Virus Memory management

ok il y a du travail sur le pc , tu fais ce qui suit , merci


1) fais zhpfix comme expliqué

. Copie les lignes suivantes en GRAS entre les deux lignes


__________________________________________________________

OPT:O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
OPT:O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
OPT:O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
OPT:O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
OPT:O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
OPT:O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
OPT:O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
OPT:SR - | Auto 29/09/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
[MD5.00ED8DBE21DCA52C62AE769D7E5D78B9] - (.Spigot, Inc. - Search Settings.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [534880] [PID.2836]
[MD5.DF7F37F2A23BD1B3A6721B328355DC91] - (.Spigot, Inc. - Application Updater.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe [402328] [PID.]
G2 - GCE: Preference [User Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.1.3128.64 (Activé)
R3 - URLSearchHook: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} . (.Spigot, Inc. - Widgi Toolbar for Internet Explorer.) (4, 6, 0, 1) -- C:\Program Files\Dealio Toolbar\IE\4.6\dealioToolbarIE.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} . (.Spigot, Inc. - Widgi Toolbar for Internet Explorer.) -- C:\Program Files\Dealio Toolbar\IE\4.6\dealioToolbarIE.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} . (.Babylon BHO - Pas de description.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files\OfferBox\OfferBoxBHO.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} . (.Spigot, Inc. - Widgi Toolbar for Internet Explorer.) -- C:\Program Files\Dealio Toolbar\IE\4.6\dealioToolbarIE.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} . (.Babylon Ltd. - Pas de description.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [SearchSettings] . (.Spigot, Inc. - Search Settings.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
O23 - Service: Application Updater (Application Updater) . (.Spigot, Inc. - Application Updater.) - C:\Program Files\Application Updater\ApplicationUpdater.exe
O42 - Logiciel: Babylon toolbar on IE - (.Pas de propriétaire.) [HKLM] -- BabylonToolbar
O42 - Logiciel: Dealio Toolbar v4.6 - (.Spigot, Inc..) [HKLM] -- {10404646-77C5-4f07-947E-58E5FA78A8BE}
O42 - Logiciel: OfferBox - (.Secure Digital Services Limited.) [HKLM] -- OfferBox
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Search Settings]
[HKCU\Software\BabylonToolbar]
[HKCU\Software\OfferBox]
[HKCU\Software\pdfforge.org]
[HKLM\Software\Application Updater]
[HKLM\Software\Babylon]
[HKLM\Software\Dealio]
[HKLM\Software\Search Settings]
[HKLM\Software\pdfforge.org]
O43 - CFD: 17/09/2011 - 10:37:54 - [402413] ----D- C:\Program Files\Application Updater
O43 - CFD: 17/09/2011 - 12:34:14 - [1820938] ----D- C:\Program Files\BabylonToolbar
O43 - CFD: 17/09/2011 - 10:37:54 - [835294] ----D- C:\Program Files\Dealio Toolbar
O43 - CFD: 05/11/2010 - 19:21:30 - [3594372] ----D- C:\Program Files\OfferBox
O43 - CFD: 17/09/2011 - 10:37:54 - [536231] ----D- C:\Program Files\Common Files\Spigot
O43 - CFD: 17/09/2011 - 12:34:00 - [0] ----D- C:\ProgramData\Babylon
O43 - CFD: 17/09/2011 - 12:34:00 - [2730] ----D- C:\Users\Mathilda\AppData\Roaming\Babylon
O43 - CFD: 30/09/2011 - 14:38:38 - [287777] ----D- C:\Users\Mathilda\AppData\Roaming\OfferBox
O43 - CFD: 17/09/2011 - 12:34:00 - [3680088] ----D- C:\Users\Mathilda\AppData\Local\Babylon
O43 - CFD: 17/09/2011 - 13:31:40 - [0] ----D- C:\Users\Mathilda\AppData\Local\MediaGet2
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://search.babylon.com
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O87 - FAEL: "TCP Query User{E394931E-4476-4249-8F8B-2209B18646BE}C:\users\mathilda\appdata\local\mediaget2\mediaget.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\mathilda\appdata\local\mediaget2\mediaget.exe (.not file.)
O87 - FAEL: "UDP Query User{3CB1B939-31F8-4465-A0F8-B5986CA74D07}C:\users\mathilda\appdata\local\mediaget2\mediaget.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\mathilda\appdata\local\mediaget2\mediaget.exe (.not file.)
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox]
[HKLM\Software\Classes\OfferBox.OfferBoxServer]
[HKLM\Software\Classes\OfferBox.OfferBoxServer.1]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
[HKLM\Software\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]
[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5f05c28d-dea9-4ad6-a73a-064175988eab}]
[HKLM\Software\Classes\Interface\{6612afdd-34ad-4b89-a236-7e6d07c3fdcd}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[HKLM\Software\Classes\TypeLib\{937936af-28ca-4973-b8ae-f250406149a2}]
[HKLM\Software\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}]
[HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}]
[HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{c878cd69-85db-426b-81a3-e71175aaeb91}]
[HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom]
[HKLM\SYSTEM\CurrentControlSet\Services\Application Updater]
[HKLM\Software\BabylonToolbar]
[HKLM\Software\dealio]
[HKLM\Software\OfferBox]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox]
[HKLM\Software\Mozilla\Firefox\Extensions]:offerboxffx@offerbox.com
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:SearchSettings
C:\Program Files\Application Updater
C:\Program Files\BabylonToolbar
C:\Program Files\Dealio Toolbar
C:\Program Files\OfferBox
C:\Program Files\Common Files\Spigot
C:\ProgramData\Babylon
C:\Users\Mathilda\AppData\Roaming\Babylon
C:\Users\Mathilda\AppData\Roaming\OfferBox
C:\Users\Mathilda\AppData\Local\Babylon
C:\Users\Mathilda\AppData\Local\MediaGet2
C:\Users\Mathilda\AppData\LocalLow\Dealio
C:\Users\Mathilda\AppData\LocalLow\PriceGong
C:\Users\Mathilda\AppData\LocalLow\Search Settings
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk
SR - | Auto 17/09/2011 402328 | (Application Updater) . (.Spigot, Inc..) - C:\Program Files\Application Updater\ApplicationUpdater.exe
SysRestore
FirewallRAZ
EmptyFlash
EmptyTemp
HostFix


