Sujet Précédent Sujet Suivant

Infection gomeo

Fermé
dudule40 Messages postés 218 Date d'inscription mercredi 30 octobre 2002 Statut Membre Dernière intervention 9 mai 2015 - 22 juin 2011 à 09:23
dudule40 Messages postés 218 Date d'inscription mercredi 30 octobre 2002 Statut Membre Dernière intervention 9 mai 2015 - 23 juin 2011 à 10:00
Bonjour, depuis hier je suis infecte par gomeo , je viens d'installé combofix et de faire un scan , donc je vous soumet le rapport , merci de votre aide .




ComboFix 11-06-17.04 - Jean Pierre 22/06/2011 9:02.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.3070.1953 [GMT 2:00]
Lancé depuis: c:\users\Jean Pierre\Desktop\asdehi.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\data
c:\programdata\idndl32.exe
c:\programdata\SysWoW32
c:\programdata\SysWoW32\_u1660225841v0
c:\programdata\SysWoW32\_u1660225841v1
c:\programdata\SysWoW32\_u1660225841v10
c:\programdata\SysWoW32\_u1660225841v11
c:\programdata\SysWoW32\_u1660225841v2
c:\programdata\SysWoW32\_u1660225841v3
c:\programdata\SysWoW32\_u1660225841v8
c:\programdata\SysWoW32\_u1660225841v9
c:\programdata\SysWoW32\mu1660225841v12.kwd
c:\programdata\SysWoW32\mu1660225841v13.kwd
c:\programdata\SysWoW32\mu1660225841v14.kwd
c:\programdata\SysWoW32\mu1660225841v15
c:\programdata\SysWoW32\mu1660225841v15.kwd
c:\programdata\SysWoW32\mu1660225841v4.kwd
c:\programdata\SysWoW32\mu1660225841v5.kwd
c:\programdata\SysWoW32\mu1660225841v6.kwd
c:\programdata\SysWoW32\mu1660225841v7.kwd
c:\programdata\SysWoW32\wu1660225841v0
c:\programdata\SysWoW32\wu1660225841v0.kwd
c:\programdata\SysWoW32\wu1660225841v1
c:\programdata\SysWoW32\wu1660225841v1.kwd
c:\programdata\SysWoW32\wu1660225841v10
c:\programdata\SysWoW32\wu1660225841v10.kwd
c:\programdata\SysWoW32\wu1660225841v11.kwd
c:\programdata\SysWoW32\wu1660225841v2
c:\programdata\SysWoW32\wu1660225841v2.kwd
c:\programdata\SysWoW32\wu1660225841v3
c:\programdata\SysWoW32\wu1660225841v3.kwd
c:\programdata\SysWoW32\wu1660225841v8
c:\programdata\SysWoW32\wu1660225841v8.kwd
c:\programdata\SysWoW32\wu1660225841v9
c:\programdata\SysWoW32\wu1660225841v9.kwd
c:\programdata\unrar.exe
c:\users\Jean Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\8jlg0fbc.default\extensions\{c3144b75-9733-4d14-a33d-3a062a890f0e}
c:\users\Jean Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\8jlg0fbc.default\extensions\{c3144b75-9733-4d14-a33d-3a062a890f0e}\chrome.manifest
c:\users\Jean Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\8jlg0fbc.default\extensions\{c3144b75-9733-4d14-a33d-3a062a890f0e}\chrome\xulcache.jar
c:\users\Jean Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\8jlg0fbc.default\extensions\{c3144b75-9733-4d14-a33d-3a062a890f0e}\defaults\preferences\xulcache.js
c:\users\Jean Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\8jlg0fbc.default\extensions\{c3144b75-9733-4d14-a33d-3a062a890f0e}\install.rdf
c:\users\Jean Pierre\AppData\Roaming\syswin
c:\windows\system32\audiosrv32.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-05-22 au 2011-06-22 ))))))))))))))))))))))))))))))))))))
.
.
2011-06-22 07:08 . 2011-06-22 07:08 -------- d-----w- c:\users\Jean Pierre\AppData\Local\temp
2011-06-22 07:08 . 2011-06-22 07:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-22 07:00 . 2011-06-22 07:00 -------- d-----w- C:\32788R22FWJFW
2011-06-21 17:15 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D7CFA86-E04F-4921-95DD-6229C5C85790}\mpengine.dll
2011-06-18 14:35 . 2011-06-18 14:35 -------- d-----w- c:\program files\Common Files\Adobe
2011-06-17 16:32 . 2011-06-17 16:32 -------- d-----w- c:\users\Jean Pierre\securité
2011-06-17 13:27 . 2011-06-17 13:27 0 ---ha-w- c:\windows\system32\zaaafnvblz.tmp
2011-06-17 10:15 . 2011-06-17 10:15 -------- d-----w- c:\users\Jean Pierre\AppData\Roaming\Malwarebytes
2011-06-17 10:14 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-17 10:14 . 2011-06-17 10:14 -------- d-----w- c:\programdata\Malwarebytes
