-04-11 02:28:18 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009-04-11 02:28:18 | 000,040,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\bthserv.dll -- (BthServ)
SRV - [2009-04-11 02:28:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\System32\certprop.dll -- (SCPolicySvc)
SRV - [2009-04-11 02:28:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\System32\certprop.dll -- (CertPropSvc)
SRV - [2009-04-11 02:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2009-04-11 02:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\VSSVC.exe -- (VSS)
SRV - [2009-04-11 02:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\vds.exe -- (vds)
SRV - [2009-04-11 02:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009-04-11 02:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2009-04-11 02:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\SLsvc.exe -- (slsvc)
SRV - [2009-04-11 02:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009-04-11 02:27:31 | 002,092,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dfsr.exe -- (DFSR)
SRV - [2009-03-30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-02-18 14:39:20 | 000,043,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009-02-18 14:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009-02-18 14:38:42 | 000,879,448 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-11-04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008-06-16 08:02:28 | 000,094,208 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008-01-20 22:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008-01-20 22:25:11 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2008-01-20 22:25:09 | 000,292,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008-01-20 22:25:05 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2008-01-20 22:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\eapsvc.dll -- (EapHost)
SRV - [2008-01-20 22:25:00 | 000,188,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2008-01-20 22:24:59 | 000,055,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2008-01-20 22:24:55 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\SessEnv.dll -- (SessionEnv)
SRV - [2008-01-20 22:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\mmcss.dll -- (THREADORDER)
SRV - [2008-01-20 22:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\mmcss.dll -- (MMCSS)
SRV - [2008-01-20 22:24:49 | 000,155,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008-01-20 22:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\nsisvc.dll -- (nsi)
SRV - [2008-01-20 22:24:44 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\Sens.dll -- (SENS)
SRV - [2008-01-20 22:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\WINDOWS\System32\wdi.dll -- (WdiSystemHost)
SRV - [2008-01-20 22:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\System32\wdi.dll -- (WdiServiceHost)
SRV - [2008-01-20 22:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\browser.dll -- (Browser)
SRV - [2008-01-20 22:24:35 | 000,134,656 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\WINDOWS\System32\dps.dll -- (DPS)
SRV - [2008-01-20 22:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\seclogon.dll -- (seclogon)
SRV - [2008-01-20 22:24:30 | 000,068,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2008-01-20 22:24:30 | 000,056,320 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\tbssvc.dll -- (TBS)
SRV - [2008-01-20 22:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\netprofm.dll -- (netprofm)
SRV - [2008-01-20 22:24:23 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\wecsvc.dll -- (Wecsvc)
SRV - [2008-01-20 22:24:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\fdPHost.dll -- (fdPHost)
SRV - [2008-01-20 22:24:20 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008-01-20 22:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\rasauto.dll -- (RasAuto)
SRV - [2008-01-20 22:24:18 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\msdtckrm.dll -- (KtmRm)
SRV - [2008-01-20 22:24:18 | 000,105,984 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\System32\msdtc.exe -- (MSDTC)
SRV - [2008-01-20 22:24:18 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2008-01-20 22:24:17 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\appinfo.dll -- (Appinfo)
SRV - [2008-01-20 22:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\alg.exe -- (ALG)
SRV - [2008-01-20 22:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\netman.dll -- (Netman)
SRV - [2008-01-20 22:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\ipnathlp.dll -- (SharedAccess) Internet Connection Sharing (ICS)
SRV - [2008-01-20 22:24:08 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2008-01-20 22:24:05 | 000,075,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\trkwks.dll -- (TrkWks)
SRV - [2008-01-20 22:24:04 | 000,259,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\upnphost.dll -- (upnphost)
SRV - [2008-01-20 22:24:03 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\pla.dll -- (pla)
SRV - [2008-01-20 22:23:53 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2008-01-20 22:23:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2008-01-20 22:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008-01-20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-20 22:23:31 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\qwave.dll -- (QWAVE)
SRV - [2008-01-20 22:23:29 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\pcasvc.dll -- (PcaSvc)
SRV - [2008-01-20 22:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2007-12-19 23:28:34 | 000,271,760 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe -- (QPCapSvc) QuickPlay Background Capture Service (QBCS)
SRV - [2007-12-19 23:28:34 | 000,112,016 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe -- (QPSched) QuickPlay Task Scheduler (QTS)
