Pub audio intempestive
Résolu/Fermé
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
-
31 mai 2011 à 14:29
Utilisateur anonyme - 6 juin 2011 à 01:56
Utilisateur anonyme - 6 juin 2011 à 01:56
A voir également:
- Pub audio intempestive
- Youtube sans pub - Accueil - Streaming
- Bloqueur de pub youtube - Accueil - Streaming
- Netflix avec pub avis - Accueil - Streaming
- Realtek audio driver - Télécharger - Pilotes & Matériel
- YT Siphon : une extension pour contourner la pub sur YouTube - Accueil - Streaming
67 réponses
Utilisateur anonyme
31 mai 2011 à 14:46
31 mai 2011 à 14:46
salut
▶ Télécharge Reload_TDSSKiller
▶ Lance le
choisis : télécharger la derniere version
▶ relance-le
choisis : lancer le nettoyage
TDSSKiller va s'ouvrir , clique sur "Start Scan"
une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer
sinon , ferme tdssKiller et le rapport s'affichera sur le bureau
▶ Copie/Colle son contenu dans ta prochaine réponse.
▶ Télécharge Reload_TDSSKiller
▶ Lance le
choisis : télécharger la derniere version
▶ relance-le
choisis : lancer le nettoyage
TDSSKiller va s'ouvrir , clique sur "Start Scan"
une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer
sinon , ferme tdssKiller et le rapport s'affichera sur le bureau
▶ Copie/Colle son contenu dans ta prochaine réponse.
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 15:12
31 mai 2011 à 15:12
Salut gen-hackman
Merci pour ton aide, voici le rapport :
2011/05/31 14:09:13.0188 6276 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/05/31 14:09:13.0355 6276 ================================================================================
2011/05/31 14:09:13.0355 6276 SystemInfo:
2011/05/31 14:09:13.0355 6276
2011/05/31 14:09:13.0355 6276 OS Version: 6.0.6002 ServicePack: 2.0
2011/05/31 14:09:13.0355 6276 Product type: Workstation
2011/05/31 14:09:13.0355 6276 ComputerName: PC-DE-DAMIEN
2011/05/31 14:09:13.0355 6276 UserName: Damien
2011/05/31 14:09:13.0355 6276 Windows directory: C:\Windows
2011/05/31 14:09:13.0355 6276 System windows directory: C:\Windows
2011/05/31 14:09:13.0355 6276 Processor architecture: Intel x86
2011/05/31 14:09:13.0355 6276 Number of processors: 2
2011/05/31 14:09:13.0355 6276 Page size: 0x1000
2011/05/31 14:09:13.0355 6276 Boot type: Normal boot
2011/05/31 14:09:13.0355 6276 ================================================================================
2011/05/31 14:09:13.0993 6276 Initialize success
2011/05/31 14:09:21.0210 7076 ================================================================================
2011/05/31 14:09:21.0210 7076 Scan started
2011/05/31 14:09:21.0210 7076 Mode: Manual;
2011/05/31 14:09:21.0210 7076 ================================================================================
2011/05/31 14:09:23.0009 7076 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/05/31 14:09:23.0111 7076 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/05/31 14:09:23.0198 7076 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/05/31 14:09:23.0292 7076 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/05/31 14:09:23.0365 7076 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/05/31 14:09:23.0484 7076 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/05/31 14:09:23.0579 7076 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/05/31 14:09:23.0639 7076 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/05/31 14:09:23.0671 7076 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/05/31 14:09:23.0719 7076 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/05/31 14:09:23.0774 7076 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/05/31 14:09:23.0836 7076 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/05/31 14:09:23.0868 7076 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/05/31 14:09:23.0950 7076 ApfiltrService (9325e49d555d8f12ce1735227dbb3d80) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/05/31 14:09:24.0063 7076 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/05/31 14:09:24.0125 7076 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/05/31 14:09:24.0173 7076 ArcSoftKsUFilter (857b48965a0503b7ab795d4bfe7cbd8b) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
2011/05/31 14:09:24.0322 7076 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/31 14:09:24.0393 7076 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/05/31 14:09:24.0573 7076 atikmdag (9f66d1ba97911731133e46212539a08d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/31 14:09:24.0771 7076 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/05/31 14:09:24.0862 7076 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/05/31 14:09:24.0961 7076 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/31 14:09:25.0045 7076 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/05/31 14:09:25.0101 7076 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/05/31 14:09:25.0167 7076 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/05/31 14:09:25.0240 7076 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/05/31 14:09:25.0300 7076 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/05/31 14:09:25.0322 7076 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/05/31 14:09:25.0440 7076 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/05/31 14:09:25.0530 7076 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/05/31 14:09:25.0569 7076 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/05/31 14:09:25.0633 7076 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/05/31 14:09:25.0705 7076 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/05/31 14:09:25.0784 7076 btwaudio (14164c0cfd9d5a2704fdab93a9688630) C:\Windows\system32\drivers\btwaudio.sys
2011/05/31 14:09:25.0860 7076 btwavdt (94dc6e5f3f532c5054f078d845714129) C:\Windows\system32\drivers\btwavdt.sys
2011/05/31 14:09:25.0954 7076 btwl2cap (b9920fb30bcaff10c111654909b275c9) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/05/31 14:09:25.0971 7076 btwrchid (61e29ba977b972c9baa847cc11d48c3d) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/05/31 14:09:26.0044 7076 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/31 14:09:26.0125 7076 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/31 14:09:26.0164 7076 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/05/31 14:09:26.0257 7076 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/05/31 14:09:26.0377 7076 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/31 14:09:26.0448 7076 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/05/31 14:09:26.0495 7076 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/31 14:09:26.0528 7076 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/05/31 14:09:26.0609 7076 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/05/31 14:09:26.0730 7076 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/05/31 14:09:26.0819 7076 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/05/31 14:09:26.0935 7076 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
2011/05/31 14:09:27.0000 7076 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/05/31 14:09:27.0061 7076 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/31 14:09:27.0174 7076 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/05/31 14:09:27.0284 7076 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/05/31 14:09:27.0404 7076 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/05/31 14:09:27.0480 7076 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/05/31 14:09:27.0585 7076 esgiguard (051a2e2a75adb6d1c5c27e940fdabcba) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
2011/05/31 14:09:27.0746 7076 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/05/31 14:09:27.0833 7076 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/05/31 14:09:27.0904 7076 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/31 14:09:27.0968 7076 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/05/31 14:09:28.0046 7076 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/05/31 14:09:28.0111 7076 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/31 14:09:28.0186 7076 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/05/31 14:09:28.0343 7076 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/05/31 14:09:28.0400 7076 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/31 14:09:28.0446 7076 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/31 14:09:28.0545 7076 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/31 14:09:28.0682 7076 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/05/31 14:09:28.0810 7076 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/31 14:09:28.0864 7076 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/05/31 14:09:28.0980 7076 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/05/31 14:09:29.0018 7076 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/31 14:09:29.0053 7076 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/05/31 14:09:29.0151 7076 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/05/31 14:09:29.0258 7076 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/05/31 14:09:29.0360 7076 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/05/31 14:09:29.0432 7076 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/05/31 14:09:29.0487 7076 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/05/31 14:09:29.0574 7076 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/31 14:09:29.0608 7076 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\Windows\system32\DRIVERS\iaStor.sys
2011/05/31 14:09:29.0657 7076 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/05/31 14:09:29.0701 7076 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/05/31 14:09:29.0864 7076 IntcAzAudAddService (4a0f260df9a5333c07f4ab40ca9d4f4b) C:\Windows\system32\drivers\RTKVHDA.sys
2011/05/31 14:09:29.0993 7076 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/05/31 14:09:30.0068 7076 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/31 14:09:30.0109 7076 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/31 14:09:30.0238 7076 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/05/31 14:09:30.0312 7076 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/05/31 14:09:30.0388 7076 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/05/31 14:09:30.0463 7076 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/05/31 14:09:30.0565 7076 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/31 14:09:30.0636 7076 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/05/31 14:09:30.0700 7076 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/05/31 14:09:30.0777 7076 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/31 14:09:30.0849 7076 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/31 14:09:30.0948 7076 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/31 14:09:31.0018 7076 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/31 14:09:31.0107 7076 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/31 14:09:31.0178 7076 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/31 14:09:31.0251 7076 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/31 14:09:31.0332 7076 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/05/31 14:09:31.0426 7076 massfilter (6490fe1b088c7199a9b6ce0e04a98a8b) C:\Windows\system32\drivers\massfilter.sys
2011/05/31 14:09:31.0639 7076 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/05/31 14:09:31.0698 7076 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/05/31 14:09:31.0773 7076 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/05/31 14:09:31.0860 7076 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/05/31 14:09:31.0934 7076 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/31 14:09:32.0015 7076 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/31 14:09:32.0063 7076 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/31 14:09:32.0144 7076 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/05/31 14:09:32.0231 7076 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/05/31 14:09:32.0285 7076 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/31 14:09:32.0384 7076 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/05/31 14:09:32.0493 7076 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/05/31 14:09:32.0555 7076 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/31 14:09:32.0582 7076 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/31 14:09:32.0644 7076 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/31 14:09:32.0736 7076 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/05/31 14:09:32.0805 7076 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/05/31 14:09:32.0865 7076 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/05/31 14:09:32.0923 7076 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/05/31 14:09:33.0020 7076 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/31 14:09:33.0068 7076 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/31 14:09:33.0120 7076 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/05/31 14:09:33.0189 7076 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/05/31 14:09:33.0256 7076 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/31 14:09:33.0324 7076 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/05/31 14:09:33.0385 7076 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/05/31 14:09:33.0486 7076 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/31 14:09:33.0615 7076 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/05/31 14:09:33.0713 7076 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/31 14:09:33.0747 7076 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/31 14:09:33.0856 7076 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/31 14:09:33.0948 7076 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/05/31 14:09:33.0987 7076 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/31 14:09:34.0052 7076 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/31 14:09:34.0253 7076 NETw5v32 (ba420e8ebfcad35581fe8e4c64f71469) C:\Windows\system32\DRIVERS\NETw5v32.sys
2011/05/31 14:09:34.0400 7076 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/05/31 14:09:34.0553 7076 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/05/31 14:09:34.0587 7076 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/31 14:09:34.0684 7076 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/05/31 14:09:34.0834 7076 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/05/31 14:09:34.0887 7076 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/05/31 14:09:34.0945 7076 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/05/31 14:09:35.0055 7076 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/05/31 14:09:35.0098 7076 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/05/31 14:09:35.0181 7076 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/05/31 14:09:35.0288 7076 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/05/31 14:09:35.0360 7076 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/05/31 14:09:35.0383 7076 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/05/31 14:09:35.0432 7076 PCAMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\PCAMp50.sys
2011/05/31 14:09:35.0500 7076 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
