Sujet Précédent Sujet Suivant

Virus: plus d'antivirus, pages redirigées

Fermé
Benji60000 Messages postés 18 Date d'inscription mardi 1 novembre 2011 Statut Membre Dernière intervention 27 novembre 2011 - 2 nov. 2011 à 00:08
Benji60000 Messages postés 18 Date d'inscription mardi 1 novembre 2011 Statut Membre Dernière intervention 27 novembre 2011 - 27 nov. 2011 à 15:07
Bonjour, j'ai un soucis sur mon ordinateur depuis quelques jours, il y a un virus. Ce virus me bloque mon antivirus (Microsoft Security Essentials), j'ai téléchargé Avast mais il a aussi était bloqué. J'ai Multi Virus Cleaner 2007 qui fonctionne mais il ne trouve rien.

Pour finir sur internet quand je fais une recherche sur google et que je clique sur un lien je suis redirigé.

J'espère trouvé de l'aide ici.
A voir également:

48 réponses

Réponse 1 / 48
Utilisateur anonyme
2 nov. 2011 à 00:09
salut

▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan"

Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
Si Rootkit.Win32.ZAccess.* est détecté règle sur "cure" en haut , et "delete" en bas

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.

===============================

desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu

Ferme toutes tes appilications en cours

telecharge et enregistre ceci sur ton bureau :

Pre_Scan

si le lien ne fonctionne pas :

http://www.archive-host.com

Avertissement: Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.

si 'outil est bloqué par l'infection utilise cette version : Version .pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan

▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)

clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
0
Réponse 2 / 48
Smart91 Messages postés 29096 Date d'inscription dimanche 15 juillet 2007 Statut Contributeur sécurité Dernière intervention 5 avril 2014 2 327
2 nov. 2011 à 00:10
Bonjour,

ne garde u'un seul antivirus. désinstalle les autres.

Tu vas faire ceci:

* Télécharge TDSSKiller (de Kaspersky Labs) sur ton Bureau.
* Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
* Clique sur Start Scan pour démarrer l'analyse.
* Si TDSS.tdl2 : l'option Delete sera cochée.
* Si TDSS.tdl3 ou TDSS.tdl4 : assure toi que Cure soit bien cochée.
* Si "Suspicious object" laisse l'option cochée sur Skip
* Si Rootkit.Win32.ZAccess.* est détecté règle sur cure en haut , et delete en bas
* Ensuite, clique sur Continue puis sur Reboot Now si nécessaire.
* Un rapport s'ouvrira au redémarrage de l'ordinateur.
* Copie/colle son contenu dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt

Smart
0
Utilisateur anonyme
2 nov. 2011 à 00:12
grilled ^^
0
Smart91 Messages postés 29096 Date d'inscription dimanche 15 juillet 2007 Statut Contributeur sécurité Dernière intervention 5 avril 2014 2 327
2 nov. 2011 à 00:13
:-)
Bonne chasse
0
Réponse 3 / 48
Benji60000 Messages postés 18 Date d'inscription mardi 1 novembre 2011 Statut Membre Dernière intervention 27 novembre 2011
2 nov. 2011 à 11:33
Voici le rapport :