SRV - [2007-10-24 06:02:16 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007-09-20 15:02:58 | 000,299,008 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2007-08-23 17:40:48 | 000,079,136 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007-07-23 19:33:06 | 000,181,800 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007-03-05 14:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2006-11-02 08:35:29 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\ehome\ehsched.exe -- (ehSched)
SRV - [2006-11-02 08:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\ehome\ehstart.dll -- (ehstart)
SRV - [2006-11-02 08:35:24 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\TabSvc.dll -- (TabletInputService)
SRV - [2006-11-02 05:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006-11-02 05:46:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\lmhsvc.dll -- (lmhosts)
SRV - [2006-11-02 05:46:04 | 000,027,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\FDResPub.dll -- (FDResPub)
SRV - [2006-11-02 05:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2006-11-02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2006-11-02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\Locator.exe -- (RpcLocator) Remote Procedure Call (RPC)
SRV - [2006-11-02 05:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2006-10-26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006-05-02 19:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe -- (hpqwmiex)
SRV - [2005-04-04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (All) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Charles\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010-11-02 09:06:07 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-11-02 09:06:07 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-09-06 09:45:38 | 000,304,128 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\srv.sys -- (srv)
DRV - [2010-09-06 09:45:22 | 000,145,408 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\srv2.sys -- (srv2)
DRV - [2010-09-06 09:45:19 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2010-06-16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010-06-16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010-04-19 20:47:42 | 000,041,984 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2010-02-23 07:10:19 | 000,212,992 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2010-02-23 07:10:13 | 000,106,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2010-02-23 07:10:13 | 000,079,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2010-02-20 16:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\http.sys -- (HTTP)
DRV - [2010-02-18 07:28:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2009-12-08 13:26:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2009-10-03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009-09-24 21:27:25 | 000,634,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2009-06-15 19:15:25 | 000,439,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecdd.sys -- (KSecDD)
DRV - [2009-05-18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-04-11 02:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009-04-11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\volsnap.sys -- (volsnap)
DRV - [2009-04-11 02:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\pci.sys -- (pci)
DRV - [2009-04-11 02:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\termdd.sys -- (TermDD)
DRV - [2009-04-11 02:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2009-04-11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ndis.sys -- (NDIS)
DRV - [2009-04-11 02:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\acpi.sys -- (ACPI)
DRV - [2009-04-11 02:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\WINDOWS\System32\clfs.sys -- (CLFS) Common Log (CLFS)
DRV - [2009-04-11 02:32:46 | 000,190,424 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2009-04-11 02:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2009-04-11 02:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009-04-11 02:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ecache.sys -- (Ecache)
DRV - [2009-04-11 02:32:31 | 000,054,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2009-04-11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\disk.sys -- (disk)
DRV - [2009-04-11 02:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\mup.sys -- (Mup)
DRV - [2009-04-11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\atapi.sys -- (atapi)
DRV - [2009-04-11 00:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2009-04-11 00:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV - [2009-04-11 00:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\rassstp.sys -- (RasSstp) WAN Miniport (SSTP)
DRV - [2009-04-11 00:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009-04-11 00:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009-04-11 00:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tdx.sys -- (tdx)
DRV - [2009-04-11 00:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pacer.sys -- (PSched)
DRV - [2009-04-11 00:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\netbt.sys -- (netbt)
DRV - [2009-04-11 00:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\smb.sys -- (Smb) Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
DRV - [2009-04-11 00:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009-04-11 00:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2009-04-11 00:43:12 | 000,148,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV - [2009-04-11 00:43:10 | 000,507,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bthport.sys -- (BTHPORT)
DRV - [2009-04-11 00:43:10 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\bthenum.sys -- (BthEnum)
DRV - [2009-04-11 00:43:08 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\BTHUSB.SYS -- (BTHUSB)