___________________________________________________________________


. Lance ZHPFix de Nicolas Coolman qui se trouve sur ton bureau
. Pour XP, double-clique sur ZHPFix
. pour Vista et seven, faire un clic droit sur l'icône et exécute en tant qu'administrateur.
. Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)

Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

PS: si rien ne se colle clique sur l'icône en haut sur gauche celui juste à côté de l'appareil photos " coller le presse papier"

!! Déconnecte toi, désactive tes défenses (anti-virus, anti-spyware ) et ferme bien toutes autres applications ( navigateurs compris ) !!



. cliques sur OK
. Clique sur « Tous », puis sur « Nettoyer »
. Copie/colle la totalité du rapport dans ta prochaine réponse
tu le trouveras dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport





2) passes Reload_TDSSKiller car il semble qu'il y est un rootkit


? Télécharge Reload_TDSSKiller

? Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan"

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

? Copie/Colle son contenu dans ta prochaine réponse.



3) passes adw-cleaner mode SUPPRESSION

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


4) pour être sur qu'il a tous supprimer tu passes ad-remover mode NETTOYER


Déactives ton anti-virus et anti-spyware le temps du scan

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


Télécharge Ad-Remover sur ton bureau: (Merci à l'équipe TeamXscript)

http://www.teamxscript.org/adremoverTelechargement.html



/!\ Ferme toutes tes applications ouvertes. /!\

Double clique sur le fichier que tu viens de télécharger, à l'écran qui apparait, clique sur "Nettoyer".
Laisse travailler l'outil.
Poste le rapport qui s'affiche à l'écran quand l'analyse est terminée.



( Le rapport est sauvegardé sous C:\Ad-report-clean.log )





5) postes un nouveau zhpdiag pour contrôle

Double cliques sur le raccourci ZHPDiag sur ton Bureau pour XP sinon clique droit et en tant que administrateur !!

Cliques sur la loupe pour lancer l'analyse.

si tu as un message te demandant la validation pour SIGCHECK acceptes avec OK cela est pour nous faire un rapport plus complet et pouvoir en faire une lecture plus approfondis

Laisses l'outil travailler, il peut être assez long

A la fin de l'analyse,clique sur l'appareil photo et enregistre le rapport sur ton Bureau.


Fermes ZHPDiag en fin d'analyse.


Pour me le transmettre clique sur ce lien :

http://www.cijoint.fr/index.php


Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt

ou directement en choisissant bureau et ZHPDiag.txt clique dessus

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cib7SU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.


et si problème passe par celui ci : https://www.cjoint.com/

Merci de ta réponse !

Pour ZHPFix >>
Rapport de ZHPFix 1.12.3362 par Nicolas Coolman, Update du 23/09/2011
Fichier d'export Registre :
Run by Mathilda at 02/10/2011 22:48:55
Windows Vista Home Basic Edition, 32-bit Service Pack 1 (Build 6001)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Logiciel(s) ==========
ABSENT Uninstall Process: c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\uninstall.exe
SUPPRIME O42 - Logiciel: Dealio Toolbar v4.6 - (.Spigot, Inc..) [HKLM] -- {10404646-77C5-4f07-947E-58E5FA78A8BE}
ABSENT Uninstall Process: c:\program files\offerbox\uninst.exe