11:30:57.0156 3268 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
11:30:57.0312 3268 ============================================================
11:30:57.0312 3268 Current date / time: 2011/11/02 11:30:57.0312
11:30:57.0312 3268 SystemInfo:
11:30:57.0312 3268
11:30:57.0312 3268 OS Version: 5.1.2600 ServicePack: 3.0
11:30:57.0312 3268 Product type: Workstation
11:30:57.0312 3268 ComputerName: SN120480220313
11:30:57.0312 3268 UserName: Ben
11:30:57.0312 3268 Windows directory: C:\WINDOWS
11:30:57.0312 3268 System windows directory: C:\WINDOWS
11:30:57.0312 3268 Processor architecture: Intel x86
11:30:57.0312 3268 Number of processors: 2
11:30:57.0312 3268 Page size: 0x1000
11:30:57.0312 3268 Boot type: Normal boot
11:30:57.0312 3268 ============================================================
11:30:58.0203 3268 Initialize success
11:31:16.0140 2688 ============================================================
11:31:16.0140 2688 Scan started
11:31:16.0140 2688 Mode: Manual;
11:31:16.0140 2688 ============================================================
11:31:16.0421 2688 Abiosdsk - ok
11:31:16.0484 2688 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:31:16.0484 2688 abp480n5 - ok
11:31:16.0562 2688 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:31:16.0562 2688 ACPI - ok
11:31:16.0609 2688 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:31:16.0609 2688 ACPIEC - ok
11:31:16.0625 2688 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:31:16.0625 2688 adpu160m - ok
11:31:16.0671 2688 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:31:16.0671 2688 aec - ok
11:31:16.0718 2688 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:31:16.0718 2688 AFD - ok
11:31:16.0765 2688 AFS2K (b34b1ab0a7690a0e2301fec6d17b2fc1) C:\WINDOWS\system32\drivers\AFS2K.sys
11:31:16.0765 2688 AFS2K - ok
11:31:16.0812 2688 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
11:31:16.0812 2688 agp440 - ok
11:31:16.0828 2688 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:31:16.0828 2688 agpCPQ - ok
11:31:16.0875 2688 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:31:16.0875 2688 Aha154x - ok
11:31:16.0921 2688 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:31:16.0921 2688 aic78u2 - ok
11:31:16.0937 2688 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:31:16.0937 2688 aic78xx - ok
11:31:17.0015 2688 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
11:31:17.0031 2688 AliIde - ok
11:31:17.0062 2688 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:31:17.0062 2688 alim1541 - ok
11:31:17.0093 2688 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:31:17.0093 2688 amdagp - ok
11:31:17.0109 2688 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
11:31:17.0109 2688 amsint - ok
11:31:17.0171 2688 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:31:17.0171 2688 Arp1394 - ok
11:31:17.0203 2688 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
11:31:17.0203 2688 asc - ok
11:31:17.0218 2688 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:31:17.0218 2688 asc3350p - ok
11:31:17.0250 2688 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:31:17.0250 2688 asc3550 - ok
11:31:17.0296 2688 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
11:31:17.0296 2688 ASCTRM - ok
11:31:17.0343 2688 Aspi32 - ok
11:31:17.0390 2688 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:31:17.0390 2688 AsyncMac - ok
11:31:17.0406 2688 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:31:17.0406 2688 atapi - ok
11:31:17.0437 2688 Atdisk - ok
11:31:17.0515 2688 atksgt (72bc628af75c4c3250f2a3bac260265a) C:\WINDOWS\system32\DRIVERS\atksgt.sys
11:31:17.0515 2688 atksgt - ok
11:31:17.0562 2688 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:31:17.0562 2688 Atmarpc - ok
11:31:17.0625 2688 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:31:17.0625 2688 audstub - ok
11:31:17.0703 2688 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:31:17.0703 2688 Beep - ok
11:31:17.0781 2688 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:31:17.0781 2688 cbidf - ok
11:31:17.0812 2688 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:31:17.0812 2688 cbidf2k - ok
11:31:17.0859 2688 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:31:17.0859 2688 cd20xrnt - ok