2011/05/31 14:09:35.0581 7076 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/05/31 14:09:35.0626 7076 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/05/31 14:09:35.0671 7076 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/05/31 14:09:35.0802 7076 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/05/31 14:09:35.0945 7076 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/31 14:09:36.0028 7076 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/05/31 14:09:36.0124 7076 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/31 14:09:36.0178 7076 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2011/05/31 14:09:36.0322 7076 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/05/31 14:09:36.0408 7076 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/05/31 14:09:36.0500 7076 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/31 14:09:36.0562 7076 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/31 14:09:36.0615 7076 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/31 14:09:36.0696 7076 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/31 14:09:36.0796 7076 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/31 14:09:36.0897 7076 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/31 14:09:36.0960 7076 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/31 14:09:37.0027 7076 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/05/31 14:09:37.0091 7076 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/31 14:09:37.0177 7076 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/05/31 14:09:37.0265 7076 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
2011/05/31 14:09:37.0376 7076 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/05/31 14:09:37.0416 7076 rimsptsk (f7d9ecf41ebd3cf6c65944368150f66b) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/05/31 14:09:37.0450 7076 risdptsk (1be6c42767a7c67ba31ae32b293b37a3) C:\Windows\system32\DRIVERS\risdptsk.sys
2011/05/31 14:09:37.0719 7076 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/31 14:09:37.0810 7076 RTHDMIAzAudService (065a51298212455584f1811b033b617e) C:\Windows\system32\drivers\RtHDMIV.sys
2011/05/31 14:09:37.0895 7076 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/05/31 14:09:38.0008 7076 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/05/31 14:09:38.0099 7076 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/31 14:09:38.0143 7076 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/05/31 14:09:38.0206 7076 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/05/31 14:09:38.0270 7076 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/05/31 14:09:38.0389 7076 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
2011/05/31 14:09:38.0457 7076 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/05/31 14:09:38.0555 7076 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/31 14:09:38.0638 7076 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/31 14:09:38.0698 7076 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/31 14:09:38.0764 7076 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/05/31 14:09:38.0845 7076 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/05/31 14:09:38.0928 7076 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/05/31 14:09:39.0018 7076 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/05/31 14:09:39.0082 7076 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/05/31 14:09:39.0167 7076 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/05/31 14:09:39.0167 7076 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/05/31 14:09:39.0172 7076 sptd - detected LockedFile.Multi.Generic (1)
2011/05/31 14:09:39.0294 7076 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/05/31 14:09:39.0339 7076 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/31 14:09:39.0405 7076 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/31 14:09:39.0527 7076 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/31 14:09:39.0592 7076 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/05/31 14:09:39.0646 7076 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/05/31 14:09:39.0697 7076 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/05/31 14:09:39.0863 7076 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/05/31 14:09:39.0963 7076 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/31 14:09:40.0048 7076 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/31 14:09:40.0150 7076 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/05/31 14:09:40.0197 7076 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/05/31 14:09:40.0290 7076 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/31 14:09:40.0409 7076 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/31 14:09:40.0486 7076 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/31 14:09:40.0534 7076 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/05/31 14:09:40.0588 7076 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/31 14:09:40.0695 7076 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/05/31 14:09:40.0787 7076 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/31 14:09:40.0955 7076 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/31 14:09:41.0006 7076 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/05/31 14:09:41.0065 7076 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/05/31 14:09:41.0141 7076 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/05/31 14:09:41.0244 7076 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/31 14:09:41.0354 7076 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/05/31 14:09:41.0426 7076 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/31 14:09:41.0554 7076 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/05/31 14:09:41.0671 7076 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/31 14:09:41.0781 7076 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/31 14:09:41.0911 7076 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/05/31 14:09:42.0006 7076 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/31 14:09:42.0142 7076 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/31 14:09:42.0264 7076 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/31 14:09:42.0345 7076 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/31 14:09:42.0423 7076 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/05/31 14:09:42.0528 7076 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/31 14:09:42.0593 7076 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/05/31 14:09:42.0620 7076 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/05/31 14:09:42.0659 7076 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/05/31 14:09:42.0693 7076 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/05/31 14:09:42.0742 7076 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/05/31 14:09:42.0848 7076 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/05/31 14:09:42.0921 7076 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/05/31 14:09:42.0995 7076 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/05/31 14:09:43.0094 7076 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/05/31 14:09:43.0164 7076 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/31 14:09:43.0192 7076 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/31 14:09:43.0252 7076 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/05/31 14:09:43.0332 7076 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/31 14:09:43.0455 7076 WimFltr (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/05/31 14:09:43.0548 7076 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/05/31 14:09:43.0659 7076 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/31 14:09:43.0772 7076 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/05/31 14:09:43.0847 7076 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/31 14:09:43.0931 7076 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/31 14:09:44.0013 7076 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
2011/05/31 14:09:44.0103 7076 yukonwlh (67e3d2af24c3873e6a0cac89de78d63b) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/05/31 14:09:44.0172 7076 ZTEusbmdm6k (4692a3e087cf018808f376a3cc2128fa) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
2011/05/31 14:09:44.0258 7076 ZTEusbnmea (4692a3e087cf018808f376a3cc2128fa) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
2011/05/31 14:09:44.0346 7076 ZTEusbser6k (4692a3e087cf018808f376a3cc2128fa) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
2011/05/31 14:09:44.0406 7076 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/05/31 14:09:44.0424 7076 ================================================================================
2011/05/31 14:09:44.0424 7076 Scan finished
2011/05/31 14:09:44.0424 7076 ================================================================================
2011/05/31 14:09:44.0434 5944 Detected object count: 1
2011/05/31 14:09:44.0434 5944 Actual detected object count: 1
2011/05/31 14:09:59.0579 5944 LockedFile.Multi.Generic(sptd) - User select action: Skip
Merci pour ton aide, voici le rapport :
2011/05/31 14:09:13.0188 6276 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/05/31 14:09:13.0355 6276 ================================================================================
2011/05/31 14:09:13.0355 6276 SystemInfo:
2011/05/31 14:09:13.0355 6276
2011/05/31 14:09:13.0355 6276 OS Version: 6.0.6002 ServicePack: 2.0
2011/05/31 14:09:13.0355 6276 Product type: Workstation
2011/05/31 14:09:13.0355 6276 ComputerName: PC-DE-DAMIEN
2011/05/31 14:09:13.0355 6276 UserName: Damien
2011/05/31 14:09:13.0355 6276 Windows directory: C:\Windows
2011/05/31 14:09:13.0355 6276 System windows directory: C:\Windows
2011/05/31 14:09:13.0355 6276 Processor architecture: Intel x86
2011/05/31 14:09:13.0355 6276 Number of processors: 2
2011/05/31 14:09:13.0355 6276 Page size: 0x1000
2011/05/31 14:09:13.0355 6276 Boot type: Normal boot
2011/05/31 14:09:13.0355 6276 ================================================================================
2011/05/31 14:09:13.0993 6276 Initialize success
2011/05/31 14:09:21.0210 7076 ================================================================================
2011/05/31 14:09:21.0210 7076 Scan started
2011/05/31 14:09:21.0210 7076 Mode: Manual;
2011/05/31 14:09:21.0210 7076 ================================================================================
2011/05/31 14:09:23.0009 7076 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/05/31 14:09:23.0111 7076 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/05/31 14:09:23.0198 7076 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/05/31 14:09:23.0292 7076 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/05/31 14:09:23.0365 7076 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/05/31 14:09:23.0484 7076 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/05/31 14:09:23.0579 7076 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/05/31 14:09:23.0639 7076 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/05/31 14:09:23.0671 7076 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/05/31 14:09:23.0719 7076 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/05/31 14:09:23.0774 7076 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/05/31 14:09:23.0836 7076 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/05/31 14:09:23.0868 7076 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/05/31 14:09:23.0950 7076 ApfiltrService (9325e49d555d8f12ce1735227dbb3d80) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/05/31 14:09:24.0063 7076 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/05/31 14:09:24.0125 7076 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/05/31 14:09:24.0173 7076 ArcSoftKsUFilter (857b48965a0503b7ab795d4bfe7cbd8b) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
2011/05/31 14:09:24.0322 7076 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/31 14:09:24.0393 7076 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/05/31 14:09:24.0573 7076 atikmdag (9f66d1ba97911731133e46212539a08d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/31 14:09:24.0771 7076 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/05/31 14:09:24.0862 7076 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/05/31 14:09:24.0961 7076 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/31 14:09:25.0045 7076 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/05/31 14:09:25.0101 7076 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/05/31 14:09:25.0167 7076 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/05/31 14:09:25.0240 7076 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/05/31 14:09:25.0300 7076 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/05/31 14:09:25.0322 7076 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/05/31 14:09:25.0440 7076 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/05/31 14:09:25.0530 7076 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/05/31 14:09:25.0569 7076 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/05/31 14:09:25.0633 7076 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/05/31 14:09:25.0705 7076 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/05/31 14:09:25.0784 7076 btwaudio (14164c0cfd9d5a2704fdab93a9688630) C:\Windows\system32\drivers\btwaudio.sys
2011/05/31 14:09:25.0860 7076 btwavdt (94dc6e5f3f532c5054f078d845714129) C:\Windows\system32\drivers\btwavdt.sys
2011/05/31 14:09:25.0954 7076 btwl2cap (b9920fb30bcaff10c111654909b275c9) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/05/31 14:09:25.0971 7076 btwrchid (61e29ba977b972c9baa847cc11d48c3d) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/05/31 14:09:26.0044 7076 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/31 14:09:26.0125 7076 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/31 14:09:26.0164 7076 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/05/31 14:09:26.0257 7076 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/05/31 14:09:26.0377 7076 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/31 14:09:26.0448 7076 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/05/31 14:09:26.0495 7076 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/31 14:09:26.0528 7076 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/05/31 14:09:26.0609 7076 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/05/31 14:09:26.0730 7076 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/05/31 14:09:26.0819 7076 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/05/31 14:09:26.0935 7076 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
2011/05/31 14:09:27.0000 7076 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/05/31 14:09:27.0061 7076 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/31 14:09:27.0174 7076 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/05/31 14:09:27.0284 7076 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/05/31 14:09:27.0404 7076 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/05/31 14:09:27.0480 7076 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/05/31 14:09:27.0585 7076 esgiguard (051a2e2a75adb6d1c5c27e940fdabcba) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
2011/05/31 14:09:27.0746 7076 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/05/31 14:09:27.0833 7076 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/05/31 14:09:27.0904 7076 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/31 14:09:27.0968 7076 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/05/31 14:09:28.0046 7076 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/05/31 14:09:28.0111 7076 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/31 14:09:28.0186 7076 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/05/31 14:09:28.0343 7076 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/05/31 14:09:28.0400 7076 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/31 14:09:28.0446 7076 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/31 14:09:28.0545 7076 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/31 14:09:28.0682 7076 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/05/31 14:09:28.0810 7076 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/31 14:09:28.0864 7076 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/05/31 14:09:28.0980 7076 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/05/31 14:09:29.0018 7076 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/31 14:09:29.0053 7076 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/05/31 14:09:29.0151 7076 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/05/31 14:09:29.0258 7076 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/05/31 14:09:29.0360 7076 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/05/31 14:09:29.0432 7076 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/05/31 14:09:29.0487 7076 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/05/31 14:09:29.0574 7076 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/31 14:09:29.0608 7076 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\Windows\system32\DRIVERS\iaStor.sys