========== Clé(s) du Registre ==========
SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar]
SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox]
SUPPRIME Key: Service: Bonjour Service
ABSENT Key: Service: Bonjour Service
ABSENT Key: CLSID BHO: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
SUPPRIME Key: CLSID BHO: {2EECD738-5844-4a99-B4B6-146BF802613B}
SUPPRIME Key: CLSID BHO: {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
ABSENT Key: Service: Application Updater
SUPPRIME Key: HKCU\Software\AppDataLow\Software\PriceGong
ABSENT Key: HKCU\Software\AppDataLow\Software\Search Settings
SUPPRIME Key: HKCU\Software\BabylonToolbar
SUPPRIME Key: HKCU\Software\OfferBox
SUPPRIME Key: HKCU\Software\pdfforge.org
ABSENT Key: HKLM\Software\Application Updater
SUPPRIME Key: HKLM\Software\Babylon
ABSENT Key: HKLM\Software\Dealio
ABSENT Key: HKLM\Software\Search Settings
SUPPRIME Key: HKLM\Software\pdfforge.org
SUPPRIME Key: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox
SUPPRIME Key: HKLM\Software\Classes\OfferBox.OfferBoxServer
SUPPRIME Key: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
ABSENT Key: HKLM\Software\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
ABSENT Key: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
SUPPRIME Key: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
ABSENT Key: HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5f05c28d-dea9-4ad6-a73a-064175988eab}
ABSENT Key: HKLM\Software\Classes\Interface\{6612afdd-34ad-4b89-a236-7e6d07c3fdcd}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{937936af-28ca-4973-b8ae-f250406149a2}
ABSENT Key: HKLM\Software\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}
ABSENT Key: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
SUPPRIME Key: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{c878cd69-85db-426b-81a3-e71175aaeb91}
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
ABSENT Key: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
ABSENT Key: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
SUPPRIME Key: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\Application Updater
ABSENT Key: HKLM\Software\BabylonToolbar
SUPPRIME Key: HKLM\Software\OfferBox
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox

========== Valeur(s) du Registre ==========
SUPPRIME RunValue: HP Software Update
SUPPRIME RunValue: QuickTime Task
SUPPRIME RunValue: iTunesHelper
SUPPRIME RunValue: Adobe Reader Speed Launcher
SUPPRIME RunValue: WindowsWelcomeCenter
ABSENT URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
ABSENT Toolbar: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
SUPPRIME Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC}
ABSENT RunValue: SearchSettings
SUPPRIME IFC: [FEATURE_BROWSER_EMULATION] svchost.exe
ABSENT IFC: [FEATURE_BROWSER_EMULATION] svchost.exe
SUPPRIME TCP Query User{E394931E-4476-4249-8F8B-2209B18646BE}C:/users/mathilda/appdata/local/mediaget2/mediaget.exe
SUPPRIME UDP Query User{3CB1B939-31F8-4465-A0F8-B5986CA74D07}C:/users/mathilda/appdata/local/mediaget2/mediaget.exe
ABSENT [HKLM\Software\Mozilla\Firefox\Extensions]:offerboxffx@offerbox.com
ABSENT [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:SearchSettings
ABSENT Valeur Standard Profile: FirewallRaz :
ABSENT Valeur Domain Profile: FirewallRaz :
SUPPRIME FirewallRaz (Public) : {B8BB9978-AA8C-4886-BA74-8F87B06F2713}
SUPPRIME FirewallRaz (Public) : {B782FA2C-7F56-413E-ABE3-F40C80590780}
SUPPRIME FirewallRaz (Public) : {DAABCBD4-C6AD-41B6-AE53-52B1E02A2DDD}
SUPPRIME FirewallRaz (Public) : {08A5E67E-1FCA-4002-BDE0-3E87EFD64458}
SUPPRIME FirewallRaz (None) : {909DB792-5BEF-45E2-BF88-75499BA497BA}

========== Dossier(s) ==========
SUPPRIME Reboot Folder**: C:\Users\Mathilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
ABSENT C:\Program Files\Application Updater
SUPPRIME Folder: C:\Program Files\BabylonToolbar
ABSENT C:\Program Files\Dealio Toolbar
SUPPRIME Reboot Folder**: C:\Program Files\OfferBox
ABSENT C:\Program Files\Common Files\Spigot
SUPPRIME Folder: C:\ProgramData\Babylon
SUPPRIME Folder: C:\Users\Mathilda\AppData\Roaming\Babylon
SUPPRIME Folder: C:\Users\Mathilda\AppData\Roaming\OfferBox
SUPPRIME Folder: C:\Users\Mathilda\AppData\Local\Babylon
SUPPRIME Folder: C:\Users\Mathilda\AppData\Local\MediaGet2
SUPPRIME Folder: c:\users\mathilda\appdata\locallow\pricegong
SUPPRIME Flash Cookies: 460
SUPPRIME Temporaires Windows: : 491

========== Fichier(s) ==========
ABSENT Folder/File: c:\program files\common files\spigot\search settings\searchsettings.exe 836]
ABSENT Folder/File: c:\program files\application updater\applicationupdater.exe
ABSENT File: c:\program files\dealio toolbar\ie\4.6\dealiotoolbarie.dll
SUPPRIME File: c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\bh\babylontoolbar.dll
SUPPRIME File: c:\program files\offerbox\offerboxbho.dll
SUPPRIME File: c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\babylontoolbartlbr.dll
ABSENT File: c:\program files\common files\spigot\search settings\searchsettings.exe
ABSENT File: c:\program files\application updater\applicationupdater.exe
ABSENT Folder/File: c:\program files\application updater
ABSENT Folder/File: c:\program files\babylontoolbar
ABSENT Folder/File: c:\program files\dealio toolbar
ABSENT Folder/File: c:\program files\offerbox
ABSENT Folder/File: c:\program files\common files\spigot
ABSENT Folder/File: c:\programdata\babylon
ABSENT Folder/File: c:\users\mathilda\appdata\roaming\babylon
ABSENT Folder/File: c:\users\mathilda\appdata\local\babylon
ABSENT Folder/File: c:\users\mathilda\appdata\local\mediaget2
ABSENT Folder/File: c:\users\mathilda\appdata\locallow\dealio
ABSENT Folder/File: c:\users\mathilda\appdata\locallow\search settings
SUPPRIME File: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk
SUPPRIME Flash Cookies: 228
SUPPRIME Temporaires Windows: : 4567