DRV - [2009-04-11 00:43:04 | 000,062,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2009-04-11 00:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2009-04-11 00:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2009-04-11 00:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2009-04-11 00:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009-04-11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009-04-11 00:39:13 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2009-04-11 00:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2009-04-11 00:19:14 | 000,089,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\sdbus.sys -- (sdbus)
DRV - [2009-04-11 00:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2009-04-11 00:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2009-04-11 00:14:12 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2009-04-11 00:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009-04-11 00:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (udfs)
DRV - [2009-04-11 00:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009-04-11 00:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008-01-20 22:24:59 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2008-01-20 22:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008-01-20 22:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008-01-20 22:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008-01-20 22:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008-01-20 22:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008-01-20 22:24:51 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008-01-20 22:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008-01-20 22:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008-01-20 22:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008-01-20 22:24:50 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008-01-20 22:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008-01-20 22:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008-01-20 22:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008-01-20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008-01-20 22:24:45 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008-01-20 22:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV - [2008-01-20 22:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008-01-20 22:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008-01-20 22:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008-01-20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008-01-20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008-01-20 22:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008-01-20 22:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008-01-20 22:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008-01-20 22:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008-01-20 22:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008-01-20 22:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008-01-20 22:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008-01-20 22:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008-01-20 22:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008-01-20 22:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008-01-20 22:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008-01-20 22:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008-01-20 22:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008-01-20 22:23:53 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\bowser.sys -- (bowser)
DRV - [2008-01-20 22:23:51 | 000,503,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2008-01-20 22:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008-01-20 22:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008-01-20 22:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008-01-20 22:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008-01-20 22:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008-01-20 22:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008-01-20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-20 22:23:26 | 000,134,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008-01-20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-20 22:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2008-01-20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-20 22:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\circlass.sys -- (circlass)
DRV - [2008-01-20 22:23:26 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008-01-20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-20 22:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\wd.sys -- (Wd)
DRV - [2008-01-20 22:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008-01-20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-20 22:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008-01-20 22:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2008-01-20 22:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2008-01-20 22:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008-01-20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-20 22:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008-01-20 22:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ipmidrv.sys -- (IPMIDRV)
DRV - [2008-01-20 22:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV - [2008-01-20 22:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\uagp35.sys -- (uagp35)
DRV - [2008-01-20 22:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\monitor.sys -- (monitor)
DRV - [2008-01-20 22:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\umbus.sys -- (umbus)
DRV - [2008-01-20 22:23:22 |
0
Réponse 27 / 54
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
ce ne doit pas être le bon rapport