2011-06-17 10:14 . 2011-06-17 10:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-17 10:14 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-17 05:18 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-17 05:18 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-06-17 05:18 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-16 20:28 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-16 20:28 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-16 20:28 . 2011-04-29 13:25 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-16 20:28 . 2011-04-29 13:25 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-16 20:28 . 2010-12-20 16:35 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-16 20:28 . 2011-05-02 17:16 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 20:28 . 2011-04-29 13:24 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 20:28 . 2011-04-29 13:24 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 20:28 . 2011-04-29 13:24 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-16 20:28 . 2011-05-02 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-06-16 20:10 . 2011-06-16 20:10 -------- d-----w- c:\users\Jean Pierre\AppData\Roaming\SUPERAntiSpyware.com
2011-06-16 20:10 . 2011-06-16 20:10 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-06-16 20:10 . 2011-06-16 20:10 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-06-16 19:42 . 2011-06-16 19:42 -------- d-----w- c:\program files\Trend Micro
2011-06-16 17:49 . 2011-06-16 18:27 -------- d-----w- c:\users\Jean Pierre\AppData\Roaming\QuickScan
2011-06-16 13:49 . 2011-06-16 14:12 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-16 13:49 . 2011-06-16 13:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-06-13 18:55 . 2011-06-13 18:55 -------- d-----w- c:\programdata\InterAction studios
2011-06-13 18:48 . 2011-06-13 18:54 -------- d-----w- c:\program files\Chicken Invaders 3
2011-06-13 18:47 . 2011-06-13 18:47 -------- d-----w- c:\program files\ReflexiveArcade
2011-06-13 08:39 . 2011-06-15 16:01 -------- d-----w- c:\programdata\654886644
2011-06-13 08:36 . 2011-06-15 16:01 -------- d-----w- c:\programdata\178074636
2011-06-13 08:36 . 2011-06-17 09:53 -------- d-sh--w- c:\programdata\366C4CEF8BBD0B328492B0C96D933471
2011-06-13 08:24 . 2011-06-13 08:24 -------- d-----w- c:\users\Jean Pierre\AppData\Local\GameHouse
2011-06-13 08:23 . 2011-06-13 08:23 -------- d-----w- c:\program files\Bejeweled 3
2011-06-10 17:23 . 2011-06-10 17:23 -------- d-----w- c:\users\Jean Pierre\AppData\Local\Microsoft Games
2011-06-10 15:43 . 2011-06-10 15:44 -------- d-----w- c:\users\Jean Pierre\FrostWire
2011-06-10 15:43 . 2011-06-18 18:40 -------- d-----w- c:\users\Jean Pierre\AppData\Roaming\FrostWire
2011-06-10 15:43 . 2011-06-10 16:03 -------- d-----w- c:\program files\FrostWire
2011-06-10 15:41 . 2011-06-10 15:41 -------- d-----w- c:\program files\Common Files\Java
2011-06-10 15:40 . 2011-06-10 15:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-10 15:39 . 2011-06-10 15:39 -------- d-----w- c:\program files\Java
2011-06-09 11:12 . 2007-02-13 18:41 1245056 ----a-w- c:\windows\system32\drivers\StkCMini.sys
2011-06-09 11:12 . 2007-02-12 20:59 61440 ----a-w- c:\windows\StkUnist.exe
2011-06-09 11:12 . 2007-02-08 01:21 77824 ----a-w- c:\windows\system32\StkCProp.ax
2011-06-09 11:12 . 2007-02-08 00:51 69632 ----a-w- c:\windows\system32\StkCWIA.dll
2011-06-09 11:12 . 2007-02-08 00:44 24576 ----a-w- c:\windows\system32\StkCSrv.exe
2011-06-09 11:12 . 2007-02-08 00:32 106496 ----a-w- c:\windows\StkC112X.exe
2011-06-09 11:12 . 2007-01-11 23:04 12367616 ----a-w- c:\windows\system32\drivers\StkCPipe.sys
2011-06-09 11:12 . 2006-12-11 06:33 49152 ----a-w- c:\windows\system32\StkSSrv.dll
2011-06-09 11:12 . 2005-12-27 07:11 172032 ----a-w- c:\windows\VideoView.exe
2011-06-09 11:10 . 2011-06-09 11:10 -------- d-----w- c:\program files\7-Zip
2011-06-07 15:25 . 2011-06-07 15:25 -------- d-----w- c:\program files\Genesys PC Camera Device
2011-06-07 15:19 . 2011-06-07 15:19 -------- d-----w- c:\program files\Toshiba
2011-06-07 11:01 . 2011-06-07 11:01 -------- d-----w- c:\windows\system32\RTCOM
2011-06-07 11:01 . 2011-06-07 10:59 135168 ----a-w- c:\windows\system32\SRSWOW.dll
2011-06-05 16:53 . 2011-06-05 16:53 -------- d-----w- c:\programdata\Trymedia
2011-06-05 16:51 . 2011-06-05 16:53 -------- d-----w- c:\program files\Euro Truck Simulator
2011-06-05 14:38 . 2011-06-05 16:26 -------- d-----w- c:\users\Jean Pierre\AppData\Local\eSupport.com
2011-06-03 07:57 . 2006-05-18 15:58 309760 ----a-w- c:\windows\system32\DIFxAPI.dll