2011/05/31 14:09:29.0657 7076 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/05/31 14:09:29.0701 7076 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/05/31 14:09:29.0864 7076 IntcAzAudAddService (4a0f260df9a5333c07f4ab40ca9d4f4b) C:\Windows\system32\drivers\RTKVHDA.sys
2011/05/31 14:09:29.0993 7076 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/05/31 14:09:30.0068 7076 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/31 14:09:30.0109 7076 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/31 14:09:30.0238 7076 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/05/31 14:09:30.0312 7076 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/05/31 14:09:30.0388 7076 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/05/31 14:09:30.0463 7076 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/05/31 14:09:30.0565 7076 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/31 14:09:30.0636 7076 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/05/31 14:09:30.0700 7076 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/05/31 14:09:30.0777 7076 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/31 14:09:30.0849 7076 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/31 14:09:30.0948 7076 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/31 14:09:31.0018 7076 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/31 14:09:31.0107 7076 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/31 14:09:31.0178 7076 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/31 14:09:31.0251 7076 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/31 14:09:31.0332 7076 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/05/31 14:09:31.0426 7076 massfilter (6490fe1b088c7199a9b6ce0e04a98a8b) C:\Windows\system32\drivers\massfilter.sys
2011/05/31 14:09:31.0639 7076 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/05/31 14:09:31.0698 7076 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/05/31 14:09:31.0773 7076 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/05/31 14:09:31.0860 7076 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/05/31 14:09:31.0934 7076 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/31 14:09:32.0015 7076 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/31 14:09:32.0063 7076 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/31 14:09:32.0144 7076 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/05/31 14:09:32.0231 7076 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/05/31 14:09:32.0285 7076 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/31 14:09:32.0384 7076 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/05/31 14:09:32.0493 7076 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/05/31 14:09:32.0555 7076 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/31 14:09:32.0582 7076 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/31 14:09:32.0644 7076 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/31 14:09:32.0736 7076 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/05/31 14:09:32.0805 7076 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/05/31 14:09:32.0865 7076 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/05/31 14:09:32.0923 7076 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/05/31 14:09:33.0020 7076 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/31 14:09:33.0068 7076 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/31 14:09:33.0120 7076 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/05/31 14:09:33.0189 7076 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/05/31 14:09:33.0256 7076 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/31 14:09:33.0324 7076 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/05/31 14:09:33.0385 7076 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/05/31 14:09:33.0486 7076 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/31 14:09:33.0615 7076 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/05/31 14:09:33.0713 7076 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/31 14:09:33.0747 7076 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/31 14:09:33.0856 7076 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/31 14:09:33.0948 7076 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/05/31 14:09:33.0987 7076 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/31 14:09:34.0052 7076 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/31 14:09:34.0253 7076 NETw5v32 (ba420e8ebfcad35581fe8e4c64f71469) C:\Windows\system32\DRIVERS\NETw5v32.sys
2011/05/31 14:09:34.0400 7076 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/05/31 14:09:34.0553 7076 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/05/31 14:09:34.0587 7076 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/31 14:09:34.0684 7076 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/05/31 14:09:34.0834 7076 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/05/31 14:09:34.0887 7076 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/05/31 14:09:34.0945 7076 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/05/31 14:09:35.0055 7076 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/05/31 14:09:35.0098 7076 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/05/31 14:09:35.0181 7076 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/05/31 14:09:35.0288 7076 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/05/31 14:09:35.0360 7076 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/05/31 14:09:35.0383 7076 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/05/31 14:09:35.0432 7076 PCAMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\PCAMp50.sys
2011/05/31 14:09:35.0500 7076 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
2011/05/31 14:09:35.0581 7076 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/05/31 14:09:35.0626 7076 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/05/31 14:09:35.0671 7076 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/05/31 14:09:35.0802 7076 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/05/31 14:09:35.0945 7076 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/31 14:09:36.0028 7076 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/05/31 14:09:36.0124 7076 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/31 14:09:36.0178 7076 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2011/05/31 14:09:36.0322 7076 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/05/31 14:09:36.0408 7076 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/05/31 14:09:36.0500 7076 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/31 14:09:36.0562 7076 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/31 14:09:36.0615 7076 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/31 14:09:36.0696 7076 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/31 14:09:36.0796 7076 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/31 14:09:36.0897 7076 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/31 14:09:36.0960 7076 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/31 14:09:37.0027 7076 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/05/31 14:09:37.0091 7076 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/31 14:09:37.0177 7076 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/05/31 14:09:37.0265 7076 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
2011/05/31 14:09:37.0376 7076 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/05/31 14:09:37.0416 7076 rimsptsk (f7d9ecf41ebd3cf6c65944368150f66b) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/05/31 14:09:37.0450 7076 risdptsk (1be6c42767a7c67ba31ae32b293b37a3) C:\Windows\system32\DRIVERS\risdptsk.sys
2011/05/31 14:09:37.0719 7076 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/31 14:09:37.0810 7076 RTHDMIAzAudService (065a51298212455584f1811b033b617e) C:\Windows\system32\drivers\RtHDMIV.sys
2011/05/31 14:09:37.0895 7076 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/05/31 14:09:38.0008 7076 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/05/31 14:09:38.0099 7076 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/31 14:09:38.0143 7076 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/05/31 14:09:38.0206 7076 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/05/31 14:09:38.0270 7076 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/05/31 14:09:38.0389 7076 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
2011/05/31 14:09:38.0457 7076 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/05/31 14:09:38.0555 7076 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/31 14:09:38.0638 7076 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/31 14:09:38.0698 7076 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/31 14:09:38.0764 7076 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/05/31 14:09:38.0845 7076 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/05/31 14:09:38.0928 7076 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/05/31 14:09:39.0018 7076 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/05/31 14:09:39.0082 7076 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/05/31 14:09:39.0167 7076 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/05/31 14:09:39.0167 7076 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/05/31 14:09:39.0172 7076 sptd - detected LockedFile.Multi.Generic (1)
2011/05/31 14:09:39.0294 7076 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/05/31 14:09:39.0339 7076 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/31 14:09:39.0405 7076 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/31 14:09:39.0527 7076 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/31 14:09:39.0592 7076 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/05/31 14:09:39.0646 7076 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/05/31 14:09:39.0697 7076 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/05/31 14:09:39.0863 7076 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/05/31 14:09:39.0963 7076 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/31 14:09:40.0048 7076 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/31 14:09:40.0150 7076 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/05/31 14:09:40.0197 7076 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/05/31 14:09:40.0290 7076 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/31 14:09:40.0409 7076 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/31 14:09:40.0486 7076 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/31 14:09:40.0534 7076 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/05/31 14:09:40.0588 7076 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/31 14:09:40.0695 7076 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/05/31 14:09:40.0787 7076 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/31 14:09:40.0955 7076 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/31 14:09:41.0006 7076 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/05/31 14:09:41.0065 7076 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/05/31 14:09:41.0141 7076 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/05/31 14:09:41.0244 7076 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/31 14:09:41.0354 7076 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/05/31 14:09:41.0426 7076 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/31 14:09:41.0554 7076 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/05/31 14:09:41.0671 7076 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/31 14:09:41.0781 7076 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/31 14:09:41.0911 7076 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/05/31 14:09:42.0006 7076 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/31 14:09:42.0142 7076 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/31 14:09:42.0264 7076 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/31 14:09:42.0345 7076 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/31 14:09:42.0423 7076 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/05/31 14:09:42.0528 7076 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/31 14:09:42.0593 7076 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/05/31 14:09:42.0620 7076 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/05/31 14:09:42.0659 7076 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/05/31 14:09:42.0693 7076 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/05/31 14:09:42.0742 7076 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/05/31 14:09:42.0848 7076 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/05/31 14:09:42.0921 7076 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/05/31 14:09:42.0995 7076 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/05/31 14:09:43.0094 7076 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/05/31 14:09:43.0164 7076 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/31 14:09:43.0192 7076 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/31 14:09:43.0252 7076 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/05/31 14:09:43.0332 7076 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/31 14:09:43.0455 7076 WimFltr (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/05/31 14:09:43.0548 7076 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/05/31 14:09:43.0659 7076 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/31 14:09:43.0772 7076 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/05/31 14:09:43.0847 7076 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/31 14:09:43.0931 7076 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/31 14:09:44.0013 7076 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
2011/05/31 14:09:44.0103 7076 yukonwlh (67e3d2af24c3873e6a0cac89de78d63b) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/05/31 14:09:44.0172 7076 ZTEusbmdm6k (4692a3e087cf018808f376a3cc2128fa) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
2011/05/31 14:09:44.0258 7076 ZTEusbnmea (4692a3e087cf018808f376a3cc2128fa) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
2011/05/31 14:09:44.0346 7076 ZTEusbser6k (4692a3e087cf018808f376a3cc2128fa) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
2011/05/31 14:09:44.0406 7076 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/05/31 14:09:44.0424 7076 ================================================================================
2011/05/31 14:09:44.0424 7076 Scan finished
2011/05/31 14:09:44.0424 7076 ================================================================================
2011/05/31 14:09:44.0434 5944 Detected object count: 1
2011/05/31 14:09:44.0434 5944 Actual detected object count: 1
2011/05/31 14:09:59.0579 5944 LockedFile.Multi.Generic(sptd) - User select action: Skip
Utilisateur anonyme
31 mai 2011 à 15:43
31 mai 2011 à 15:43
bien
▶ Télécharge ici : USBFIX sur ton bureau
branche tous tes periphériques sans les ouvrir
/!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur l'icône Usbfix située sur ton Bureau.
Sur la page, clique sur le bouton :
▶ choisi l option Suppression
▶ UsbFix scannera ton pc , laisse travailler l outil.
▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
▶ Télécharge ici : USBFIX sur ton bureau
branche tous tes periphériques sans les ouvrir
/!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur l'icône Usbfix située sur ton Bureau.
Sur la page, clique sur le bouton :
▶ choisi l option Suppression
▶ UsbFix scannera ton pc , laisse travailler l outil.
▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 16:49
31 mai 2011 à 16:49
Merci d'avoir repondu aussi rapidement. J'ai donc branché mon disque dur externe ainsi que la clé USB. J'ai lancé USBFIX et récupéré le rapport suivant.