Tu peux le retrouver le fichier à la racine du disque : C:\_OTL\MovedFiles (Vérifie la date si besoin : jjmmaaaa_xxxxxxxx.log)
0
Réponse 28 / 54
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
Je ne peux pas le retrouver...
Je suis dans le bon fichier et je clique en suite sur le fichier où la date est indiqué.
Mais ensuite ça continue avec un auter fichier: C_users et ainsi de suite...

Est-ce que je refais l'opération?
0
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
oui recommence stp
0
Réponse 29 / 54
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
All processes killed
========== OTL ==========
No active process named svchost.exe [comLaunch] was found!
Process dwm.exe killed successfully!
No active process named shell.exe was found!
HKU\S-1-5-21-3197797478-1381546659-3490569594-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-3197797478-1381546659-3490569594-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\svchost not found.
File C:\Users\Charles\AppData\Roaming\Microsoft\svchost.exe not found.
Registry value HKEY_USERS\S-1-5-21-3197797478-1381546659-3490569594-1000\Software\Microsoft\Windows\CurrentVersion\Run\\svchost not found.
File C:\Users\Charles\AppData\Roaming\Microsoft\svchost.exe not found.
File C:\Users\Charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chkntfs.exe not found.
File C:\Users\Charles\AppData\Local\Temp\dwm.exe not found.
Registry value HKEY_USERS\S-1-5-21-3197797478-1381546659-3490569594-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Charles\AppData\Local\Temp\dwm.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3197797478-1381546659-3490569594-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Charles\AppData\Roaming\Microsoft\Windows\shell.exe deleted successfully.
File C:\Users\Charles\AppData\Roaming\Microsoft\Windows\shell.exe not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Charles
->Flash cache emptied: 1501 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Charles
->Temp folder emptied: 263665 bytes
->Temporary Internet Files folder emptied: 68987127 bytes
->Java cache emptied: 34739452 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19442 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 344 bytes