========== Restauration Système ==========
Point de restauration non crée


========== Récapitulatif ==========
50 : Clé(s) du Registre
22 : Valeur(s) du Registre
14 : Dossier(s)
22 : Fichier(s)
3 : Logiciel(s)
1 : Restauration Système

Pour Reload_TDSSKiller

22:54:05.0433 5632 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
22:54:05.0453 5632 ============================================================
22:54:05.0453 5632 Current date / time: 2011/10/02 22:54:05.0453
22:54:05.0453 5632 SystemInfo:
22:54:05.0453 5632
22:54:05.0453 5632 OS Version: 6.0.6001 ServicePack: 1.0
22:54:05.0453 5632 Product type: Workstation
22:54:05.0453 5632 ComputerName: PC-DE-MATHILDA
22:54:05.0454 5632 UserName: Mathilda
22:54:05.0454 5632 Windows directory: C:\Windows
22:54:05.0454 5632 System windows directory: C:\Windows
22:54:05.0454 5632 Processor architecture: Intel x86
22:54:05.0454 5632 Number of processors: 1
22:54:05.0454 5632 Page size: 0x1000
22:54:05.0454 5632 Boot type: Normal boot
22:54:05.0454 5632 ============================================================
22:54:06.0682 5632 Initialize success
22:54:07.0864 7796 ============================================================
22:54:07.0864 7796 Scan started
22:54:07.0864 7796 Mode: Manual;
22:54:07.0864 7796 ============================================================
22:54:08.0489 7796 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
22:54:08.0493 7796 ACPI - ok
22:54:08.0544 7796 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:54:08.0550 7796 adp94xx - ok
22:54:08.0580 7796 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:54:08.0584 7796 adpahci - ok
22:54:08.0612 7796 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:54:08.0614 7796 adpu160m - ok
22:54:08.0636 7796 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:54:08.0640 7796 adpu320 - ok
22:54:08.0691 7796 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
22:54:08.0694 7796 AFD - ok
22:54:08.0751 7796 AgereSoftModem (baf68dcba949633df0c16d37af2a2351) C:\Windows\system32\DRIVERS\AGRSM.sys
22:54:08.0826 7796 AgereSoftModem - ok
22:54:08.0910 7796 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:54:08.0911 7796 agp440 - ok
22:54:08.0959 7796 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:54:08.0961 7796 aic78xx - ok
22:54:08.0997 7796 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:54:08.0997 7796 aliide - ok
22:54:09.0023 7796 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:54:09.0025 7796 amdagp - ok
22:54:09.0044 7796 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:54:09.0045 7796 amdide - ok
22:54:09.0075 7796 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:54:09.0077 7796 AmdK7 - ok
22:54:09.0120 7796 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
22:54:09.0121 7796 AmdK8 - ok
22:54:09.0174 7796 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:54:09.0176 7796 arc - ok
22:54:09.0216 7796 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:54:09.0217 7796 arcsas - ok
22:54:09.0268 7796 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:54:09.0269 7796 AsyncMac - ok
22:54:09.0303 7796 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
22:54:09.0304 7796 atapi - ok
22:54:09.0378 7796 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
22:54:09.0380 7796 AVGIDSDriver - ok
22:54:09.0419 7796 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
22:54:09.0420 7796 AVGIDSEH - ok
22:54:09.0447 7796 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
22:54:09.0449 7796 AVGIDSFilter - ok
22:54:09.0488 7796 AVGIDSShim (54d710b7d2e30e1ddc8ce2c6e685576b) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
22:54:09.0489 7796 AVGIDSShim - ok
22:54:09.0539 7796 Avgldx86 (f4dbbc8d3c5338693da23c59a50f8abc) C:\Windows\system32\DRIVERS\avgldx86.sys
22:54:09.0544 7796 Avgldx86 - ok
22:54:09.0571 7796 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
22:54:09.0572 7796 Avgmfx86 - ok
22:54:09.0616 7796 Avgrkx86 (4def59ff7d09b9ce59739102b49fd526) C:\Windows\system32\DRIVERS\avgrkx86.sys
22:54:09.0617 7796 Avgrkx86 - ok
22:54:09.0662 7796 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
22:54:09.0666 7796 Avgtdix - ok
22:54:09.0730 7796 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:54:09.0731 7796 Beep - ok
22:54:09.0827 7796 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:54:09.0841 7796 blbdrive - ok
22:54:09.0895 7796 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
22:54:09.0899 7796 bowser - ok
22:54:09.0962 7796 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:54:09.0963 7796 BrFiltLo - ok
22:54:09.0982 7796 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:54:09.0983 7796 BrFiltUp - ok
22:54:10.0018 7796 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:54:10.0019 7796 Brserid - ok
22:54:10.0041 7796 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:54:10.0042 7796 BrSerWdm - ok
22:54:10.0070 7796 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:54:10.0071 7796 BrUsbMdm - ok
22:54:10.0099 7796 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:54:10.0100 7796 BrUsbSer - ok
22:54:10.0130 7796 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:54:10.0131 7796 BTHMODEM - ok
22:54:10.0163 7796 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:54:10.0164 7796 cdfs - ok
22:54:10.0186 7796 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
22:54:10.0187 7796 cdrom - ok
22:54:10.0218 7796 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:54:10.0235 7796 circlass - ok
22:54:10.0266 7796 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
22:54:10.0269 7796 CLFS - ok
22:54:10.0316 7796 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:54:10.0332 7796 cmdide - ok
22:54:10.0367 7796 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
22:54:10.0368 7796 Compbatt - ok
22:54:10.0405 7796 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:54:10.0406 7796 crcdisk - ok
22:54:10.0434 7796 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:54:10.0435 7796 Crusoe - ok
22:54:10.0499 7796 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
22:54:10.0502 7796 DfsC - ok
22:54:10.0593 7796 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
22:54:10.0594 7796 disk - ok
22:54:10.0642 7796 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
22:54:10.0648 7796 Dot4 - ok
22:54:10.0671 7796 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:54:10.0672 7796 Dot4Print - ok
22:54:10.0692 7796 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
22:54:10.0693 7796 dot4usb - ok
22:54:10.0861 7796 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
22:54:10.0861 7796 driverhardwarev2 - ok
22:54:10.0941 7796 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:54:10.0941 7796 drmkaud - ok
22:54:10.0979 7796 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
22:54:10.0995 7796 DXGKrnl - ok