############################## | UsbFix 7.046 | [Suppression]
Utilisateur: Damien (Administrateur) # PC-DE-DAMIEN [Sony Corporation VGN-FW31M]
Mis à jour le 23/05/2011 par TeamXscript
Lancé à 15:32:27 | 31/05/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com
CPU: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 9.0.8112.16421
Pare-feu Windows: Activé
RAM -> 3038 Mo
C:\ (%systemdrive%) -> Disque fixe # 452 Go (62 Go libre(s) - 14%) [] # NTFS
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> Disque amovible # 2 Go (958 Mo libre(s) - 49%) [CLÉ DAMIEN] # FAT
I:\ -> Disque fixe # 149 Go (47 Go libre(s) - 32%) [OneTouch4 Mini] # NTFS
################## | Éléments infectieux |
Supprimé! H:\p3vwxx.exe
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1941956926-253637461-3214395946-1000
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2516653071-2643096751-4074674890-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3674761490-2031282660-2658447566-500
Supprimé! I:\$RECYCLE.BIN\S-1-5-21-1304357096-3042852843-3611164913-1000
Supprimé! I:\$RECYCLE.BIN\S-1-5-21-1941956926-253637461-3214395946-1000
Supprimé! I:\$RECYCLE.BIN\S-1-5-21-3260496981-2804128026-351734798-1000
Supprimé! I:\Recycler\S-1-5-21-2000309064-1333918737-2328010304-1006
Supprimé! I:\Recycler\S-1-5-21-3473305770-195660902-1396843343-1005
Supprimé! I:\Recycler\S-1-5-21-606747145-1214440339-839522115-1005
Supprimé! H:\a2g21.exe
Supprimé! H:\autorun.inf
################## | Registre |
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{29f7681c-3f9a-11df-9c92-001dbaac738d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{2f6fe32f-1909-11e0-aefb-001dbaac738d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{8291bcc3-b396-11de-952a-e833b90500fe}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{a40b5fb8-fcb2-11de-9639-001dbaac738d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{c5e36e75-b5cc-11df-a663-001dbaac738d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{cf1bc398-d6bc-11de-9637-00214fb787b3}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{d8802464-dbcd-11de-9c95-001dbaac738d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ffd3e46b-2f63-11df-8d5f-001dbaac738d}
################## | Listing |
[31/05/2011 - 15:42:30 | SHD ] C:\$Recycle.Bin
[18/09/2006 - 22:43:36 | N | 24] C:\autoexec.bat
[01/02/2010 - 16:47:05 | SHD ] C:\Boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[16/12/2008 - 20:30:00 | RAS | 8192] C:\BOOTSECT.BAK
[18/09/2006 - 22:43:37 | N | 10] C:\config.sys
[25/12/2008 - 06:04:44 | D ] C:\Documentation
[02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings
[31/05/2011 - 15:04:17 | ASH | 3186663424] C:\hiberfil.sys
[25/12/2008 - 05:26:21 | N | 187] C:\Installer_Setup.log
[03/04/2011 - 16:53:56 | D ] C:\Microgaming
[31/05/2011 - 15:04:15 | ASH | 3500269568] C:\pagefile.sys
[21/01/2008 - 03:32:31 | D ] C:\PerfLogs
[28/05/2011 - 15:11:17 | D ] C:\Poker
[26/03/2010 - 20:38:20 | D ] C:\Poker Application
[12/05/2011 - 19:21:58 | D ] C:\Program Files
[07/05/2011 - 16:48:18 | HD ] C:\ProgramData
[27/11/2009 - 15:58:27 | D ] C:\Programs
[10/04/2011 - 02:21:31 | D ] C:\Rummy Royal
[05/04/2011 - 15:24:46 | D ] C:\sh4ldr
[31/05/2011 - 12:56:27 | SHD ] C:\System Volume Information
[31/05/2011 - 15:42:30 | D ] C:\UsbFix
[31/05/2011 - 15:32:27 | A | 3552] C:\UsbFix.txt
[04/04/2009 - 09:53:35 | D ] C:\Users
[04/04/2009 - 19:46:39 | D ] C:\VAIO Entertainment
[25/12/2008 - 05:18:17 | N | 447278] C:\vcredist_x86.log
[03/05/2011 - 20:46:47 | D ] C:\Windows
[22/08/2007 - 15:39:46 | D ] H:\.Trashes
[22/08/2007 - 15:39:46 | N | 4096] H:\._.Trashes
[13/11/2009 - 18:10:42 | N | 12292] H:\.DS_Store
[11/09/2009 - 15:11:12 | D ] H:\.fseventsd
[13/11/2009 - 20:36:06 | D ] H:\.TemporaryItems
[30/10/2009 - 16:45:50 | N | 62128] H:\._m wave.jpg
[13/11/2009 - 20:36:06 | N | 82] H:\._.TemporaryItems
[13/11/2009 - 20:36:06 | N | 82] H:\._Orion de Glanville cv.doc
[12/02/2010 - 14:42:34 | N | 4096] H:\._friday 12.doc
[12/02/2010 - 15:16:40 | N | 4096] H:\._What is Osteopathy essayNNN.doc
[12/02/2010 - 15:35:10 | N | 4096] H:\._What is Osteopathy 1.docx
[12/02/2010 - 15:36:46 | N | 4096] H:\._What is Osteopathy 1.pdf
[05/04/2011 - 13:20:22 | N | 692640] H:\SpyHunter-Installer.exe
[05/04/2011 - 13:21:54 | N | 4096] H:\._SpyHunter-Installer.exe
[10/12/2010 - 19:25:08 | D ] H:\2nd year
[31/05/2011 - 15:42:30 | SHD ] I:\$RECYCLE.BIN
[28/06/2010 - 18:16:54 | N | 734590976] I:\Asterix Et Obelix - Mission Cleopatre.avi
[18/01/2006 - 17:51:55 | N | 173406208] I:\Bleach 54.avi
[19/01/2006 - 16:43:24 | N | 173541376] I:\Bleach 55.avi
[18/01/2006 - 12:19:34 | N | 173381632] I:\Bleach 56.avi
[14/04/2009 - 13:43:34 | SH | 79] I:\desktop.ini
[18/01/2010 - 22:48:54 | D ] I:\Film
[05/11/2006 - 20:50:24 | N | 731703296] I:\Inside Man.avi
[20/11/2008 - 09:09:02 | D ] I:\Jeux
[14/01/2006 - 16:32:18 | N | 732001466] I:\La Somme De Toutes Les Peurs (Ben Affleck, Morgan Freeman).avi
[17/01/2008 - 20:24:39 | D ] I:\msdownld.tmp
[15/05/2009 - 09:00:32 | D ] I:\Music
[15/05/2009 - 09:00:32 | D ] I:\Music javier
[02/07/2009 - 21:13:50 | N | 734044160] I:\Mysterious Skin.avi
[21/12/2008 - 02:39:56 | N | 726034310] I:\Napoleon Dynamite.avi
[07/11/2009 - 17:02:49 | D ] I:\Nouveau dossier
[07/11/2009 - 17:02:50 | D ] I:\Nouveau dossier1
[07/11/2009 - 17:08:48 | D ] I:\Nouveau dossier2
[07/11/2009 - 17:08:41 | D ] I:\Nouveau dossier3
[07/11/2009 - 17:08:25 | D ] I:\Nouveau dossier4
[07/11/2009 - 17:09:00 | D ] I:\Nouveau dossier5
[25/02/2008 - 03:14:21 | D ] I:\Photos
[31/05/2011 - 15:42:25 | SHD ] I:\RECYCLER
[07/11/2009 - 15:32:11 | SHD ] I:\System Volume Information
[15/05/2009 - 09:00:15 | ASH | 5632] I:\Thumbs.db
[18/01/2008 - 03:08:31 | D ] I:\WoW-BurningCrusade-enUS-Slim-Installer
[30/08/2007 - 16:39:20 | N | 230771288] I:\[DB-FR]Claymore_01.avi
[30/08/2007 - 23:25:18 | N | 206251564] I:\[DB-FR]Claymore_02.avi
[16/07/2007 - 00:35:06 | N | 205383680] I:\[DB-FR]Claymore_03.avi
[15/07/2007 - 22:05:22 | N | 201824256] I:\[DB-FR]Claymore_04.avi
[31/08/2007 - 15:35:02 | N | 205600768] I:\[DB-FR]Claymore_05.avi
[23/05/2007 - 01:25:48 | N | 215838720] I:\[DB-FR]Claymore_07.avi
[24/05/2007 - 11:34:34 | N | 179445760] I:\[DB-FR]Claymore_08.avi
[05/09/2007 - 11:19:02 | N | 232426582] I:\[DB-FR]Claymore_21.avi
[05/09/2007 - 11:09:46 | N | 232420070] I:\[DB-FR]Claymore_22.avi
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
H:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
I:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
############################## | UsbFix 7.046 | [Suppression]
Utilisateur: Damien (Administrateur) # PC-DE-DAMIEN [Sony Corporation VGN-FW31M]
Mis à jour le 23/05/2011 par TeamXscript
Lancé à 15:32:27 | 31/05/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com
CPU: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 9.0.8112.16421
Pare-feu Windows: Activé
RAM -> 3038 Mo
C:\ (%systemdrive%) -> Disque fixe # 452 Go (62 Go libre(s) - 14%) [] # NTFS
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> Disque amovible # 2 Go (958 Mo libre(s) - 49%) [CLÉ DAMIEN] # FAT
I:\ -> Disque fixe # 149 Go (47 Go libre(s) - 32%) [OneTouch4 Mini] # NTFS
################## | Éléments infectieux |
Supprimé! H:\p3vwxx.exe
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1941956926-253637461-3214395946-1000
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2516653071-2643096751-4074674890-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3674761490-2031282660-2658447566-500
Supprimé! I:\$RECYCLE.BIN\S-1-5-21-1304357096-3042852843-3611164913-1000
Supprimé! I:\$RECYCLE.BIN\S-1-5-21-1941956926-253637461-3214395946-1000
Supprimé! I:\$RECYCLE.BIN\S-1-5-21-3260496981-2804128026-351734798-1000
Supprimé! I:\Recycler\S-1-5-21-2000309064-1333918737-2328010304-1006
Supprimé! I:\Recycler\S-1-5-21-3473305770-195660902-1396843343-1005
Supprimé! I:\Recycler\S-1-5-21-606747145-1214440339-839522115-1005
Supprimé! H:\a2g21.exe
Supprimé! H:\autorun.inf
################## | Registre |
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{29f7681c-3f9a-11df-9c92-001dbaac738d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{2f6fe32f-1909-11e0-aefb-001dbaac738d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{8291bcc3-b396-11de-952a-e833b90500fe}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{a40b5fb8-fcb2-11de-9639-001dbaac738d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{c5e36e75-b5cc-11df-a663-001dbaac738d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{cf1bc398-d6bc-11de-9637-00214fb787b3}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{d8802464-dbcd-11de-9c95-001dbaac738d}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ffd3e46b-2f63-11df-8d5f-001dbaac738d}
################## | Listing |
[31/05/2011 - 15:42:30 | SHD ] C:\$Recycle.Bin
[18/09/2006 - 22:43:36 | N | 24] C:\autoexec.bat
[01/02/2010 - 16:47:05 | SHD ] C:\Boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[16/12/2008 - 20:30:00 | RAS | 8192] C:\BOOTSECT.BAK
[18/09/2006 - 22:43:37 | N | 10] C:\config.sys
[25/12/2008 - 06:04:44 | D ] C:\Documentation
[02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings
[31/05/2011 - 15:04:17 | ASH | 3186663424] C:\hiberfil.sys
[25/12/2008 - 05:26:21 | N | 187] C:\Installer_Setup.log
[03/04/2011 - 16:53:56 | D ] C:\Microgaming
[31/05/2011 - 15:04:15 | ASH | 3500269568] C:\pagefile.sys
[21/01/2008 - 03:32:31 | D ] C:\PerfLogs
[28/05/2011 - 15:11:17 | D ] C:\Poker
[26/03/2010 - 20:38:20 | D ] C:\Poker Application
[12/05/2011 - 19:21:58 | D ] C:\Program Files
[07/05/2011 - 16:48:18 | HD ] C:\ProgramData
[27/11/2009 - 15:58:27 | D ] C:\Programs
[10/04/2011 - 02:21:31 | D ] C:\Rummy Royal
[05/04/2011 - 15:24:46 | D ] C:\sh4ldr
[31/05/2011 - 12:56:27 | SHD ] C:\System Volume Information
[31/05/2011 - 15:42:30 | D ] C:\UsbFix
[31/05/2011 - 15:32:27 | A | 3552] C:\UsbFix.txt
[04/04/2009 - 09:53:35 | D ] C:\Users
[04/04/2009 - 19:46:39 | D ] C:\VAIO Entertainment
[25/12/2008 - 05:18:17 | N | 447278] C:\vcredist_x86.log
[03/05/2011 - 20:46:47 | D ] C:\Windows
[22/08/2007 - 15:39:46 | D ] H:\.Trashes
[22/08/2007 - 15:39:46 | N | 4096] H:\._.Trashes
[13/11/2009 - 18:10:42 | N | 12292] H:\.DS_Store
[11/09/2009 - 15:11:12 | D ] H:\.fseventsd
[13/11/2009 - 20:36:06 | D ] H:\.TemporaryItems
[30/10/2009 - 16:45:50 | N | 62128] H:\._m wave.jpg