Total Files Cleaned = 99,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11212010_110325

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
0
Réponse 30 / 54
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
ok

MBAM fonctionne t il maintenant ?
0
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
Non, toujours pas.
0
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
et combofix ?
0
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
Non plus, j'avais essayé les deux.
0
Réponse 31 / 54
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
/!\ Il faut impérativement désactiver tous tes logiciels de protection pour utiliser ce programme/!\


? Télécharge : Gmer (by Przemyslaw Gmerek)

http://www.gmer.net/



? Dezippe gmer ,cliques sur l'onglet rootkit,lances le scan,des lignes rouges vont apparaitre.

? Les lignes rouges indiquent la presence d'un rootkit.Postes moi le rapport gmer (cliques sur copy,puis vas dans demarrer ,puis ouvres le bloc note,vas dans edition et cliques sur coller,le rapport gmer va apparaitre,postes moi le)
0
Réponse 32 / 54
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-21 12:33:51
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 FUJITSU_ rev.0000
Running: k5ded5md.exe; Driver: C:\Users\Charles\AppData\Local\Temp\pwtdafob.sys


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[5624] USER32.dll!CreateWindowExW 77731305 5 Bytes JMP 6DB6DB44 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5624] USER32.dll!DialogBoxParamW 777510B0 5 Bytes JMP 6DA954F5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5624] USER32.dll!DialogBoxIndirectParamW 77752EF5 5 Bytes JMP 6DC65027 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5624] USER32.dll!DialogBoxParamA 77768152 5 Bytes JMP 6DC64FC4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5624] USER32.dll!DialogBoxIndirectParamA 7776847D 5 Bytes JMP 6DC6508A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5624] USER32.dll!MessageBoxIndirectA 7777D4D9 5 Bytes JMP 6DC64F59 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5624] USER32.dll!MessageBoxIndirectW 7777D5D3 5 Bytes JMP 6DC64EEE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5624] USER32.dll!MessageBoxExA 7777D639 5 Bytes JMP 6DC64E8C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5624] USER32.dll!MessageBoxExW 7777D65D 5 Bytes JMP 6DC64E2A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!CreateDialogParamW 777272A2 5 Bytes JMP 6DB6DED0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!GetAsyncKeyState 7772863C 5 Bytes JMP 6DA88F0F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!SetWindowsHookExW 777287AD 5 Bytes JMP 6DB69AED C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!CallNextHookEx 77728E3B 5 Bytes JMP 6DB5D14D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!UnhookWindowsHookEx 777298DB 5 Bytes JMP 6DAD4686 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!EnableWindow 7772CD8B 5 Bytes JMP 6DB6DD5D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!CreateWindowExW 77731305 5 Bytes JMP 6DB6DB44 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!GetKeyState 77738CB1 5 Bytes JMP 6DB6D30B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!IsDialogMessageW 77740745 5 Bytes JMP 6DA95A07 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!CreateDialogParamA 777417AA 5 Bytes JMP 6DC65C93 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!IsDialogMessage 77741847 5 Bytes JMP 6DC6552F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!CreateDialogIndirectParamA 777426F1 5 Bytes JMP 6DC65CCA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!CreateDialogIndirectParamW 77749A62 5 Bytes JMP 6DC65D01 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!SetKeyboardState 77750987 5 Bytes JMP 6DC6589E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!DialogBoxParamW 777510B0 5 Bytes JMP 6DA954F5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!DialogBoxIndirectParamW 77752EF5 5 Bytes JMP 6DC65027 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!SendInput 77752F75 5 Bytes JMP 6DC6645B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!EndDialog 7775326E 5 Bytes JMP 6DA97EAE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!SetCursorPos 77766FB2 5 Bytes JMP 6DC664AF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!DialogBoxParamA 77768152 5 Bytes JMP 6DC64FC4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!DialogBoxIndirectParamA 7776847D 5 Bytes JMP 6DC6508A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!MessageBoxIndirectA 7777D4D9 5 Bytes JMP 6DC64F59 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!MessageBoxIndirectW 7777D5D3 5 Bytes JMP 6DC64EEE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!MessageBoxExA 7777D639 5 Bytes JMP 6DC64E8C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!MessageBoxExW 7777D65D 5 Bytes JMP 6DC64E2A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] USER32.dll!keybd_event 7777D972 5 Bytes JMP 6DC667DF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] SHELL32.dll!SHRestricted + D95 767B89A8 4 Bytes [4D, 30, D6, 68]
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] SHELL32.dll!SHRestricted + D9D 767B89B0 8 Bytes [57, 2F, D6, 68, 9C, 5B, D5, ...] {PUSH EDI; DAS ; SALC ; PUSH 0x68d55b9c}
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] ole32.dll!OleLoadFromStream 77521E80 5 Bytes JMP 6DC6538F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5664] ole32.dll!CoCreateInstance 77559F3E 5 Bytes JMP 6DB6DBA0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!CreateDialogParamW 777272A2 5 Bytes JMP 6DB6DED0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!GetAsyncKeyState 7772863C 5 Bytes JMP 6DA88F0F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!SetWindowsHookExW 777287AD 5 Bytes JMP 6DB69AED C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!CallNextHookEx 77728E3B 5 Bytes JMP 6DB5D14D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!UnhookWindowsHookEx 777298DB 5 Bytes JMP 6DAD4686 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!EnableWindow 7772CD8B 5 Bytes JMP 6DB6DD5D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!CreateWindowExW 77731305 5 Bytes JMP 6DB6DB44 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!GetKeyState 77738CB1 5 Bytes JMP 6DB6D30B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!IsDialogMessageW 77740745 5 Bytes JMP 6DA95A07 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!CreateDialogParamA 777417AA 5 Bytes JMP 6DC65C93 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!IsDialogMessage 77741847 5 Bytes JMP 6DC6552F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!CreateDialogIndirectParamA 777426F1 5 Bytes JMP 6DC65CCA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!CreateDialogIndirectParamW 77749A62 5 Bytes JMP 6DC65D01 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!SetKeyboardState 77750987 5 Bytes JMP 6DC6589E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!DialogBoxParamW 777510B0 5 Bytes JMP 6DA954F5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!DialogBoxIndirectParamW 77752EF5 5 Bytes JMP 6DC65027 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!SendInput 77752F75 5 Bytes JMP 6DC6645B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!EndDialog 7775326E 5 Bytes JMP 6DA97EAE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!SetCursorPos 77766FB2 5 Bytes JMP 6DC664AF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!DialogBoxParamA 77768152 5 Bytes JMP 6DC64FC4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!DialogBoxIndirectParamA 7776847D 5 Bytes JMP 6DC6508A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!MessageBoxIndirectA 7777D4D9 5 Bytes JMP 6DC64F59 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!MessageBoxIndirectW 7777D5D3 5 Bytes JMP 6DC64EEE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!MessageBoxExA 7777D639 5 Bytes JMP 6DC64E8C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!MessageBoxExW 7777D65D 5 Bytes JMP 6DC64E2A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] USER32.dll!keybd_event 7777D972 5 Bytes JMP 6DC667DF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] SHELL32.dll!SHRestricted + D95 767B89A8 4 Bytes [4D, 30, D6, 68]
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] SHELL32.dll!SHRestricted + D9D 767B89B0 8 Bytes [57, 2F, D6, 68, 9C, 5B, D5, ...] {PUSH EDI; DAS ; SALC ; PUSH 0x68d55b9c}