2011-05-30 16:46 . 2011-05-30 16:46 -------- d-----w- c:\windows\Java
2011-05-30 16:46 . 2010-08-22 11:48 114176 ----a-w- c:\windows\system32\PCWizard.cpl
2011-05-30 16:46 . 2011-05-30 16:46 -------- d-----w- c:\program files\CPUID
2011-05-30 10:09 . 2011-05-30 10:11 -------- d-----w- c:\users\Jean Pierre\AppData\Local\Conduit
2011-05-27 11:47 . 2011-06-13 18:52 -------- d-----w- c:\users\Jean Pierre\Jeux Applications
2011-05-27 10:49 . 2011-05-27 10:49 -------- d-----w- c:\users\Jean Pierre\AppData\Local\Adobe
2011-05-26 15:47 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-25 16:34 . 2011-05-25 16:34 -------- d-----w- c:\program files\Windows Portable Devices
2011-05-25 16:27 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-05-25 16:27 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-05-25 16:27 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-05-25 16:25 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-05-25 16:25 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-05-25 16:25 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-05-25 16:20 . 2011-05-25 16:20 98816 ----a-w- c:\windows\system32\mfps.dll
2011-05-25 15:56 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-05-25 15:56 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-05-25 15:56 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-25 15:55 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-05-24 20:30 . 2011-05-30 11:37 -------- d-----w- c:\users\Jean Pierre\AppData\Roaming\Azureus
2011-05-24 20:25 . 2011-05-24 20:26 -------- d-----w- c:\users\Jean Pierre\AppData\Local\Ahead
2011-05-24 20:21 . 2011-05-24 20:21 -------- d-----w- c:\programdata\Nero
2011-05-24 20:21 . 2011-05-24 20:25 -------- d-----w- c:\program files\Common Files\Ahead
2011-05-24 20:21 . 2011-05-24 20:21 -------- d-----w- c:\program files\Nero
2011-05-24 20:04 . 2011-05-24 20:05 -------- d-----w- c:\windows\system32\ca-ES
2011-05-24 20:04 . 2011-05-24 20:05 -------- d-----w- c:\windows\system32\eu-ES
2011-05-24 20:03 . 2011-05-24 20:05 -------- d-----w- c:\windows\system32\vi-VN
2011-05-24 19:46 . 2011-05-24 19:46 -------- d-----w- c:\windows\system32\EventProviders
2011-05-24 19:22 . 2011-05-24 19:22 -------- d-----w- c:\windows\PCHEALTH
2011-05-24 19:20 . 2011-05-24 19:20 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-05-24 19:20 . 2011-05-24 19:20 -------- d-----w- c:\windows\SHELLNEW
2011-05-24 19:19 . 2011-05-24 19:19 -------- d-----w- c:\users\Jean Pierre\AppData\Local\Microsoft Help
2011-05-24 19:18 . 2011-05-24 19:25 -------- d-----w- c:\programdata\Microsoft Help
2011-05-24 19:17 . 2011-05-24 19:17 -------- d-----r- C:\MSOCache
2011-05-24 19:15 . 2009-04-11 06:32 527848 ----a-w- c:\windows\system32\drivers\ndis.sys
2011-05-24 19:08 . 2011-05-24 20:53 -------- d-----w- c:\users\Jean Pierre\AppData\Roaming\vlc
2011-05-24 19:07 . 2011-05-24 19:07 -------- d-----w- c:\program files\VideoLAN
2011-05-24 18:56 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-05-24 18:56 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2011-05-24 18:56 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2011-05-24 18:56 . 2009-11-03 19:41 411648 ----a-w- c:\windows\system32\drivers\http.sys
2011-05-24 18:56 . 2009-11-03 21:43 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-05-24 18:56 . 2009-11-03 21:42 30720 ----a-w- c:\windows\system32\httpapi.dll
2011-05-24 09:03 . 2011-05-24 09:03 -------- d-----w- c:\program files\Lavalys
2011-05-24 08:24 . 2011-05-24 08:31 -------- d-----w- c:\program files\SIW
2011-05-24 08:18 . 2011-05-24 08:18 -------- d-----w- c:\users\Jean Pierre\AppData\Roaming\Thunderbird
2011-05-24 08:18 . 2011-05-24 08:18 -------- d-----w- c:\users\Jean Pierre\AppData\Local\Thunderbird
2011-05-24 08:18 . 2011-05-24 08:18 -------- d-----w- c:\program files\Mozilla Thunderbird
2011-05-24 07:44 . 2011-05-24 19:22 -------- d-----w- c:\program files\Microsoft.NET
2011-05-24 07:42 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-24 07:42 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-24 07:42 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-05-24 07:42 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-24 07:42 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-05-24 07:24 . 2011-05-24 07:24 -------- d-----w- c:\users\Jean Pierre\AppData\Local\Mozilla