[13/11/2009 - 20:36:06 | N | 82] H:\._.TemporaryItems
[13/11/2009 - 20:36:06 | N | 82] H:\._Orion de Glanville cv.doc
[12/02/2010 - 14:42:34 | N | 4096] H:\._friday 12.doc
[12/02/2010 - 15:16:40 | N | 4096] H:\._What is Osteopathy essayNNN.doc
[12/02/2010 - 15:35:10 | N | 4096] H:\._What is Osteopathy 1.docx
[12/02/2010 - 15:36:46 | N | 4096] H:\._What is Osteopathy 1.pdf
[05/04/2011 - 13:20:22 | N | 692640] H:\SpyHunter-Installer.exe
[05/04/2011 - 13:21:54 | N | 4096] H:\._SpyHunter-Installer.exe
[10/12/2010 - 19:25:08 | D ] H:\2nd year
[31/05/2011 - 15:42:30 | SHD ] I:\$RECYCLE.BIN
[28/06/2010 - 18:16:54 | N | 734590976] I:\Asterix Et Obelix - Mission Cleopatre.avi
[18/01/2006 - 17:51:55 | N | 173406208] I:\Bleach 54.avi
[19/01/2006 - 16:43:24 | N | 173541376] I:\Bleach 55.avi
[18/01/2006 - 12:19:34 | N | 173381632] I:\Bleach 56.avi
[14/04/2009 - 13:43:34 | SH | 79] I:\desktop.ini
[18/01/2010 - 22:48:54 | D ] I:\Film
[05/11/2006 - 20:50:24 | N | 731703296] I:\Inside Man.avi
[20/11/2008 - 09:09:02 | D ] I:\Jeux
[14/01/2006 - 16:32:18 | N | 732001466] I:\La Somme De Toutes Les Peurs (Ben Affleck, Morgan Freeman).avi
[17/01/2008 - 20:24:39 | D ] I:\msdownld.tmp
[15/05/2009 - 09:00:32 | D ] I:\Music
[15/05/2009 - 09:00:32 | D ] I:\Music javier
[02/07/2009 - 21:13:50 | N | 734044160] I:\Mysterious Skin.avi
[21/12/2008 - 02:39:56 | N | 726034310] I:\Napoleon Dynamite.avi
[07/11/2009 - 17:02:49 | D ] I:\Nouveau dossier
[07/11/2009 - 17:02:50 | D ] I:\Nouveau dossier1
[07/11/2009 - 17:08:48 | D ] I:\Nouveau dossier2
[07/11/2009 - 17:08:41 | D ] I:\Nouveau dossier3
[07/11/2009 - 17:08:25 | D ] I:\Nouveau dossier4
[07/11/2009 - 17:09:00 | D ] I:\Nouveau dossier5
[25/02/2008 - 03:14:21 | D ] I:\Photos
[31/05/2011 - 15:42:25 | SHD ] I:\RECYCLER
[07/11/2009 - 15:32:11 | SHD ] I:\System Volume Information
[15/05/2009 - 09:00:15 | ASH | 5632] I:\Thumbs.db
[18/01/2008 - 03:08:31 | D ] I:\WoW-BurningCrusade-enUS-Slim-Installer
[30/08/2007 - 16:39:20 | N | 230771288] I:\[DB-FR]Claymore_01.avi
[30/08/2007 - 23:25:18 | N | 206251564] I:\[DB-FR]Claymore_02.avi
[16/07/2007 - 00:35:06 | N | 205383680] I:\[DB-FR]Claymore_03.avi
[15/07/2007 - 22:05:22 | N | 201824256] I:\[DB-FR]Claymore_04.avi
[31/08/2007 - 15:35:02 | N | 205600768] I:\[DB-FR]Claymore_05.avi
[23/05/2007 - 01:25:48 | N | 215838720] I:\[DB-FR]Claymore_07.avi
[24/05/2007 - 11:34:34 | N | 179445760] I:\[DB-FR]Claymore_08.avi
[05/09/2007 - 11:19:02 | N | 232426582] I:\[DB-FR]Claymore_21.avi
[05/09/2007 - 11:09:46 | N | 232420070] I:\[DB-FR]Claymore_22.avi
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
H:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
I:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
31 mai 2011 à 17:22
31 mai 2011 à 17:22
desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu
Ferme toutes tes appilications en cours
telecharge et enregistre ceci sur ton bureau :
Pre_Scan
s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau
Avertissement: Il y aura une extinction courte du bureau --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr
Il se peut que l'outil soit un peu long sur la reattribution des fichiers tout depend combien tu en as , laisse-le travailler
Poste Pre_Scan.txt qui apparaitra sur le bureau en fin de scan
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
desactive Windows defender si présent
desactive ton pare-feu
Ferme toutes tes appilications en cours
telecharge et enregistre ceci sur ton bureau :
Pre_Scan
s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau
Avertissement: Il y aura une extinction courte du bureau --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr
Il se peut que l'outil soit un peu long sur la reattribution des fichiers tout depend combien tu en as , laisse-le travailler
Poste Pre_Scan.txt qui apparaitra sur le bureau en fin de scan
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 17:32
31 mai 2011 à 17:32
Merci encore pour ton temps et ton talent, je ne comprend rien a ce que je suis en train de faire mais c'est pas grave uhuh !! voici le lien :
http://www.cijoint.fr/cjlink.php?file=cj201105/cij4eoRbTZ.txt
http://www.cijoint.fr/cjlink.php?file=cj201105/cij4eoRbTZ.txt
Utilisateur anonyme
31 mai 2011 à 17:53
31 mai 2011 à 17:53
selectionne ce texte sans les lignes :
___________________________________________________
processes::
o22go2.exe
dsqah.exe
uxliqcem.exe
taskmgr.exe
system.exe
msmgm.exe
login.exe
gdi32.exe
sysmgm.exe
sysedit.exe
iexplarer.exe
user.exe
file::
C:\Users\Damien\AppData\Local\Temp\2uku0us2.tmp
C:\Users\Damien\AppData\Local\Temp\5wa0kkck.tmp
C:\Users\Damien\AppData\Local\Temp\7647hhxo.tmp
C:\Users\Damien\AppData\Local\Temp\9edxq6tb.tmp
C:\Users\Damien\AppData\Local\Temp\e4jE704.tmp_dir19363
C:\Users\Damien\AppData\Local\Temp\oe02h1gn.tmp
C:\Users\Damien\AppData\Local\Temp\svaci.tmp
G:\0fpdq2dw.exe
C:\Users\Damien\AppData\Roaming\2jkdpgsol2cgwggfizkvywk2mtbv13k2
C:\Users\Damien\AppData\Roaming\com.orbis.air.SkyPoker.7C82499D7E4526CADD9D1D1B010AFE250A7BEC27.1
C:\Users\Damien\AppData\Roaming\fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
C:\Users\Damien\AppData\Roaming\com.plutinosoft.idemo.plist
C:\Users\Damien\AppData\Roaming\k3v1xeeccx33ueskxuuhis31sqy2fil2
C:\Users\Damien\AppData\Roaming\szpsctfq2hiprennffquyz3jhudvs2b2
C:\ProgramData\c1v7b2004pcko3q46sg5by81ek78o4q
C:\Users\Damien\AppData\Local\c1v7b2004pcko3q46sg5by81ek78o4q
C:\Users\Damien\AppData\Local\Lcoholi.dat
C:\Users\Damien\AppData\Local\Temp(9)
folder::
C:\Users\Damien\AppData\Local\Temp\2uku0us2.tmp
C:\Users\Damien\AppData\Local\Temp\5wa0kkck.tmp
C:\Users\Damien\AppData\Local\Temp\7647hhxo.tmp
C:\Users\Damien\AppData\Local\Temp\9edxq6tb.tmp
C:\Users\Damien\AppData\Local\Temp\e4jE704.tmp_dir19363
C:\Users\Damien\AppData\Local\Temp\oe02h1gn.tmp
C:\Users\Damien\AppData\Local\Temp\svaci.tmp
C:\Users\Damien\AppData\Roaming\177BC1C26EE02EB618180B7495BCE45D
C:\Users\Damien\AppData\Roaming\com.orbis.air.SkyPoker.7C82499D7E4526CADD9D1D1B010AFE250A7BEC27.1
C:\Users\Damien\AppData\Roaming\fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
C:\Users\Damien\AppData\Roaming\com.plutinosoft.idemo.plist
C:\Users\Damien\AppData\Roaming\Ilyqe
C:\Users\Damien\AppData\Roaming\OfferBox
C:\Users\Damien\AppData\Roaming\Tuikde
C:\Users\Damien\AppData\Roaming\ZqWare
Host::
dns::
___________________________________________________
copie-le (ctrl+c) puis lance Pre_Script qui est sur ton bureau
colle dans le document texte qui s'ouvre , puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte
poste Pre_Script.txt qui apparaitra à coté de l'executable en fin de travail
___________________________________________________
processes::
o22go2.exe
dsqah.exe
uxliqcem.exe
taskmgr.exe
system.exe
msmgm.exe
login.exe
gdi32.exe
sysmgm.exe
sysedit.exe
iexplarer.exe
user.exe
file::
C:\Users\Damien\AppData\Local\Temp\2uku0us2.tmp
C:\Users\Damien\AppData\Local\Temp\5wa0kkck.tmp
C:\Users\Damien\AppData\Local\Temp\7647hhxo.tmp
C:\Users\Damien\AppData\Local\Temp\9edxq6tb.tmp
C:\Users\Damien\AppData\Local\Temp\e4jE704.tmp_dir19363
C:\Users\Damien\AppData\Local\Temp\oe02h1gn.tmp
C:\Users\Damien\AppData\Local\Temp\svaci.tmp
G:\0fpdq2dw.exe
C:\Users\Damien\AppData\Roaming\2jkdpgsol2cgwggfizkvywk2mtbv13k2
C:\Users\Damien\AppData\Roaming\com.orbis.air.SkyPoker.7C82499D7E4526CADD9D1D1B010AFE250A7BEC27.1
C:\Users\Damien\AppData\Roaming\fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
C:\Users\Damien\AppData\Roaming\com.plutinosoft.idemo.plist
C:\Users\Damien\AppData\Roaming\k3v1xeeccx33ueskxuuhis31sqy2fil2
C:\Users\Damien\AppData\Roaming\szpsctfq2hiprennffquyz3jhudvs2b2
C:\ProgramData\c1v7b2004pcko3q46sg5by81ek78o4q
C:\Users\Damien\AppData\Local\c1v7b2004pcko3q46sg5by81ek78o4q
C:\Users\Damien\AppData\Local\Lcoholi.dat
C:\Users\Damien\AppData\Local\Temp(9)
folder::
C:\Users\Damien\AppData\Local\Temp\2uku0us2.tmp
C:\Users\Damien\AppData\Local\Temp\5wa0kkck.tmp
C:\Users\Damien\AppData\Local\Temp\7647hhxo.tmp
C:\Users\Damien\AppData\Local\Temp\9edxq6tb.tmp
C:\Users\Damien\AppData\Local\Temp\e4jE704.tmp_dir19363
C:\Users\Damien\AppData\Local\Temp\oe02h1gn.tmp
C:\Users\Damien\AppData\Local\Temp\svaci.tmp
C:\Users\Damien\AppData\Roaming\177BC1C26EE02EB618180B7495BCE45D
C:\Users\Damien\AppData\Roaming\com.orbis.air.SkyPoker.7C82499D7E4526CADD9D1D1B010AFE250A7BEC27.1
C:\Users\Damien\AppData\Roaming\fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
C:\Users\Damien\AppData\Roaming\com.plutinosoft.idemo.plist
C:\Users\Damien\AppData\Roaming\Ilyqe
C:\Users\Damien\AppData\Roaming\OfferBox
C:\Users\Damien\AppData\Roaming\Tuikde
C:\Users\Damien\AppData\Roaming\ZqWare
Host::
dns::
___________________________________________________
copie-le (ctrl+c) puis lance Pre_Script qui est sur ton bureau
colle dans le document texte qui s'ouvre , puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte
poste Pre_Script.txt qui apparaitra à coté de l'executable en fin de travail
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 18:18
31 mai 2011 à 18:18
J'ai un probleme, quand j'enregistre le text ci dessus dans Pre_script le bureau disparait et rien ne se passe. Le seul moyen de revenir est ctrl+alt+suppr et fermeture de session. Quand je re ouvre la sesson j'ai deux fichier text qui apparaissent :
1er
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787
2nd
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787
1er
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787
2nd
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 18:37
31 mai 2011 à 18:37
oui j'ai ré essayer et je fais bien enregistrer, et ca ne marche pas :(
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 18:37
31 mai 2011 à 18:37
En fait je fais enregistrer et ca plante quand je ferme la fenetre
Utilisateur anonyme
31 mai 2011 à 18:53
31 mai 2011 à 18:53
note la manip dans un document texte et essaie de la faire en mode sans echec
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 19:46
31 mai 2011 à 19:46
Même chose en mode sans echec ;(
Utilisateur anonyme
31 mai 2011 à 19:54
31 mai 2011 à 19:54
/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\
__________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================
▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur
Telecharge ici : Combofix
Avant d'utiliser ComboFix :
Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n'est pas suffisante.
Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\
Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :
▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau
▶ Lance le
Une fenêtre apparait : clique sur "Disable"
▶ Fais redémarrer l'ordinateur si l'outil te le demande
Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"
_________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur combofix renommé
¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤
▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!
▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 20:29
31 mai 2011 à 20:29
Et voila le rapport ComboFix :
ComboFix 11-05-31.01 - Damien 31/05/2011 19:15:20.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3038.2033 [GMT 1:00]
Lancé depuis: c:\users\Damien\Desktop\damien.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Damien\AppData\Local\{8BA077FE-C22E-4CA3-BC98-1B421B452F03}
c:\users\Damien\AppData\Local\{8BA077FE-C22E-4CA3-BC98-1B421B452F03}\chrome.manifest
c:\users\Damien\AppData\Local\{8BA077FE-C22E-4CA3-BC98-1B421B452F03}\chrome\content\_cfg.js
c:\users\Damien\AppData\Local\{8BA077FE-C22E-4CA3-BC98-1B421B452F03}\chrome\content\overlay.xul
c:\users\Damien\AppData\Local\{8BA077FE-C22E-4CA3-BC98-1B421B452F03}\install.rdf
c:\users\Damien\AppData\Roaming\177BC1C26EE02EB618180B7495BCE45D
c:\users\Damien\AppData\Roaming\177BC1C26EE02EB618180B7495BCE45D\enemies-names.txt
c:\users\Damien\AppData\Roaming\177BC1C26EE02EB618180B7495BCE45D\local.ini
c:\users\Damien\AppData\Roaming\Ilyqe\dero.exe
c:\users\Damien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
c:\users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk
c:\users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igfxtray.exe
c:\users\Damien\AppData\Roaming\OfferBox
c:\users\Damien\AppData\Roaming\OfferBox\config.xml
c:\users\Damien\AppData\Roaming\Sun\dexlovlj93.dll
c:\users\Damien\AppData\Roaming\Sun\mnj.dat
c:\users\Damien\AppData\Roaming\Sun\mxd1.txt
c:\users\Damien\AppData\Roaming\Sun\ppkk.dat
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-28 au 2011-05-31 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-31 18:24 . 2011-05-31 18:24 -------- d-----w- c:\users\Damien\AppData\Local\temp
2011-05-31 18:24 . 2011-05-31 18:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-31 18:00 . 2011-05-31 18:03 -------- d-----w- C:\damien
2011-05-31 18:00 . 2011-05-31 18:11 -------- d-----w- C:\32788R22FWJFW
2011-05-31 15:27 . 2011-05-31 17:42 -------- d-----w- C:\Kill'em
2011-05-31 15:23 . 2011-05-31 15:23 -------- d-----w- c:\users\Damien\AppData\Local\{C5632D0C-79FB-4AC5-ADA0-1CA6DFFD70FD}
2011-05-31 13:57 . 2011-05-31 14:48 -------- d-----w- C:\UsbFix
2011-05-31 11:56 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7983AED0-B8AC-45AC-9DB9-24F68AC19800}\mpengine.dll
2011-05-30 12:38 . 2011-05-30 12:38 -------- d-----w- c:\users\Damien\AppData\Local\{2BF1FD85-BA94-48C0-BCC3-0FE77EA20305}
2011-05-30 01:08 . 2011-05-30 01:08 -------- d-----w- c:\users\Damien\AppData\Local\{22436C50-B521-4756-B7EC-75639F55716D}
2011-05-29 13:08 . 2011-05-29 13:08 -------- d-----w- c:\users\Damien\AppData\Local\{4A1CF0CA-E3A5-484F-9ACF-9F5988D1F044}
2011-05-29 11:15 . 2011-05-29 11:15 -------- d-----w- c:\users\Damien\AppData\Local\{19E7ED65-D3C0-4C81-9FC1-3AFABE23B551}
2011-05-27 13:40 . 2011-05-27 13:40 -------- d-----w- c:\users\Damien\AppData\Local\{5F9E5AB1-E602-4019-BF85-A84D3A4AEFBC}
2011-05-26 11:48 . 2011-05-26 11:48 -------- d-----w- c:\users\Damien\AppData\Local\{D0E44424-BAFB-4FA4-9CB6-4B3E4152B9C9}
2011-05-25 23:43 . 2011-05-25 23:44 -------- d-----w- c:\users\Damien\AppData\Local\{73A2F7E5-4E17-41F8-852F-049A3BE80219}
2011-05-24 09:37 . 2011-05-24 09:37 -------- d-----w- c:\users\Damien\AppData\Local\{150C25C1-424E-4D24-8C36-2E9D6F538041}
2011-05-22 14:53 . 2011-05-22 14:53 -------- d-----w- c:\users\Damien\AppData\Local\{431AF714-59CC-483C-939D-DEEB055ACC2E}
2011-05-21 15:07 . 2011-05-21 15:07 -------- d-----w- c:\users\Damien\AppData\Local\{11BE5608-9C5B-487C-AF3A-1090CF1518F0}
2011-05-20 11:47 . 2011-05-20 11:47 -------- d-----w- c:\users\Damien\AppData\Local\{422CBDA2-CFE9-4ACC-BB5F-E0B535F734DA}
2011-05-19 18:18 . 2011-05-19 18:19 -------- d-----w- c:\users\Damien\AppData\Local\{57874E08-4D3B-431A-8CB4-6E2E554CD270}
2011-05-18 22:30 . 2011-05-18 22:30 -------- d-----w- c:\users\Damien\AppData\Local\{72FB0585-8372-4F56-884D-27FECB8E3664}
2011-05-16 11:00 . 2011-05-16 11:01 -------- d-----w- c:\users\Damien\AppData\Local\{1DD6C5BC-68F0-4390-92A0-BB557F4CB3E5}
2011-05-15 18:53 . 2011-05-15 18:53 -------- d-----w- c:\users\Damien\AppData\Local\{A712AE6F-8EDE-4F34-8333-F5AD403F6D06}
2011-05-14 13:03 . 2011-05-14 13:03 -------- d-----w- c:\users\Damien\AppData\Local\{0E7EA45C-E428-4C57-B3EB-F5DD3CB8CA8E}
2011-05-12 18:22 . 2011-05-12 18:22 -------- d-----w- c:\users\Damien\AppData\Roaming\fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
2011-05-12 18:22 . 2011-05-12 18:22 -------- d-----w- c:\users\Damien\BarrierePoker.fr
2011-05-12 18:21 . 2011-05-12 18:22 -------- d-----w- c:\program files\BarrierePoker.fr
2011-05-12 18:14 . 2011-05-12 18:14 -------- d-----w- c:\users\Damien\AppData\Local\{C4DA003A-2B6F-4BB7-B3E8-B3F6A4C98A2C}
2011-05-11 10:41 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-10 22:49 . 2011-05-10 22:49 -------- d-----w- c:\users\Damien\AppData\Local\{1791DBD3-D5E3-49CA-8646-601341A8D2A2}
2011-05-10 10:48 . 2011-05-10 10:49 -------- d-----w- c:\users\Damien\AppData\Local\{84DA3F3B-D242-4E87-B7E8-27B228FC355D}
2011-05-07 15:48 . 2011-05-07 15:48 -------- d-----w- c:\users\Damien\AppData\Local\Boss Media
2011-05-07 15:48 . 2011-05-07 15:48 -------- d-----w- c:\programdata\Boss Media
2011-05-07 15:48 . 2011-05-28 14:08 -------- d-----w- c:\program files\Poker.co.uk
2011-05-05 09:28 . 2011-05-05 09:28 -------- d-----w- c:\users\Damien\AppData\Local\{C7CDAC95-2C8C-4EE5-B598-EF825938767A}
2011-05-04 11:33 . 2011-05-04 11:34 -------- d-----w- c:\users\Damien\AppData\Local\{6C79C2BB-EBED-4FA9-869E-CB6B91256058}
2011-05-03 19:45 . 2011-05-03 19:45 -------- d-----w- c:\users\Damien\AppData\Local\{5BF85459-D33F-4D48-B23D-0513EE061F8A}
2011-05-03 18:55 . 2011-05-03 18:55 -------- d-----w- c:\users\Damien\AppData\Roaming\com.orbis.air.SkyPoker.7C82499D7E4526CADD9D1D1B010AFE250A7BEC27.1
2011-05-03 18:55 . 2011-05-03 18:55 -------- d-----w- c:\users\Damien\SkyPokerLogs
2011-05-03 18:55 . 2011-05-03 18:55 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-05-02 19:12 . 2011-05-02 19:12 -------- d-----w- c:\users\Damien\AppData\Local\{DCDFAF0C-FBDB-4C59-A29A-B3DA5BD6B2C9}
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-03 11:05 . 2011-04-12 21:12 0 ----a-w- c:\users\Damien\AppData\Local\Jdoga.bin
2011-04-22 10:01 . 2011-04-22 10:01 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-22 10:01 . 2011-04-22 10:01 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-22 10:01 . 2011-04-22 10:01 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-22 10:01 . 2011-04-22 10:01 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-22 10:01 . 2011-04-22 10:01 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-22 10:01 . 2011-04-22 10:01 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-22 10:01 . 2011-04-22 10:01 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-22 10:01 . 2011-04-22 10:01 367104 ----a-w- c:\windows\system32\html.iec
2011-04-22 10:01 . 2011-04-22 10:01 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-22 10:01 . 2011-04-22 10:01 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-22 10:01 . 2011-04-22 10:01 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-22 10:01 . 2011-04-22 10:01 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-22 10:01 . 2011-04-22 10:01 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-22 10:01 . 2011-04-22 10:01 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-22 10:01 . 2011-04-22 10:01 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-22 10:01 . 2011-04-22 10:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-22 10:01 . 2011-04-22 10:01 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-22 10:01 . 2011-04-22 10:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-22 10:01 . 2011-04-22 10:01 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-22 10:01 . 2011-04-22 10:01 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-22 10:01 . 2011-04-22 10:01 101888 ----a-w- c:\windows\system32\admparse.dll
2011-03-13 14:38 . 2010-06-24 11:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-12 21:55 . 2011-04-27 13:49 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-10 17:03 . 2011-04-12 21:16 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:03 . 2011-04-12 21:16 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-03-05 03:20 . 2011-03-05 03:20 8704 ----a-w- c:\windows\system32\SpOrder.dll
2011-03-05 03:20 . 2011-03-05 03:20 73728 ----a-w- c:\windows\system32\VistaInfo32.dll
2011-03-03 15:42 . 2011-04-12 21:12 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:40 . 2011-04-27 13:49 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-03-03 15:40 . 2011-04-27 13:49 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-27 13:49 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-27 13:49 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-27 13:49 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:35 . 2011-04-27 13:49 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-03-03 13:25 . 2011-04-12 21:13 2041856 ----a-w- c:\windows\system32\win32k.sys
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2010-07-08 21:34 . 2009-12-01 18:17 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-25 39408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-05 17:32 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Damien^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Antimalware Doctor.lnk]
path=c:\users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
backup=c:\windows\pss\Antimalware Doctor.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Damien^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MaxiVista Démo Programme d'affichage All.lnk]
path=c:\users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MaxiVista Démo Programme d'affichage All.lnk
backup=c:\windows\pss\MaxiVista Démo Programme d'affichage All.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Damien^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2008-09-30 00:04 122880 ----a-w- c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-02-17 19:37 177472 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2008-04-03 19:32 317280 ----a-w- c:\program files\sony\ISB Utility\ISBMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-01 06:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MarketingTools]