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] ole32.dll!OleLoadFromStream 77521E80 5 Bytes JMP 6DC6538F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5888] ole32.dll!CoCreateInstance 77559F3E 5 Bytes JMP 6DB6DBA0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [68D482F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [68D482F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [68D51AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [68D5007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [68D4E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [68D50994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [68D4EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [68D4A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [68D51D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [68D53ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [68D52999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [68D53035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [68D4FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [68D4E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [68D4DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [68D4FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [68D482F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [68D4D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [68D5FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [68D6051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [68D5EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [68D5F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [68D5EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [68D5E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [68D5ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [68D5007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [68D4FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [68D4E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [68D482F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [68D4FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [68D4E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [68D51AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [68D4EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [68D53ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [68D52CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [68D52926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [68D53035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [68D52999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [68D4BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [68D5173F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [68D4BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [68D50F0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [68D514E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [68D4ED1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [68D4BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [68D51D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [68D4C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [68D5103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [68D4EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [68D50994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [68D51614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [68D50921] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [68D482F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [68D4FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [68D4A073] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [68D4A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [68D4E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [68D4E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [68D4FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [68D4FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [68D50C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [68D4DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [68D4D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [68D4D361] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [68D4EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [68D5007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [68D4C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [68D4E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [68D53035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [68D52999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [68D51AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [68D4BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [68D4BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [68D4E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [68D52CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [68D52926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [68D53ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [68D523A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [68D4BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [68D4FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [68D482F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [68D4FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [68D4F973] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [68D5ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [68D5E43D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [68D5EDE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [68D5F9B7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [68D5E9C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [68D5E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [68D5EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [68D6020D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [68D5F4DB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [68D5EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [68D5FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [68D5F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [68D6051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [68D5FF19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [68D60085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [68D60395] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [68D5FDAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [68D5F677] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [68D4CFA8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [68D52999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [68D50C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [68D4D22A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [68D4D9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [68D4DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [68D4EB68] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [68D51D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [68D4E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [68D4CAA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [68D5007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [68D4A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [68D50994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [68D53035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [68D53ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [68D4C709] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [68D4BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [68D51AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [68D4CD20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [68D4D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [68D51614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [68D5103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [68D4EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [68D4C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [68D4BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [68D509B9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [68D4C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [68D4FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [68D4E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [68D4C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [68D4FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [68D4C5D8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [68D4F0D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [68D4FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [68D4F5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [68D5620B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [68D57595] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [68D560AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [68D5615B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [68D575E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [68D56533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [68D5799A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [68D5684F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [68D56E45] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [68D56AFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [68D56B47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [68D57281] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [68D56716] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [68D571ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [68D57021] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [68D57FBE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [68D57159] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [68D568E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW] [68D56BE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [68D56803] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [68D56F81] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [68D563A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [68D580BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [68D58513] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [68D58176] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [68D565DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [68D57BA4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [68D58235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [68D5697F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [68D56DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [68D56D15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [68D5731F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [68D56EDD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5664] @ C:\Windows\system32\SHELL32.dll
0
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
il ne semble pas complet