2011-05-24 06:44 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-05-24 06:44 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-05-23 20:32 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2011-05-23 20:11 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-05-23 20:08 . 2009-01-08 01:20 265720 ----a-w- c:\program files\Internet Explorer\msdbg2.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-21 17:12 . 2011-05-22 20:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-07 15:16 . 2006-11-15 15:16 32256 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2011-06-07 15:16 . 2006-11-15 10:42 43520 ----a-w- c:\windows\system32\drivers\rimsptsk.sys
2011-06-07 15:16 . 2004-09-04 01:00 90112 ----a-w- c:\windows\system32\snymsico.dll
2011-05-25 16:20 . 2011-05-25 16:20 4096 ----a-w- c:\windows\system32\drivers\fr-FR\dxgkrnl.sys.mui
2011-04-18 09:19 . 2011-05-22 20:11 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-04-18 09:19 . 2011-05-22 20:11 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-04-08 05:14 . 2011-05-23 18:56 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-04-08 05:14 . 2009-07-01 22:59 2034280 ----a-w- c:\windows\system32\nvapi.dll
2011-04-07 20:43 . 2011-04-07 20:43 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-04-07 20:43 . 2011-04-07 20:43 612456 ----a-w- c:\windows\system32\nvvsvc.exe
2011-04-07 20:43 . 2011-04-07 20:43 293992 ----a-w- c:\windows\system32\nvhotkey.dll
2011-04-07 20:43 . 2011-04-07 20:43 2582120 ----a-w- c:\windows\system32\nvsvcr.dll
2011-04-07 20:43 . 2011-04-07 20:43 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 20:43 . 2011-04-07 20:43 3701352 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 20:43 . 2011-04-07 20:43 2565224 ----a-w- c:\windows\system32\nvsvc.dll
2011-04-14 16:52 . 2011-05-24 07:24 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-11 281768]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]
"RtHDVCpl"="RtHDVCpl.exe" [2011-06-07 4390912]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BthAvrcp;Profil AVRCP Bluetooth;c:\windows\system32\DRIVERS\BthAvrcp.sys [2010-02-05 28048]
R3 cpuz134;cpuz134;c:\program files\CPUID\PC Wizard 2010\pcwiz_x32.sys [2010-07-09 20328]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2011-05-01 311744]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-05-29 39984]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [x]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-11 136360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 Realtek87B;Realtek87B;c:\program files\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe [2009-12-07 40960]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-02-08 24576]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2011-05-23 347648]
S3 StkCMini;Syntek AVStream USB2.0 2M WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-02-13 1245056]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Jean Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\8jlg0fbc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - www.orange.fr
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
BHO-{0D8266DD-26BA-44A7-9114-1BBEEABB96C8} - c:\windows\system32\audiosrv32.dll
BHO-{0F2A8DA2-3BEC-482F-A593-254FAA090688} - c:\windows\system32\audiosrv32.dll
BHO-{129438A6-6FE0-4EDA-9A1E-930E1B3C36A5} - c:\windows\system32\audiosrv32.dll
HKCU-Run-RTHDBPL - c:\users\Jean Pierre\AppData\Roaming\SysWin\lsass.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-22 09:08
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
RTHDBPL = c:\users\Jean Pierre\AppData\Roaming\SysWin\lsass.exe??????????&?????????????????????&???B???????????&????????????????$???????p
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{0F2A8DA2-3BEC-482F-A593-254FAA090688}"=hex:51,66,7a,6c,4c,1d,38,12,cc,8e,39,
0b,de,75,41,0d,da,85,66,0f,af,57,42,9c
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DbgagD\1*]
"value"="?\05\02\18\14\1d)?"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-06-22 09:10:31
ComboFix-quarantined-files.txt 2011-06-22 07:10
.
Avant-CF: 109 511 766 016 octets libres
Après-CF: 109 231 607 808 octets libres
.
- - End Of File - - 46F5DC557A82D9DE882B19B82F759269