2008-12-25 04:50 24576 ----a-w- c:\program files\sony\Marketing Tools\MarketingTools.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-10-17 10:28 6295552 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2008-10-17 10:29 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-12-25 04:31 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-10-21 29736]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-08 30192]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2008-08-22 7168]
R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-10-21 103712]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-10-21 353568]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-10-21 62752]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-10-01 369952]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-09-19 83232]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R4 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-01 691696]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [2008-12-04 303104]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S2 RtkAudioService;Realtek Audio Service;c:\windows\RtkAudioService.exe [2008-10-17 102400]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-10-17 415584]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-09-11 446464]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 17920]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-08-28 3664384]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-08-22 9344]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2011-04-22 10:01 114176 ----a-w- c:\windows\System32\advpack.dll
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 12:51]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 12:51]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Trusted Zone: orange.fr
TCP: DhcpNameServer = 192.168.0.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
FF - ProfilePath - c:\users\Damien\AppData\Roaming\Mozilla\Firefox\Profiles\l6ak3tfm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2504091&SearchSource=13
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-{251EEB85-0F3E-4374-562E-41EB2A80811A} - c:\users\Damien\AppData\Roaming\Ilyqe\dero.exe
HKCU-Run-lpc - c:\users\Damien\AppData\Roaming\Sun\dexlovlj93.dll
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
MSConfigStartUp-Adobe Acrobat Speed Launcher - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
MSConfigStartUp-LvbmZkfgme - c:\users\Damien\AppData\Local\Temp\avp.exe
MSConfigStartUp-LvbmZkfgmSc - c:\users\Damien\AppData\Local\Temp\avp32.exe
MSConfigStartUp-LvbmZkfgnoc - c:\users\Damien\AppData\Local\Temp\debug.exe
MSConfigStartUp-LvbmZkfgnrc - c:\users\Damien\AppData\Local\Temp\dsqah.exe
MSConfigStartUp-LvbmZkfgnsc - c:\users\Damien\AppData\Local\Temp\drweb.exe
MSConfigStartUp-LvbmZkfgnyc - c:\users\Damien\AppData\Local\Temp\csrss.exe
MSConfigStartUp-LvbmZkfgnZ - c:\users\Damien\AppData\Local\Temp\cmd.exe
MSConfigStartUp-LvbmZkfgoMc - c:\users\Damien\AppData\Local\Temp\gdi32.exe
MSConfigStartUp-LvbmZkfgotc - c:\users\Damien\AppData\Local\Temp\hexdump.exe
MSConfigStartUp-LvbmZkfgouqc - c:\users\Damien\AppData\Local\Temp\iexplarer.exe
MSConfigStartUp-LvbmZkfgprc - c:\users\Damien\AppData\Local\Temp\login.exe
MSConfigStartUp-LvbmZkfgptc - c:\users\Damien\AppData\Local\Temp\msmgm.exe
MSConfigStartUp-LvbmZkfgpuc - c:\users\Damien\AppData\Local\Temp\lsass.exe
MSConfigStartUp-LvbmZkfgpw+ - c:\users\Damien\AppData\Local\Temp\nvsvc32.exe
MSConfigStartUp-LvbmZkfgpZ - c:\users\Damien\AppData\Local\Temp\mdm.exe
MSConfigStartUp-LvbmZkfgqOP - c:\users\Damien\AppData\Local\Temp\o22go2.exe
MSConfigStartUp-LvbmZkfgre - c:\users\Damien\AppData\Local\Temp\user.exe
MSConfigStartUp-LvbmZkfgrg - c:\users\Damien\AppData\Local\Temp\smss.exe
MSConfigStartUp-LvbmZkfgrrb - c:\users\Damien\AppData\Local\Temp\taskmgr.exe
MSConfigStartUp-LvbmZkfgrse - c:\users\Damien\AppData\Local\Temp\svchost.exe
MSConfigStartUp-LvbmZkfgrta - c:\users\Damien\AppData\Local\Temp\services.exe
MSConfigStartUp-LvbmZkfgrtc - c:\users\Damien\AppData\Local\Temp\sysedit.exe
MSConfigStartUp-LvbmZkfgruf - c:\users\Damien\AppData\Local\Temp\spoolsv.exe
MSConfigStartUp-LvbmZkfgrvY - c:\users\Damien\AppData\Local\Temp\uxliqcem.exe
MSConfigStartUp-LvbmZkfgrwe - c:\users\Damien\AppData\Local\Temp\sysmgm.exe
MSConfigStartUp-LvbmZkfgrxe - c:\users\Damien\AppData\Local\Temp\system.exe
MSConfigStartUp-LvbmZkfgsa - c:\users\Damien\AppData\Local\Temp\win.exe
MSConfigStartUp-LvbmZkfgsPc - c:\users\Damien\AppData\Local\Temp\win32.exe
MSConfigStartUp-LvbmZkfgspe - c:\users\Damien\AppData\Local\Temp\winamp.exe
MSConfigStartUp-LvbmZkfgsre - c:\users\Damien\AppData\Local\Temp\wininst.exe
MSConfigStartUp-LvbmZkfgssc - c:\users\Damien\AppData\Local\Temp\winlogon.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
MSConfigStartUp-McENUI - c:\progra~1\McAfee\MHN\McENUI.exe
MSConfigStartUp-Nbitevadaza - c:\users\Damien\AppData\Local\ebeyojoqoziyije.dll
MSConfigStartUp-{251EEB85-0F3E-4374-562E-41EB2A80811A} - c:\users\Damien\AppData\Roaming\Ilyqe\dero.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-31 19:24
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000003d
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-05-31 19:28:40
ComboFix-quarantined-files.txt 2011-05-31 18:28
.
Avant-CF: 52 158 652 416 octets libres
Après-CF: 52 346 470 400 octets libres
.
- - End Of File - - E1AAB94B3D6F58B9790C30EED680E7E4
ComboFix 11-05-31.01 - Damien 31/05/2011 19:15:20.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3038.2033 [GMT 1:00]
Lancé depuis: c:\users\Damien\Desktop\damien.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Damien\AppData\Local\{8BA077FE-C22E-4CA3-BC98-1B421B452F03}
c:\users\Damien\AppData\Local\{8BA077FE-C22E-4CA3-BC98-1B421B452F03}\chrome.manifest
c:\users\Damien\AppData\Local\{8BA077FE-C22E-4CA3-BC98-1B421B452F03}\chrome\content\_cfg.js
c:\users\Damien\AppData\Local\{8BA077FE-C22E-4CA3-BC98-1B421B452F03}\chrome\content\overlay.xul
c:\users\Damien\AppData\Local\{8BA077FE-C22E-4CA3-BC98-1B421B452F03}\install.rdf
c:\users\Damien\AppData\Roaming\177BC1C26EE02EB618180B7495BCE45D
c:\users\Damien\AppData\Roaming\177BC1C26EE02EB618180B7495BCE45D\enemies-names.txt
c:\users\Damien\AppData\Roaming\177BC1C26EE02EB618180B7495BCE45D\local.ini
c:\users\Damien\AppData\Roaming\Ilyqe\dero.exe
c:\users\Damien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
c:\users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk
c:\users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igfxtray.exe
c:\users\Damien\AppData\Roaming\OfferBox
c:\users\Damien\AppData\Roaming\OfferBox\config.xml
c:\users\Damien\AppData\Roaming\Sun\dexlovlj93.dll
c:\users\Damien\AppData\Roaming\Sun\mnj.dat
c:\users\Damien\AppData\Roaming\Sun\mxd1.txt
c:\users\Damien\AppData\Roaming\Sun\ppkk.dat
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-28 au 2011-05-31 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-31 18:24 . 2011-05-31 18:24 -------- d-----w- c:\users\Damien\AppData\Local\temp
2011-05-31 18:24 . 2011-05-31 18:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-31 18:00 . 2011-05-31 18:03 -------- d-----w- C:\damien
2011-05-31 18:00 . 2011-05-31 18:11 -------- d-----w- C:\32788R22FWJFW
2011-05-31 15:27 . 2011-05-31 17:42 -------- d-----w- C:\Kill'em
2011-05-31 15:23 . 2011-05-31 15:23 -------- d-----w- c:\users\Damien\AppData\Local\{C5632D0C-79FB-4AC5-ADA0-1CA6DFFD70FD}
2011-05-31 13:57 . 2011-05-31 14:48 -------- d-----w- C:\UsbFix
2011-05-31 11:56 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7983AED0-B8AC-45AC-9DB9-24F68AC19800}\mpengine.dll
2011-05-30 12:38 . 2011-05-30 12:38 -------- d-----w- c:\users\Damien\AppData\Local\{2BF1FD85-BA94-48C0-BCC3-0FE77EA20305}
2011-05-30 01:08 . 2011-05-30 01:08 -------- d-----w- c:\users\Damien\AppData\Local\{22436C50-B521-4756-B7EC-75639F55716D}
2011-05-29 13:08 . 2011-05-29 13:08 -------- d-----w- c:\users\Damien\AppData\Local\{4A1CF0CA-E3A5-484F-9ACF-9F5988D1F044}
2011-05-29 11:15 . 2011-05-29 11:15 -------- d-----w- c:\users\Damien\AppData\Local\{19E7ED65-D3C0-4C81-9FC1-3AFABE23B551}
2011-05-27 13:40 . 2011-05-27 13:40 -------- d-----w- c:\users\Damien\AppData\Local\{5F9E5AB1-E602-4019-BF85-A84D3A4AEFBC}
2011-05-26 11:48 . 2011-05-26 11:48 -------- d-----w- c:\users\Damien\AppData\Local\{D0E44424-BAFB-4FA4-9CB6-4B3E4152B9C9}
2011-05-25 23:43 . 2011-05-25 23:44 -------- d-----w- c:\users\Damien\AppData\Local\{73A2F7E5-4E17-41F8-852F-049A3BE80219}
2011-05-24 09:37 . 2011-05-24 09:37 -------- d-----w- c:\users\Damien\AppData\Local\{150C25C1-424E-4D24-8C36-2E9D6F538041}
2011-05-22 14:53 . 2011-05-22 14:53 -------- d-----w- c:\users\Damien\AppData\Local\{431AF714-59CC-483C-939D-DEEB055ACC2E}
2011-05-21 15:07 . 2011-05-21 15:07 -------- d-----w- c:\users\Damien\AppData\Local\{11BE5608-9C5B-487C-AF3A-1090CF1518F0}
2011-05-20 11:47 . 2011-05-20 11:47 -------- d-----w- c:\users\Damien\AppData\Local\{422CBDA2-CFE9-4ACC-BB5F-E0B535F734DA}
2011-05-19 18:18 . 2011-05-19 18:19 -------- d-----w- c:\users\Damien\AppData\Local\{57874E08-4D3B-431A-8CB4-6E2E554CD270}
2011-05-18 22:30 . 2011-05-18 22:30 -------- d-----w- c:\users\Damien\AppData\Local\{72FB0585-8372-4F56-884D-27FECB8E3664}
2011-05-16 11:00 . 2011-05-16 11:01 -------- d-----w- c:\users\Damien\AppData\Local\{1DD6C5BC-68F0-4390-92A0-BB557F4CB3E5}
2011-05-15 18:53 . 2011-05-15 18:53 -------- d-----w- c:\users\Damien\AppData\Local\{A712AE6F-8EDE-4F34-8333-F5AD403F6D06}
2011-05-14 13:03 . 2011-05-14 13:03 -------- d-----w- c:\users\Damien\AppData\Local\{0E7EA45C-E428-4C57-B3EB-F5DD3CB8CA8E}
2011-05-12 18:22 . 2011-05-12 18:22 -------- d-----w- c:\users\Damien\AppData\Roaming\fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
2011-05-12 18:22 . 2011-05-12 18:22 -------- d-----w- c:\users\Damien\BarrierePoker.fr
2011-05-12 18:21 . 2011-05-12 18:22 -------- d-----w- c:\program files\BarrierePoker.fr
2011-05-12 18:14 . 2011-05-12 18:14 -------- d-----w- c:\users\Damien\AppData\Local\{C4DA003A-2B6F-4BB7-B3E8-B3F6A4C98A2C}
2011-05-11 10:41 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-10 22:49 . 2011-05-10 22:49 -------- d-----w- c:\users\Damien\AppData\Local\{1791DBD3-D5E3-49CA-8646-601341A8D2A2}
2011-05-10 10:48 . 2011-05-10 10:49 -------- d-----w- c:\users\Damien\AppData\Local\{84DA3F3B-D242-4E87-B7E8-27B228FC355D}
2011-05-07 15:48 . 2011-05-07 15:48 -------- d-----w- c:\users\Damien\AppData\Local\Boss Media
2011-05-07 15:48 . 2011-05-07 15:48 -------- d-----w- c:\programdata\Boss Media
2011-05-07 15:48 . 2011-05-28 14:08 -------- d-----w- c:\program files\Poker.co.uk
2011-05-05 09:28 . 2011-05-05 09:28 -------- d-----w- c:\users\Damien\AppData\Local\{C7CDAC95-2C8C-4EE5-B598-EF825938767A}
2011-05-04 11:33 . 2011-05-04 11:34 -------- d-----w- c:\users\Damien\AppData\Local\{6C79C2BB-EBED-4FA9-869E-CB6B91256058}
2011-05-03 19:45 . 2011-05-03 19:45 -------- d-----w- c:\users\Damien\AppData\Local\{5BF85459-D33F-4D48-B23D-0513EE061F8A}
2011-05-03 18:55 . 2011-05-03 18:55 -------- d-----w- c:\users\Damien\AppData\Roaming\com.orbis.air.SkyPoker.7C82499D7E4526CADD9D1D1B010AFE250A7BEC27.1
2011-05-03 18:55 . 2011-05-03 18:55 -------- d-----w- c:\users\Damien\SkyPokerLogs