22:54:11.0027 7796 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:54:11.0029 7796 E1G60 - ok
22:54:11.0072 7796 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
22:54:11.0075 7796 Ecache - ok
22:54:11.0124 7796 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:54:11.0129 7796 elxstor - ok
22:54:11.0170 7796 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:54:11.0170 7796 ErrDev - ok
22:54:11.0259 7796 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
22:54:11.0261 7796 exfat - ok
22:54:11.0285 7796 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
22:54:11.0287 7796 fastfat - ok
22:54:11.0324 7796 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:54:11.0325 7796 fdc - ok
22:54:11.0364 7796 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:54:11.0366 7796 FileInfo - ok
22:54:11.0393 7796 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:54:11.0394 7796 Filetrace - ok
22:54:11.0413 7796 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:54:11.0414 7796 flpydisk - ok
22:54:11.0449 7796 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
22:54:11.0470 7796 FltMgr - ok
22:54:11.0520 7796 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
22:54:11.0538 7796 fssfltr - ok
22:54:11.0570 7796 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:54:11.0571 7796 Fs_Rec - ok
22:54:11.0596 7796 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:54:11.0597 7796 gagp30kx - ok
22:54:11.0647 7796 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:54:11.0648 7796 GEARAspiWDM - ok
22:54:11.0723 7796 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
22:54:11.0726 7796 HdAudAddService - ok
22:54:11.0752 7796 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:54:11.0753 7796 HDAudBus - ok
22:54:11.0784 7796 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:54:11.0785 7796 HidBth - ok
22:54:11.0819 7796 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:54:11.0820 7796 HidIr - ok
22:54:11.0860 7796 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
22:54:11.0865 7796 HidUsb - ok
22:54:11.0899 7796 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:54:11.0919 7796 HpCISSs - ok
22:54:11.0974 7796 HTTP (33b02459e86d0a2b86a6b9fe19139390) C:\Windows\system32\drivers\HTTP.sys
22:54:11.0979 7796 HTTP - ok
22:54:12.0004 7796 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:54:12.0006 7796 i2omp - ok
22:54:12.0041 7796 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:54:12.0042 7796 i8042prt - ok
22:54:12.0077 7796 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:54:12.0081 7796 iaStorV - ok
22:54:12.0113 7796 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:54:12.0114 7796 iirsp - ok
22:54:12.0179 7796 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
22:54:12.0180 7796 int15 - ok
22:54:12.0258 7796 IntcAzAudAddService (58628f232a00a3149d7cc7708c521499) C:\Windows\system32\drivers\RTKVHDA.sys
22:54:12.0299 7796 IntcAzAudAddService - ok
22:54:12.0404 7796 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
22:54:12.0405 7796 intelide - ok
22:54:12.0455 7796 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:54:12.0457 7796 intelppm - ok
22:54:12.0487 7796 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:54:12.0489 7796 IpFilterDriver - ok
22:54:12.0510 7796 IpInIp - ok
22:54:12.0546 7796 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:54:12.0548 7796 IPMIDRV - ok
22:54:12.0576 7796 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:54:12.0577 7796 IPNAT - ok
22:54:12.0623 7796 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:54:12.0624 7796 IRENUM - ok
22:54:12.0649 7796 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:54:12.0650 7796 isapnp - ok
22:54:12.0687 7796 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
22:54:12.0689 7796 iScsiPrt - ok
22:54:12.0719 7796 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:54:12.0720 7796 iteatapi - ok
22:54:12.0754 7796 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:54:12.0755 7796 iteraid - ok
22:54:12.0788 7796 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:54:12.0789 7796 kbdclass - ok
22:54:12.0820 7796 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
22:54:12.0821 7796 kbdhid - ok
22:54:12.0861 7796 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
22:54:12.0870 7796 KSecDD - ok
22:54:12.0913 7796 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:54:12.0914 7796 lltdio - ok
22:54:12.0958 7796 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:54:12.0960 7796 LSI_FC - ok
22:54:12.0981 7796 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:54:12.0986 7796 LSI_SAS - ok
22:54:13.0018 7796 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:54:13.0020 7796 LSI_SCSI - ok
22:54:13.0057 7796 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:54:13.0059 7796 luafv - ok
22:54:13.0109 7796 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\Drivers\LVPr2Mon.sys
22:54:13.0110 7796 LVPr2Mon - ok
22:54:13.0275 7796 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\Windows\system32\DRIVERS\lvuvc.sys
22:54:13.0378 7796 LVUVC - ok
22:54:13.0429 7796 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:54:13.0430 7796 megasas - ok
22:54:13.0459 7796 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:54:13.0465 7796 MegaSR - ok
22:54:13.0522 7796 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:54:13.0523 7796 Modem - ok
22:54:13.0548 7796 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:54:13.0549 7796 monitor - ok
22:54:13.0573 7796 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:54:13.0574 7796 mouclass - ok
22:54:13.0597 7796 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:54:13.0597 7796 mouhid - ok
22:54:13.0616 7796 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:54:13.0617 7796 MountMgr - ok
22:54:13.0664 7796 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:54:13.0666 7796 mpio - ok
22:54:13.0696 7796 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:54:13.0697 7796 mpsdrv - ok
22:54:13.0742 7796 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:54:13.0744 7796 Mraid35x - ok
22:54:13.0766 7796 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
22:54:13.0768 7796 MRxDAV - ok
22:54:13.0800 7796 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:54:13.0801 7796 mrxsmb - ok
22:54:13.0837 7796 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:54:13.0840 7796 mrxsmb10 - ok
22:54:13.0862 7796 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:54:13.0864 7796 mrxsmb20 - ok
22:54:13.0893 7796 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
22:54:13.0894 7796 msahci - ok
22:54:13.0920 7796 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:54:13.0944 7796 msdsm - ok
22:54:13.0981 7796 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:54:13.0982 7796 Msfs - ok
22:54:14.0006 7796 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:54:14.0007 7796 msisadrv - ok