7 réponses

Réponse 1 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
22 juin 2011 à 09:33
Salut,

Bienvenue.
Voici la procédure à suivre.
Prière de lire attentivement les instructions pour les suivre correctement.
Bien poster les rapports comme demandés afin de pouvoir les analyser.


ETAPE 1 :
Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Poste le rapport ici.

ETAPE 2 :

Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!

ETAPE 3 :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
0
Réponse 2 / 7
dudule40 Messages postés 218 Date d'inscription mercredi 30 octobre 2002 Statut Membre Dernière intervention 9 mai 2015 21
22 juin 2011 à 21:29
voila le rapport de TDSS Killer:

2011/06/22 21:23:21.0705 2768 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2011/06/22 21:23:22.0057 2768 ================================================================================
2011/06/22 21:23:22.0057 2768 SystemInfo:
2011/06/22 21:23:22.0057 2768
2011/06/22 21:23:22.0057 2768 OS Version: 6.0.6002 ServicePack: 2.0
2011/06/22 21:23:22.0057 2768 Product type: Workstation
2011/06/22 21:23:22.0057 2768 ComputerName: PC-DE-JEANPIERR
2011/06/22 21:23:22.0058 2768 UserName: Jean Pierre
2011/06/22 21:23:22.0058 2768 Windows directory: C:\Windows
2011/06/22 21:23:22.0058 2768 System windows directory: C:\Windows
2011/06/22 21:23:22.0058 2768 Processor architecture: Intel x86
2011/06/22 21:23:22.0058 2768 Number of processors: 2
2011/06/22 21:23:22.0058 2768 Page size: 0x1000
2011/06/22 21:23:22.0058 2768 Boot type: Normal boot
2011/06/22 21:23:22.0058 2768 ================================================================================
2011/06/22 21:23:23.0254 2768 Initialize success
2011/06/22 21:23:28.0755 2652 ================================================================================
2011/06/22 21:23:28.0755 2652 Scan started
2011/06/22 21:23:28.0755 2652 Mode: Manual;
2011/06/22 21:23:28.0755 2652 ================================================================================
2011/06/22 21:23:30.0014 2652 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/06/22 21:23:30.0115 2652 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/06/22 21:23:30.0161 2652 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/06/22 21:23:30.0196 2652 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/06/22 21:23:30.0227 2652 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/06/22 21:23:30.0315 2652 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/06/22 21:23:30.0352 2652 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/06/22 21:23:30.0423 2652 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/06/22 21:23:30.0455 2652 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/06/22 21:23:30.0493 2652 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/06/22 21:23:30.0525 2652 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/06/22 21:23:30.0555 2652 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/06/22 21:23:30.0588 2652 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/06/22 21:23:30.0655 2652 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/06/22 21:23:30.0693 2652 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/06/22 21:23:30.0743 2652 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/22 21:23:30.0910 2652 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/06/22 21:23:30.0991 2652 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/22 21:23:31.0062 2652 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/06/22 21:23:31.0181 2652 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/06/22 21:23:31.0240 2652 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/06/22 21:23:31.0284 2652 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/22 21:23:31.0341 2652 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/06/22 21:23:31.0374 2652 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/06/22 21:23:31.0419 2652 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/06/22 21:23:31.0452 2652 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/06/22 21:23:31.0478 2652 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/06/22 21:23:31.0535 2652 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/06/22 21:23:31.0847 2652 BthAvrcp (3472331b9d460212965b51a8d38e8bec) C:\Windows\system32\DRIVERS\BthAvrcp.sys
2011/06/22 21:23:31.0933 2652 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/06/22 21:23:32.0013 2652 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/22 21:23:32.0075 2652 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/06/22 21:23:32.0130 2652 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/06/22 21:23:32.0183 2652 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/06/22 21:23:32.0468 2652 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/22 21:23:32.0551 2652 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/22 21:23:32.0607 2652 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/06/22 21:23:32.0681 2652 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/06/22 21:23:32.0769 2652 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/22 21:23:32.0808 2652 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/06/22 21:23:32.0841 2652 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/22 21:23:32.0952 2652 cpuz134 (75fa19142531cbf490770c2988a7db64) C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys
2011/06/22 21:23:32.0990 2652 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/06/22 21:23:33.0027 2652 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/06/22 21:23:33.0127 2652 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/06/22 21:23:33.0230 2652 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/06/22 21:23:33.0328 2652 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
2011/06/22 21:23:33.0397 2652 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/06/22 21:23:33.0488 2652 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/22 21:23:33.0569 2652 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/06/22 21:23:33.0659 2652 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/06/22 21:23:33.0708 2652 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/06/22 21:23:33.0765 2652 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/06/22 21:23:33.0862 2652 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/06/22 21:23:33.0950 2652 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/06/22 21:23:34.0016 2652 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/22 21:23:34.0094 2652 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/06/22 21:23:34.0132 2652 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/06/22 21:23:34.0163 2652 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/22 21:23:34.0231 2652 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/06/22 21:23:34.0287 2652 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/22 21:23:34.0334 2652 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/06/22 21:23:34.0419 2652 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/06/22 21:23:34.0490 2652 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/22 