2011-05-03 18:55 . 2011-05-03 18:55 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-05-02 19:12 . 2011-05-02 19:12 -------- d-----w- c:\users\Damien\AppData\Local\{DCDFAF0C-FBDB-4C59-A29A-B3DA5BD6B2C9}
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-03 11:05 . 2011-04-12 21:12 0 ----a-w- c:\users\Damien\AppData\Local\Jdoga.bin
2011-04-22 10:01 . 2011-04-22 10:01 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-22 10:01 . 2011-04-22 10:01 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-22 10:01 . 2011-04-22 10:01 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-22 10:01 . 2011-04-22 10:01 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-22 10:01 . 2011-04-22 10:01 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-22 10:01 . 2011-04-22 10:01 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-22 10:01 . 2011-04-22 10:01 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-22 10:01 . 2011-04-22 10:01 367104 ----a-w- c:\windows\system32\html.iec
2011-04-22 10:01 . 2011-04-22 10:01 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-22 10:01 . 2011-04-22 10:01 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-22 10:01 . 2011-04-22 10:01 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-22 10:01 . 2011-04-22 10:01 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-22 10:01 . 2011-04-22 10:01 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-22 10:01 . 2011-04-22 10:01 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-22 10:01 . 2011-04-22 10:01 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-22 10:01 . 2011-04-22 10:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-22 10:01 . 2011-04-22 10:01 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-22 10:01 . 2011-04-22 10:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-22 10:01 . 2011-04-22 10:01 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-22 10:01 . 2011-04-22 10:01 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-22 10:01 . 2011-04-22 10:01 101888 ----a-w- c:\windows\system32\admparse.dll
2011-03-13 14:38 . 2010-06-24 11:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-12 21:55 . 2011-04-27 13:49 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-10 17:03 . 2011-04-12 21:16 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:03 . 2011-04-12 21:16 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-03-05 03:20 . 2011-03-05 03:20 8704 ----a-w- c:\windows\system32\SpOrder.dll
2011-03-05 03:20 . 2011-03-05 03:20 73728 ----a-w- c:\windows\system32\VistaInfo32.dll
2011-03-03 15:42 . 2011-04-12 21:12 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:40 . 2011-04-27 13:49 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-03-03 15:40 . 2011-04-27 13:49 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-27 13:49 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-27 13:49 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-27 13:49 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:35 . 2011-04-27 13:49 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-03-03 13:25 . 2011-04-12 21:13 2041856 ----a-w- c:\windows\system32\win32k.sys
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2010-07-08 21:34 . 2009-12-01 18:17 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-25 39408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-05 17:32 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Damien^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Antimalware Doctor.lnk]
path=c:\users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
backup=c:\windows\pss\Antimalware Doctor.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Damien^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MaxiVista Démo Programme d'affichage All.lnk]
path=c:\users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MaxiVista Démo Programme d'affichage All.lnk
backup=c:\windows\pss\MaxiVista Démo Programme d'affichage All.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Damien^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2008-09-30 00:04 122880 ----a-w- c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-02-17 19:37 177472 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2008-04-03 19:32 317280 ----a-w- c:\program files\sony\ISB Utility\ISBMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-01 06:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MarketingTools]
2008-12-25 04:50 24576 ----a-w- c:\program files\sony\Marketing Tools\MarketingTools.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-10-17 10:28 6295552 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2008-10-17 10:29 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-12-25 04:31 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-10-21 29736]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-08 30192]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2008-08-22 7168]
R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-10-21 103712]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-10-21 353568]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-10-21 62752]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-10-01 369952]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-09-19 83232]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R4 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-01 691696]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [2008-12-04 303104]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S2 RtkAudioService;Realtek Audio Service;c:\windows\RtkAudioService.exe [2008-10-17 102400]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-10-17 415584]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-09-11 446464]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 17920]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-08-28 3664384]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-08-22 9344]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2011-04-22 10:01 114176 ----a-w- c:\windows\System32\advpack.dll
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 12:51]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 12:51]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Trusted Zone: orange.fr
TCP: DhcpNameServer = 192.168.0.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
FF - ProfilePath - c:\users\Damien\AppData\Roaming\Mozilla\Firefox\Profiles\l6ak3tfm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2504091&SearchSource=13
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-{251EEB85-0F3E-4374-562E-41EB2A80811A} - c:\users\Damien\AppData\Roaming\Ilyqe\dero.exe
HKCU-Run-lpc - c:\users\Damien\AppData\Roaming\Sun\dexlovlj93.dll
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
MSConfigStartUp-Adobe Acrobat Speed Launcher - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
MSConfigStartUp-LvbmZkfgme - c:\users\Damien\AppData\Local\Temp\avp.exe
MSConfigStartUp-LvbmZkfgmSc - c:\users\Damien\AppData\Local\Temp\avp32.exe
MSConfigStartUp-LvbmZkfgnoc - c:\users\Damien\AppData\Local\Temp\debug.exe
MSConfigStartUp-LvbmZkfgnrc - c:\users\Damien\AppData\Local\Temp\dsqah.exe
MSConfigStartUp-LvbmZkfgnsc - c:\users\Damien\AppData\Local\Temp\drweb.exe
MSConfigStartUp-LvbmZkfgnyc - c:\users\Damien\AppData\Local\Temp\csrss.exe
MSConfigStartUp-LvbmZkfgnZ - c:\users\Damien\AppData\Local\Temp\cmd.exe
MSConfigStartUp-LvbmZkfgoMc - c:\users\Damien\AppData\Local\Temp\gdi32.exe
MSConfigStartUp-LvbmZkfgotc - c:\users\Damien\AppData\Local\Temp\hexdump.exe
MSConfigStartUp-LvbmZkfgouqc - c:\users\Damien\AppData\Local\Temp\iexplarer.exe
MSConfigStartUp-LvbmZkfgprc - c:\users\Damien\AppData\Local\Temp\login.exe
MSConfigStartUp-LvbmZkfgptc - c:\users\Damien\AppData\Local\Temp\msmgm.exe
MSConfigStartUp-LvbmZkfgpuc - c:\users\Damien\AppData\Local\Temp\lsass.exe
MSConfigStartUp-LvbmZkfgpw+ - c:\users\Damien\AppData\Local\Temp\nvsvc32.exe
MSConfigStartUp-LvbmZkfgpZ - c:\users\Damien\AppData\Local\Temp\mdm.exe
MSConfigStartUp-LvbmZkfgqOP - c:\users\Damien\AppData\Local\Temp\o22go2.exe
MSConfigStartUp-LvbmZkfgre - c:\users\Damien\AppData\Local\Temp\user.exe
MSConfigStartUp-LvbmZkfgrg - c:\users\Damien\AppData\Local\Temp\smss.exe
MSConfigStartUp-LvbmZkfgrrb - c:\users\Damien\AppData\Local\Temp\taskmgr.exe
MSConfigStartUp-LvbmZkfgrse - c:\users\Damien\AppData\Local\Temp\svchost.exe
MSConfigStartUp-LvbmZkfgrta - c:\users\Damien\AppData\Local\Temp\services.exe
MSConfigStartUp-LvbmZkfgrtc - c:\users\Damien\AppData\Local\Temp\sysedit.exe
MSConfigStartUp-LvbmZkfgruf - c:\users\Damien\AppData\Local\Temp\spoolsv.exe
MSConfigStartUp-LvbmZkfgrvY - c:\users\Damien\AppData\Local\Temp\uxliqcem.exe
MSConfigStartUp-LvbmZkfgrwe - c:\users\Damien\AppData\Local\Temp\sysmgm.exe
MSConfigStartUp-LvbmZkfgrxe - c:\users\Damien\AppData\Local\Temp\system.exe
MSConfigStartUp-LvbmZkfgsa - c:\users\Damien\AppData\Local\Temp\win.exe
MSConfigStartUp-LvbmZkfgsPc - c:\users\Damien\AppData\Local\Temp\win32.exe
MSConfigStartUp-LvbmZkfgspe - c:\users\Damien\AppData\Local\Temp\winamp.exe
MSConfigStartUp-LvbmZkfgsre - c:\users\Damien\AppData\Local\Temp\wininst.exe
MSConfigStartUp-LvbmZkfgssc - c:\users\Damien\AppData\Local\Temp\winlogon.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
MSConfigStartUp-McENUI - c:\progra~1\McAfee\MHN\McENUI.exe
MSConfigStartUp-Nbitevadaza - c:\users\Damien\AppData\Local\ebeyojoqoziyije.dll
MSConfigStartUp-{251EEB85-0F3E-4374-562E-41EB2A80811A} - c:\users\Damien\AppData\Roaming\Ilyqe\dero.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-31 19:24
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000003d
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-05-31 19:28:40
ComboFix-quarantined-files.txt 2011-05-31 18:28
.
Avant-CF: 52 158 652 416 octets libres
Après-CF: 52 346 470 400 octets libres
.
- - End Of File - - E1AAB94B3D6F58B9790C30EED680E7E4
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 20:42
31 mai 2011 à 20:42
Même chose : tous les icones ainsi que la barre window en bas de mon écran disparait. Est ce normal peut etre que je dois attendre plus longtemps ? Mais rien ne semble se passer
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 21:04
31 mai 2011 à 21:04
C'est à dire que mon ordi est réparé ? C'est vrai que je n'ai plus de message publicitaire audio! Merci beaucoup ;)
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 23:37
31 mai 2011 à 23:37
le fichier n'est pas la par contre j'ai ca et je pense que ca vient du pre-Scipt
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21770
IconResource=%SystemRoot%\system32\imageres.dll,-112
IconFile=%SystemRoot%\system32\shell32.dll
IconIndex=-235
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21770
IconResource=%SystemRoot%\system32\imageres.dll,-112
IconFile=%SystemRoot%\system32\shell32.dll
IconIndex=-235
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
31 mai 2011 à 23:52
31 mai 2011 à 23:52
c'est un fichier nommé desktop
kahoskahos
Messages postés
36
Date d'inscription
mardi 31 mai 2011
Statut
Membre
Dernière intervention
1 juin 2011
1 juin 2011 à 00:47
1 juin 2011 à 00:47
Que faire ?:)