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

si problème avec ci joint , passer par là https://www.cjoint.com/
0
Réponse 33 / 54
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
http://www.cijoint.fr/cjlink.php?file=cj201011/cij0DbQLwO.txt
0
Réponse 34 / 54
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
non rien

attention examen long

? Téléchargez Dr.Web CureIt! sur ton Bureau :
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

? Double-cliquez sur drweb-cureit.exe et cliquez sur Commencer le scan.
? Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, cliquez sur le bouton Oui pour Tout à l'invite.
? Lorsque le scan rapide est terminé, cliquez sur Options > Changer la configuration.
? Choisissez l'onglet Scanner, et décochez Analyse heuristique.
? De retour à la fenêtre principale : choisissez Analyse complète.
? Cliquez la flèche verte sur la droite et le scan débutera. Une publicité apparaît quelquefois, fermez-la.
? Cliquez Oui pour Tout si un fichier est détecté.
? A la fin du scan, si des infections sont trouvées, cliquez sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, cliquez sur Quarantaine.
? Au menu principal de l'outil, en haut à gauche, cliquez sur le menu Fichier et choisissez Enregistrer le rapport.
? Sauvegardez le rapport sur votre Bureau. Ce dernier se nommera DrWeb.csv.
? Fermez Dr.Web CureIt!
? Redémarrez votre ordinateur (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
? Postez (Copiez/Collez) le contenu du rapport de l'outil Dr.Web dans un bloc note

Ensuite :

? Rendez-vous à cette adresse d'hébergement gratuit : http://www.cijoint.fr/
? Cliquez sur parcourir, chercher rapport DrWeb.txt puis sur cliquez ici pour déposer le fichier
? Une fois le lien crée, faite un clique droit dessus et copier l'adresse du lien pour venir le coller dans votre réponse
0
Réponse 35 / 54
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
J'ai fait l'analyse, mais j'ai complètement oublié de sauvegardé le rapport ensuite et il ne m'était plus possible de le faire par la suite.

Je sais que quelques éléments ont été supprimé, mais c'est tout ce que je pourrais dire.

Et il y a toujours le même problème avec Malwarebytes et combofix...
0
Réponse 36 / 54
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
retélécharge combofix à nouveau pour voir

et fais ceci avant de le lancer

* Télécharge sur le bureau RogueKiller (par tigzy)
https://www.luanagames.com/index.fr.html


*( Sous Vista/Seven,clique droit, lancer en tant qu'administrateur )

* Quitte tous tes programmes en cours
* Lance RogueKiller.exe.
* Lorsque demandé, tape 2 et valide
* Un rapport (RKreport.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois.
0
Réponse 37 / 54
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
Je les ai retéléchargé et tout fonctionne maintenant.
J'ai pu les installer correctement.
Je vais commencer l'opération avec combofix.

RogueKiller V3.2.0 by Tigzy
contact at www.sur-la-toile.com
mail: tigzy44<at>hotmail<dot>fr
Feedback: https://www.luanagames.com/index.fr.html

Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits
Mode: Remove -- Time : 22/11/2010 17:23:22

Bad processes:

Deregistred:
HKCU\...\Winlogon\ Shell : explorer.exe,C:\Users\Charles\AppData\Roaming\Microsoft\Windows\shell.exe

Finished
0
Réponse 38 / 54
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
ok
0
Réponse 39 / 54
Chuckyy2 Messages postés 98 Date d'inscription   Statut Membre Dernière intervention  
 
ComboFix 10-11-22.02 - Charles 2010-11-22 17:43:16.1.2 - x86
Microsoft® Windows Vista(TM) Home Premium 6.0.6002.2.1252.2.1033.18.3070.1734 [GMT -4:00]
Lancé depuis: c:\users\Charles\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Charles\AppData\Roaming\chkntfs.dat
c:\users\Charles\AppData\Roaming\Microsoft\stor.cfg
c:\windows\system32\KBL.LOG

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-10-22 au 2010-11-22 ))))))))))))))))))))))))))))))))))))
.