11:31:17.0906 2688 cd81bc32 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\851214797:847135693.exe
11:31:19.0171 2688 Suspicious file (Hidden): C:\WINDOWS\851214797:847135693.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
11:31:19.0171 2688 cd81bc32 ( Rootkit.Win32.PMax.gen ) - infected
11:31:19.0171 2688 cd81bc32 - detected Rootkit.Win32.PMax.gen (0)
11:31:19.0421 2688 CdaC15BA (08f60f40d1a2a95a1f12eddbd9f25c1c) C:\WINDOWS\system32\drivers\CdaC15BA.SYS
11:31:19.0421 2688 CdaC15BA - ok
11:31:19.0437 2688 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:31:19.0453 2688 Cdaudio - ok
11:31:19.0500 2688 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:31:19.0500 2688 Cdfs - ok
11:31:19.0515 2688 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:31:19.0515 2688 Cdrom - ok
11:31:19.0546 2688 Changer - ok
11:31:19.0593 2688 CmdIde (e3726ad522d0bdae090671048c991ab3) C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:31:19.0593 2688 CmdIde - ok
11:31:19.0656 2688 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:31:19.0656 2688 Cpqarray - ok
11:31:19.0703 2688 CrystalSysInfo - ok
11:31:19.0750 2688 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:31:19.0750 2688 dac2w2k - ok
11:31:19.0765 2688 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:31:19.0765 2688 dac960nt - ok
11:31:19.0812 2688 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:31:19.0812 2688 Disk - ok
11:31:19.0890 2688 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
11:31:19.0937 2688 dmboot - ok
11:31:19.0968 2688 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
11:31:19.0968 2688 dmio - ok
11:31:19.0984 2688 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:31:19.0984 2688 dmload - ok
11:31:20.0031 2688 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:31:20.0031 2688 DMusic - ok
11:31:20.0093 2688 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:31:20.0093 2688 dpti2o - ok
11:31:20.0125 2688 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:31:20.0140 2688 drmkaud - ok
11:31:20.0187 2688 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:31:20.0187 2688 Fastfat - ok
11:31:20.0250 2688 fbxusb (99b2f2d42631afaf14269a92ab68390f) C:\WINDOWS\system32\DRIVERS\fbxusb.sys
11:31:20.0250 2688 fbxusb - ok
11:31:20.0312 2688 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:31:20.0312 2688 Fdc - ok
11:31:20.0375 2688 FET5X86V (e7072827d0b5f9bd99d6961571a38973) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
11:31:20.0375 2688 FET5X86V - ok
11:31:20.0375 2688 FETND5BV (e7072827d0b5f9bd99d6961571a38973) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
11:31:20.0390 2688 FETND5BV - ok
11:31:20.0421 2688 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
11:31:20.0421 2688 Fips - ok
11:31:20.0453 2688 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:31:20.0468 2688 Flpydisk - ok
11:31:20.0515 2688 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:31:20.0515 2688 FltMgr - ok
11:31:20.0562 2688 fssfltr (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
11:31:20.0562 2688 fssfltr - ok
11:31:20.0578 2688 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:31:20.0578 2688 Fs_Rec - ok
11:31:20.0640 2688 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:31:20.0656 2688 Ftdisk - ok
11:31:20.0718 2688 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:31:20.0734 2688 Gpc - ok
11:31:20.0750 2688 Hardlock - ok
11:31:20.0843 2688 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:31:20.0843 2688 HDAudBus - ok
11:31:20.0875 2688 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:31:20.0875 2688 HidUsb - ok
11:31:20.0953 2688 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
11:31:20.0953 2688 hpn - ok
11:31:20.0984 2688 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:31:20.0984 2688 HPZid412 - ok
11:31:21.0031 2688 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:31:21.0031 2688 HPZipr12 - ok
11:31:21.0062 2688 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:31:21.0062 2688 HPZius12 - ok
11:31:21.0140 2688 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:31:21.0156 2688 HTTP - ok
11:31:21.0218 2688 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