21:23:34.0561 2652 HidBth (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/22 21:23:34.0588 2652 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/06/22 21:23:34.0656 2652 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/22 21:23:34.0694 2652 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/06/22 21:23:34.0765 2652 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2011/06/22 21:23:34.0804 2652 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/06/22 21:23:34.0851 2652 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/22 21:23:34.0908 2652 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/06/22 21:23:34.0952 2652 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/06/22 21:23:35.0086 2652 IntcAzAudAddService (297372c4c37ce8702745bb1baa1b2061) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/22 21:23:35.0163 2652 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/06/22 21:23:35.0200 2652 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/22 21:23:35.0251 2652 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/22 21:23:35.0309 2652 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/06/22 21:23:35.0342 2652 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/06/22 21:23:35.0379 2652 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/06/22 21:23:35.0414 2652 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/06/22 21:23:35.0469 2652 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/22 21:23:35.0503 2652 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/06/22 21:23:35.0529 2652 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/06/22 21:23:35.0560 2652 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/22 21:23:35.0598 2652 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/22 21:23:35.0677 2652 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/22 21:23:35.0746 2652 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/22 21:23:35.0807 2652 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/06/22 21:23:35.0837 2652 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/06/22 21:23:35.0870 2652 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/06/22 21:23:35.0895 2652 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/06/22 21:23:35.0971 2652 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\Windows\system32\drivers\mbamswissarmy.sys
2011/06/22 21:23:36.0036 2652 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/06/22 21:23:36.0082 2652 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/06/22 21:23:36.0125 2652 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/06/22 21:23:36.0154 2652 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/22 21:23:36.0178 2652 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/22 21:23:36.0209 2652 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/22 21:23:36.0235 2652 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/06/22 21:23:36.0288 2652 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/06/22 21:23:36.0320 2652 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/22 21:23:36.0375 2652 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/06/22 21:23:36.0446 2652 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/06/22 21:23:36.0492 2652 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/22 21:23:36.0526 2652 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/22 21:23:36.0550 2652 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/22 21:23:36.0585 2652 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/06/22 21:23:36.0616 2652 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/06/22 21:23:36.0669 2652 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/06/22 21:23:36.0704 2652 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/06/22 21:23:36.0760 2652 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/22 21:23:36.0784 2652 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/22 21:23:36.0830 2652 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/06/22 21:23:36.0894 2652 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/06/22 21:23:37.0011 2652 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/22 21:23:37.0047 2652 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/06/22 21:23:37.0109 2652 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys
2011/06/22 21:23:37.0160 2652 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/06/22 21:23:37.0253 2652 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/22 21:23:37.0341 2652 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/06/22 21:23:37.0390 2652 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/22 21:23:37.0432 2652 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/22 21:23:37.0492 2652 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/22 21:23:37.0539 2652 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/06/22 21:23:37.0576 2652 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/22 21:23:37.0637 2652 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/22 21:23:37.0763 2652 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/06/22 21:23:37.0840 2652 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/06/22 21:23:37.0898 2652 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/22 21:23:38.0005 2652 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/06/22 21:23:38.0077 2652 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/06/22 21:23:38.0106 2652 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/06/22 21:23:38.0467 2652 nvlddmkm (1f144bd1fecb52fe4dc18fafe70ff7af) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/22 21:23:38.0853 2652 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/06/22 21:23:38.0892 2652 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/06/22 21:23:38.0960 2652 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/06/22 21:23:39.0093 2652 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/22 21:23:39.0160 2652 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/06/22 21:23:39.0222 2652 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/06/22 21:23:39.0249 2652 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/06/22 21:23:39.0321 2652 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/06/22 21:23:39.0350 2652 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/06/22 21:23:39.0382 2652 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/06/22 21:23:39.0448 2652 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/06/22 21:23:39.0600 2652 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/22 21:23:39.0640 2652 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/06/22 21:23:39.0715 2652 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/22 21:23:39.0778 2652 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/06/22 21:23:39.0814 2652 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/06/22 21:23:39.0848 2652 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/22 21:23:39.0877 2652 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/22 21:23:39.0916 2652 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/22 21:23:39.0984 2652 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/22 21:23:40.0054 2652 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/22 21:23:40.0119 2652 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/22 21:23:40.0150 2652 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/22 21:23:40.0193 2652 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/06/22 21:23:40.0216 2652 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/22 21:23:40.0266 2652 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/06/22 21:23:40.0360 2652 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/06/22 21:23:40.0426 2652 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/06/22 21:23:40.0452 2652 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/06/22 21:23:40.0511 2652 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/06/22 21:23:40.0575 2652 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/22 21:23:40.0642 2652 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/06/22 21:23:40.0742 2652 RTL8187B (7fe5089eb5f624899de08c30db4377fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