22:54:14.0046 7796 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:54:14.0047 7796 MSKSSRV - ok
22:54:14.0079 7796 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:54:14.0080 7796 MSPCLOCK - ok
22:54:14.0097 7796 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:54:14.0098 7796 MSPQM - ok
22:54:14.0121 7796 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
22:54:14.0124 7796 MsRPC - ok
22:54:14.0147 7796 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:54:14.0148 7796 mssmbios - ok
22:54:14.0174 7796 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:54:14.0174 7796 MSTEE - ok
22:54:14.0200 7796 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
22:54:14.0201 7796 Mup - ok
22:54:14.0253 7796 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
22:54:14.0256 7796 NativeWifiP - ok
22:54:14.0306 7796 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
22:54:14.0312 7796 NDIS - ok
22:54:14.0345 7796 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:54:14.0347 7796 NdisTapi - ok
22:54:14.0374 7796 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:54:14.0375 7796 Ndisuio - ok
22:54:14.0405 7796 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
22:54:14.0407 7796 NdisWan - ok
22:54:14.0428 7796 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:54:14.0431 7796 NDProxy - ok
22:54:14.0484 7796 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:54:14.0485 7796 NetBIOS - ok
22:54:14.0530 7796 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
22:54:14.0533 7796 netbt - ok
22:54:14.0574 7796 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:54:14.0575 7796 nfrd960 - ok
22:54:14.0604 7796 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
22:54:14.0605 7796 Npfs - ok
22:54:14.0629 7796 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:54:14.0630 7796 nsiproxy - ok
22:54:14.0671 7796 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
22:54:14.0678 7796 Ntfs - ok
22:54:14.0710 7796 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:54:14.0711 7796 ntrigdigi - ok
22:54:14.0746 7796 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:54:14.0747 7796 Null - ok
22:54:14.0797 7796 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
22:54:14.0803 7796 NVENETFD - ok
22:54:15.0040 7796 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:54:15.0206 7796 nvlddmkm - ok
22:54:15.0303 7796 NVNET (925881caac3f68ccb906ef078fbcd838) C:\Windows\system32\DRIVERS\nvmfdx32.sys
22:54:15.0308 7796 NVNET - ok
22:54:15.0356 7796 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:54:15.0358 7796 nvraid - ok
22:54:15.0393 7796 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:54:15.0394 7796 nvstor - ok
22:54:15.0424 7796 nvstor32 (3ff57a9a657c9690ecbc8b1e3b6e3979) C:\Windows\system32\DRIVERS\nvstor32.sys
22:54:15.0425 7796 nvstor32 - ok
22:54:15.0473 7796 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:54:15.0475 7796 nv_agp - ok
22:54:15.0490 7796 NwlnkFlt - ok
22:54:15.0507 7796 NwlnkFwd - ok
22:54:15.0546 7796 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
22:54:15.0550 7796 ohci1394 - ok
22:54:15.0644 7796 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:54:15.0645 7796 Parport - ok
22:54:15.0680 7796 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
22:54:15.0681 7796 partmgr - ok
22:54:15.0709 7796 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:54:15.0709 7796 Parvdm - ok
22:54:15.0743 7796 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
22:54:15.0746 7796 pci - ok
22:54:15.0782 7796 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
22:54:15.0783 7796 pciide - ok
22:54:15.0819 7796 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:54:15.0823 7796 pcmcia - ok
22:54:15.0881 7796 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:54:15.0898 7796 PEAUTH - ok
22:54:15.0967 7796 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:54:15.0968 7796 PptpMiniport - ok
22:54:16.0014 7796 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:54:16.0015 7796 Processor - ok
22:54:16.0066 7796 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
22:54:16.0068 7796 PSched - ok
22:54:16.0125 7796 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:54:16.0150 7796 ql2300 - ok
22:54:16.0179 7796 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:54:16.0181 7796 ql40xx - ok
22:54:16.0217 7796 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:54:16.0218 7796 QWAVEdrv - ok
22:54:16.0243 7796 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:54:16.0244 7796 RasAcd - ok
22:54:16.0279 7796 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:54:16.0279 7796 Rasl2tp - ok
22:54:16.0303 7796 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
22:54:16.0304 7796 RasPppoe - ok
22:54:16.0327 7796 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
22:54:16.0329 7796 RasSstp - ok
22:54:16.0350 7796 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
22:54:16.0353 7796 rdbss - ok
22:54:16.0369 7796 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:54:16.0369 7796 RDPCDD - ok
22:54:16.0404 7796 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:54:16.0406 7796 rdpdr - ok
22:54:16.0439 7796 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:54:16.0439 7796 RDPENCDD - ok
22:54:16.0477 7796 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
22:54:16.0495 7796 RDPWD - ok
22:54:16.0593 7796 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:54:16.0594 7796 rspndr - ok
22:54:16.0627 7796 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:54:16.0629 7796 sbp2port - ok
22:54:16.0685 7796 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:54:16.0686 7796 secdrv - ok
22:54:16.0728 7796 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:54:16.0729 7796 Serenum - ok
22:54:16.0769 7796 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:54:16.0771 7796 Serial - ok
22:54:16.0796 7796 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:54:16.0797 7796 sermouse - ok
22:54:16.0841 7796 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:54:16.0843 7796 sffdisk - ok
22:54:16.0867 7796 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:54:16.0868 7796 sffp_mmc - ok
22:54:16.0887 7796 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:54:16.0888 7796 sffp_sd - ok
22:54:16.0912 7796 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:54:16.0913 7796 sfloppy - ok
22:54:16.0945 7796 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:54:16.0946 7796 sisagp - ok
22:54:16.0962 7796 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:54:16.0963 7796 SiSRaid2 - ok
22:54:16.0992 7796 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:54:16.0997 7796 SiSRaid4 - ok
22:54:17.0040 7796 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
22:54:17.0042 7796 Smb - ok