2010-11-22 21:51 . 2010-11-22 21:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-22 21:20 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-22 21:20 . 2010-11-22 21:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-22 21:20 . 2010-11-22 21:20 -------- d-----w- c:\programdata\Malwarebytes
2010-11-22 21:20 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-21 23:23 . 2010-11-21 23:23 -------- d-----w- c:\programdata\WEBREG
2010-11-21 23:13 . 2010-11-21 23:13 -------- d-----w- c:\programdata\HPSSUPPLY
2010-11-21 22:15 . 2006-12-29 13:57 273920 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp4v2.dll
2010-11-21 22:14 . 2006-12-15 16:19 258048 ----a-w- c:\windows\system32\hpzids01.dll
2010-11-21 22:14 . 2006-12-30 19:49 117760 ----a-w- c:\windows\system32\hpzll4v2.dll
2010-11-21 17:28 . 2010-11-22 03:22 -------- d-----w- c:\users\Charles\DoctorWeb
2010-11-21 00:07 . 2010-11-21 00:07 -------- d-----w- C:\_OTL
2010-11-20 21:23 . 2010-11-20 21:23 -------- d-----w- C:\tdsskiller
2010-11-19 20:48 . 2010-11-19 22:39 -------- d-----w- C:\Kill'em
2010-11-19 20:48 . 2010-11-22 09:32 -------- d-----w- c:\program files\List_Kill'em
2010-11-19 19:53 . 2010-11-19 20:23 -------- d-----w- C:\FyK
2010-11-19 19:05 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2962F73F-4CE9-4740-AF6C-135AF8E0D081}\mpengine.dll
2010-11-19 18:46 . 2010-11-19 19:31 -------- d-----w- c:\program files\ZHPDiag
2010-11-10 11:58 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-10-27 14:03 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-27 14:03 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-27 14:03 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-19 20:22 . 2010-11-19 20:22 821 ----a-w- C:\FindyKill_Upload_Me_Charles-PC.zip
2010-11-02 13:06 . 2010-05-12 23:04 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-02 13:06 . 2010-05-12 23:04 126856 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-10-19 14:41 . 2010-05-12 22:42 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-13 13:56 . 2010-10-13 18:23 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-08 06:01 . 2010-10-13 18:22 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57 . 2010-10-13 18:22 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57 . 2010-10-13 18:22 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56 . 2010-10-13 18:22 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56 . 2010-10-13 18:22 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04 . 2010-10-13 18:22 385024 ----a-w- c:\windows\system32\html.iec
2010-09-08 04:26 . 2010-10-13 18:22 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25 . 2010-10-13 18:22 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-06 16:20 . 2010-10-13 18:23 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-09-06 16:19 . 2010-10-13 18:23 17920 ----a-w- c:\windows\system32\netevent.dll
2010-09-06 13:45 . 2010-10-13 18:23 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-09-06 13:45 . 2010-10-13 18:23 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-09-06 13:45 . 2010-10-13 18:23 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-31 15:46 . 2010-10-13 18:22 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 15:46 . 2010-10-13 18:22 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-31 15:44 . 2010-10-13 18:21 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-08-31 13:27 . 2010-10-13 18:22 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-08-26 16:37 . 2010-10-13 18:22 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-08-26 16:33 . 2010-10-27 14:03 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-27 14:03 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-26 16:33 . 2010-10-27 14:03 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-27 14:03 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 634880]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-09 4702208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-10-24 178712]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-12-20 468264]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2007-09-20 671744]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-02 281768]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"agentantidote.exe"="c:\program files\Druide\Antidote 7\Programmes32\agentantidote.exe" [2010-01-28 617152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"UacDisableNotify"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-11-02 135336]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 21:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=81&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-QlbCtrl - %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
HKLM-Run-hpqSRMon - (no file)



**************************************************************************
Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés:

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(5356)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Heure de fin: 2010-11-22 17:59:05 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-11-22 21:58

Avant-CF: 80 018 759 680 bytes free
Après-CF: 79 699 718 144 bytes free

- - End Of File - - 1D75AA628091D51C444EAE1061450563
0
Réponse 40 / 54
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
Téléchargez MalwareByte's Anti-Malware (que tu pourras garder ensuite)

https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
0

Discussions similaires

App explorer Sa sert a quoi ?
Mada_alpha -
SATS_fr -

1 réponse
SecurityHealth est a désactiver ou pas au démarrage de W10 Pro 64 ?
Walti55 -
Walti55 -

2 réponses