2011/06/22 21:23:40.0872 2652 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/06/22 21:23:40.0918 2652 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/06/22 21:23:40.0981 2652 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/06/22 21:23:41.0071 2652 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2011/06/22 21:23:41.0109 2652 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/22 21:23:41.0165 2652 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/06/22 21:23:41.0203 2652 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/06/22 21:23:41.0234 2652 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/06/22 21:23:41.0294 2652 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/06/22 21:23:41.0320 2652 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/06/22 21:23:41.0347 2652 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/06/22 21:23:41.0368 2652 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/06/22 21:23:41.0415 2652 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/06/22 21:23:41.0439 2652 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/06/22 21:23:41.0472 2652 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/06/22 21:23:41.0554 2652 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/06/22 21:23:41.0636 2652 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
2011/06/22 21:23:41.0690 2652 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/06/22 21:23:41.0763 2652 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/06/22 21:23:41.0807 2652 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/22 21:23:41.0839 2652 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/22 21:23:41.0914 2652 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/06/22 21:23:42.0213 2652 StkCMini (8181a2ecc2b5eccd26b05f6dad1a8736) C:\Windows\system32\Drivers\StkCMini.sys
2011/06/22 21:23:42.0346 2652 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/22 21:23:42.0394 2652 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/06/22 21:23:42.0427 2652 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/06/22 21:23:42.0456 2652 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/06/22 21:23:42.0567 2652 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/06/22 21:23:42.0623 2652 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/22 21:23:42.0656 2652 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/22 21:23:42.0683 2652 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/06/22 21:23:42.0717 2652 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/06/22 21:23:42.0778 2652 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/22 21:23:42.0845 2652 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/22 21:23:43.0006 2652 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/22 21:23:43.0041 2652 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/06/22 21:23:43.0088 2652 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/22 21:23:43.0121 2652 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/06/22 21:23:43.0152 2652 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/22 21:23:43.0208 2652 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/06/22 21:23:43.0243 2652 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/06/22 21:23:43.0284 2652 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/06/22 21:23:43.0316 2652 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/06/22 21:23:43.0351 2652 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/22 21:23:43.0441 2652 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/22 21:23:43.0481 2652 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/06/22 21:23:43.0557 2652 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/22 21:23:43.0615 2652 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/22 21:23:43.0640 2652 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/06/22 21:23:43.0676 2652 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/06/22 21:23:43.0760 2652 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/22 21:23:43.0819 2652 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/22 21:23:43.0866 2652 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/22 21:23:43.0899 2652 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/06/22 21:23:43.0933 2652 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/06/22 21:23:43.0969 2652 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/06/22 21:23:44.0004 2652 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/06/22 21:23:44.0035 2652 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/06/22 21:23:44.0107 2652 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/06/22 21:23:44.0154 2652 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/06/22 21:23:44.0197 2652 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/06/22 21:23:44.0254 2652 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/06/22 21:23:44.0283 2652 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/22 21:23:44.0301 2652 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/22 21:23:44.0349 2652 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/06/22 21:23:44.0392 2652 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/22 21:23:44.0572 2652 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/06/22 21:23:44.0656 2652 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/22 21:23:44.0723 2652 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/22 21:23:44.0794 2652 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/06/22 21:23:44.0809 2652 ================================================================================
2011/06/22 21:23:44.0809 2652 Scan finished
2011/06/22 21:23:44.0809 2652 ================================================================================
2011/06/22 21:23:44.0829 1224 Detected object count: 0
2011/06/22 21:23:44.0829 1224 Actual detected object count: 0
0
Réponse 3 / 7
dudule40 Messages postés 218 Date d'inscription mercredi 30 octobre 2002 Statut Membre Dernière intervention 9 mai 2015 21
22 juin 2011 à 21:39
voila le rapport de malwarebytes :