22:54:17.0078 7796 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:54:17.0079 7796 spldr - ok
22:54:17.0152 7796 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
22:54:17.0157 7796 srv - ok
22:54:17.0194 7796 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
22:54:17.0196 7796 srv2 - ok
22:54:17.0228 7796 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
22:54:17.0230 7796 srvnet - ok
22:54:17.0269 7796 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:54:17.0270 7796 swenum - ok
22:54:17.0306 7796 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:54:17.0308 7796 Symc8xx - ok
22:54:17.0330 7796 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:54:17.0331 7796 Sym_hi - ok
22:54:17.0362 7796 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:54:17.0363 7796 Sym_u3 - ok
22:54:17.0449 7796 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
22:54:17.0467 7796 Tcpip - ok
22:54:17.0498 7796 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
22:54:17.0505 7796 Tcpip6 - ok
22:54:17.0539 7796 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
22:54:17.0540 7796 tcpipreg - ok
22:54:17.0567 7796 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:54:17.0568 7796 TDPIPE - ok
22:54:17.0597 7796 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:54:17.0598 7796 TDTCP - ok
22:54:17.0627 7796 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
22:54:17.0629 7796 tdx - ok
22:54:17.0646 7796 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
22:54:17.0647 7796 TermDD - ok
22:54:17.0728 7796 TrueSight - ok
22:54:17.0772 7796 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:54:17.0773 7796 tssecsrv - ok
22:54:17.0809 7796 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:54:17.0810 7796 tunmp - ok
22:54:17.0855 7796 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
22:54:17.0856 7796 tunnel - ok
22:54:17.0889 7796 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:54:17.0890 7796 uagp35 - ok
22:54:17.0915 7796 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
22:54:17.0918 7796 udfs - ok
22:54:17.0958 7796 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:54:17.0960 7796 uliagpkx - ok
22:54:17.0992 7796 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:54:17.0996 7796 uliahci - ok
22:54:18.0019 7796 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:54:18.0021 7796 UlSata - ok
22:54:18.0082 7796 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:54:18.0084 7796 ulsata2 - ok
22:54:18.0124 7796 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:54:18.0125 7796 umbus - ok
22:54:18.0183 7796 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
22:54:18.0184 7796 USBAAPL - ok
22:54:18.0215 7796 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:54:18.0217 7796 usbccgp - ok
22:54:18.0260 7796 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:54:18.0261 7796 usbcir - ok
22:54:18.0299 7796 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
22:54:18.0300 7796 usbehci - ok
22:54:18.0323 7796 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
22:54:18.0326 7796 usbhub - ok
22:54:18.0344 7796 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
22:54:18.0345 7796 usbohci - ok
22:54:18.0383 7796 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
22:54:18.0384 7796 usbprint - ok
22:54:18.0418 7796 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
22:54:18.0419 7796 usbscan - ok
22:54:18.0450 7796 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:54:18.0451 7796 USBSTOR - ok
22:54:18.0490 7796 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:54:18.0491 7796 usbuhci - ok
22:54:18.0550 7796 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
22:54:18.0553 7796 usbvideo - ok
22:54:18.0587 7796 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:54:18.0588 7796 vga - ok
22:54:18.0628 7796 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:54:18.0629 7796 VgaSave - ok
22:54:18.0659 7796 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:54:18.0660 7796 viaagp - ok
22:54:18.0676 7796 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:54:18.0677 7796 ViaC7 - ok
22:54:18.0705 7796 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:54:18.0706 7796 viaide - ok
22:54:18.0722 7796 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:54:18.0723 7796 volmgr - ok
22:54:18.0758 7796 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
22:54:18.0762 7796 volmgrx - ok
22:54:18.0795 7796 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
22:54:18.0798 7796 volsnap - ok
22:54:18.0826 7796 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:54:18.0828 7796 vsmraid - ok
22:54:18.0877 7796 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:54:18.0878 7796 WacomPen - ok
22:54:18.0915 7796 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:54:18.0917 7796 Wanarp - ok
22:54:18.0939 7796 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:54:18.0940 7796 Wanarpv6 - ok
22:54:18.0975 7796 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:54:18.0976 7796 Wd - ok
22:54:19.0018 7796 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:54:19.0025 7796 Wdf01000 - ok
22:54:19.0115 7796 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:54:19.0116 7796 WmiAcpi - ok
22:54:19.0182 7796 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
22:54:19.0183 7796 WpdUsb - ok
22:54:19.0236 7796 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:54:19.0238 7796 ws2ifsl - ok
22:54:19.0287 7796 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:54:19.0288 7796 WUDFRd - ok
22:54:19.0337 7796 MBR (0x1B8) (568a4a17e61a92a346eb7b61146d0660) \Device\Harddisk0\DR0
22:54:19.0338 7796 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
22:54:19.0338 7796 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
22:54:19.0348 7796 MBR (0x1B8) (66d0b28c8b44e531d0c19f436252abaa) \Device\Harddisk3\DR7
22:54:19.0357 7796 \Device\Harddisk3\DR7 - ok
22:54:19.0376 7796 Boot (0x1200) (9fb0146cad9b8ab7ab49c8be7e025e13) \Device\Harddisk0\DR0\Partition0
22:54:19.0377 7796 \Device\Harddisk0\DR0\Partition0 - ok
22:54:19.0404 7796 Boot (0x1200) (30413e15ba4808896cde0d34c6df3477) \Device\Harddisk0\DR0\Partition1
22:54:19.0404 7796 \Device\Harddisk0\DR0\Partition1 - ok
22:54:19.0413 7796 Boot (0x1200) (0aba537d9b8f29dd10db069171c32359) \Device\Harddisk3\DR7\Partition0
22:54:19.0414 7796 \Device\Harddisk3\DR7\Partition0 - ok
22:54:19.0418 7796 ============================================================
22:54:19.0418 7796 Scan finished
22:54:19.0418 7796 ============================================================
22:54:19.0433 7056 Detected object count: 1
22:54:19.0433 7056 Actual detected object count: 1
22:54:40.0419 7056 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
22:54:40.0420 7056 \Device\Harddisk0\DR0 - ok
22:54:40.0420 7056 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure
22:54:42.0686 3400 Deinitialize success