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Version de la base de données: 6921

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

22/06/2011 21:36:56
mbam-log-2011-06-22 (21-36-56).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 158186
Temps écoulé: 3 minute(s), 32 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 48

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\programdata\178074636 (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644 (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\Windows\System32\config\systemprofile\AppData\Roaming\020000001898a8f21336c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\Roaming\020000001898a8f21336o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\Roaming\020000001898a8f21336p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\Roaming\020000001898a8f21336s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\System32\020000001898a8f21336c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\System32\020000001898a8f21336o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\System32\020000001898a8f21336p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\System32\020000001898a8f21336s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\programdata\178074636\new.i0.kwd (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\178074636\new.i1.kwd (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\178074636\new.i10.kwd (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\178074636\new.i11.kwd (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\178074636\new.i2.kwd (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\178074636\new.i3.kwd (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\178074636\new.i8.kwd (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\178074636\new.i9.kwd (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt4.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt0.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt0.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt1.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt1.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt10.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt10.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt11.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt11.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt12.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt12.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt13.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt13.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt14.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt14.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt15.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt15.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt2.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt2.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt3.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt3.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt4.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt5.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt5.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt6.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt6.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt7.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt7.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt8.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt8.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt9.rar (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\654886644\frt9.rar.ver (Rogue.Multiple) -> Quarantined and deleted successfully.
0
Réponse 4 / 7
dudule40 Messages postés 218 Date d'inscription mercredi 30 octobre 2002 Statut Membre Dernière intervention 9 mai 2015 21
22 juin 2011 à 22:02
voila le rapport OTL :

https://pjjoint.malekal.com/files.php?id=6bb285ae061266



merci de votre aide
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
23 juin 2011 à 09:13
ça c'est le rapport Extrat.txt
manque OTL.txt
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
dudule40 Messages postés 218 Date d'inscription mercredi 30 octobre 2002 Statut Membre Dernière intervention 9 mai 2015 21
23 juin 2011 à 09:45
Bonjour, voila le rapport otl :

https://pjjoint.malekal.com/files.php?id=c01eac91f41365

Merci de votre aide
0
Réponse 6 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
23 juin 2011 à 09:56
OK ça doit aller mieux.
Eventuellement, ce soir tu mets à jour Malwarebyte et tu fais un scan avec histoire de supprimer ce qui peux rester.

Surf en attendant voir le comportement de la machine.
0
Réponse 7 / 7
dudule40 Messages postés 218 Date d'inscription mercredi 30 octobre 2002 Statut Membre Dernière intervention 9 mai 2015 21
23 juin 2011 à 10:00
message reçu , je referais un scan ce soir , mais ça vas déjà mieux , je te remercie et te souhaite une bonne journée
0

Discussions similaires

Problème avec Goméo
D.F. -
D.F. -

6 réponses
Infection ?
Tomy -
MisteryBean -

10 réponses
Infection ou pas ???
karissia -
helpcenter -

1 réponse
infection ou pas?
jpn1000 -
mcvivien2 -

5 réponses
Infection ad.doubleclick.net
93 -
93 -

66 réponses