Pour adw cleaner >>

# AdwCleaner v1.309 - Rapport créé le 02/10/2011 à 22:58:09
# Mis à jour le 29/09/11 à 20h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 1 (32 bits)
# Nom d'utilisateur : Mathilda - PC-DE-MATHILDA (Administrateur)
# Exécuté depuis : J:\adwcleaner0.exe
# Option [Suppression]


***** [KillNav] *****

Aucun navigateur n'était en cours d'exécution.

***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\Mathilda\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\Mathilda\AppData\LocalLow\ConduitEngine
Dossier Supprimé : C:\Program Files\Conduit
Dossier Supprimé : C:\Program Files\ConduitEngine
Fichier Supprimé : C:\Windows\system32\conduitEngine.tmp

***** [Registre] *****

Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\Classes\b
Clé Supprimée : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Clé Supprimée : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

***** [Navigateurs] *****

-\\ Internet Explorer v7.0.6001.18000

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v5.0.375.55

Fichier : C:\Users\Mathilda\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [5226 octets] - [02/10/2011 22:58:09]

*************************

Dossier Temporaire : 4 dossier(s) et 9 fichier(s) supprimé(s)

########## EOF - C:\AdwCleaner[S1].txt - [5448 octets] ##########

Et pour zhpdiag >>

http://www.cijoint.fr/cj201110/cijfoJgljr.txt