11:31:21.0218 2688 i2omgmt - ok
11:31:21.0250 2688 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:31:21.0250 2688 i2omp - ok
11:31:21.0265 2688 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:31:21.0265 2688 i8042prt - ok
11:31:21.0328 2688 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:31:21.0328 2688 Imapi - ok
11:31:21.0406 2688 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:31:21.0406 2688 ini910u - ok
11:31:21.0812 2688 IntcAzAudAddService (fa9a9468f982835e99c1ec21257f7e60) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:31:21.0843 2688 IntcAzAudAddService - ok
11:31:22.0031 2688 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:31:22.0062 2688 IntelIde - ok
11:31:22.0156 2688 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:31:22.0171 2688 intelppm - ok
11:31:22.0203 2688 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:31:22.0203 2688 Ip6Fw - ok
11:31:22.0234 2688 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:31:22.0234 2688 IpFilterDriver - ok
11:31:22.0312 2688 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:31:22.0312 2688 IpInIp - ok
11:31:22.0359 2688 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:31:22.0375 2688 IpNat - ok
11:31:22.0406 2688 IPSec (c3b55c9f04b8b9214b26659c56ec3e04) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:31:22.0406 2688 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ipsec.sys. Real md5: c3b55c9f04b8b9214b26659c56ec3e04, Fake md5: 23c74d75e36e7158768dd63d92789a91
11:31:22.0406 2688 IPSec ( Rootkit.Win32.ZAccess.e ) - infected
11:31:22.0406 2688 IPSec - detected Rootkit.Win32.ZAccess.e (0)
11:31:22.0437 2688 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:31:22.0437 2688 IRENUM - ok
11:31:22.0484 2688 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:31:22.0484 2688 isapnp - ok
11:31:22.0531 2688 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:31:22.0531 2688 Kbdclass - ok
11:31:22.0562 2688 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:31:22.0562 2688 kbdhid - ok
11:31:22.0609 2688 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:31:22.0609 2688 kmixer - ok
11:31:22.0671 2688 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:31:22.0671 2688 KSecDD - ok
11:31:22.0703 2688 lbrtfdc - ok
11:31:22.0765 2688 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
11:31:22.0765 2688 lirsgt - ok
11:31:22.0812 2688 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
11:31:22.0812 2688 MBAMSwissArmy - ok
11:31:22.0843 2688 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
11:31:22.0843 2688 MHNDRV - ok
11:31:22.0906 2688 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:31:22.0906 2688 mnmdd - ok
11:31:22.0937 2688 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
11:31:22.0937 2688 Modem - ok
11:31:23.0015 2688 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:31:23.0015 2688 Mouclass - ok
11:31:23.0078 2688 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:31:23.0078 2688 mouhid - ok
11:31:23.0125 2688 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:31:23.0125 2688 MountMgr - ok
11:31:23.0171 2688 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:31:23.0171 2688 MpFilter - ok
11:31:23.0250 2688 MpKsl0434c5bc - ok
11:31:23.0265 2688 MpKsl049ba9ff - ok
11:31:23.0281 2688 MpKsl0993c279 - ok
11:31:23.0281 2688 MpKsl0c7d1c31 - ok
11:31:23.0296 2688 MpKsl0ced5d51 - ok
11:31:23.0312 2688 MpKsl0dbecbe7 - ok
11:31:23.0312 2688 MpKsl10204a16 - ok
11:31:23.0328 2688 MpKsl1289697c - ok
11:31:23.0343 2688 MpKsl130870e5 - ok
11:31:23.0359 2688 MpKsl14e6eaa1 - ok
11:31:23.0390 2688 MpKsl16e5d49b - ok
11:31:23.0484 2688 MpKsl17866866 - ok
11:31:23.0546 2688 MpKsl19cb27b1 - ok
11:31:23.0562 2688 MpKsl1a56abfd - ok
11:31:23.0578 2688 MpKsl1b7b0ac4 - ok
11:31:23.0578 2688 MpKsl1bce167b - ok
11:31:23.0593 2688 MpKsl20a21600 - ok
11:31:23.0593 2688 MpKsl22b836db - ok
11:31:23.0593 2688 MpKsl236d6d9d - ok
11:31:23.0609 2688 MpKsl242f2ad7 - ok
11:31:23.0640 2688 MpKsl290aefd2 - ok
11:31:23.0656 2688 MpKsl292e8495 - ok
11:31:23.0671 2688 MpKsl2d32003f - ok
11:31:23.0671 2688 MpKsl300bd8be - ok
11:31:23.0703 2688 MpKsl31e8cdc1 - ok
11:31:23.0718 2688 MpKsl34347dd8 - ok
11:31:23.0734 2688 MpKsl3695b02b - ok
11:31:23.0781 2688 MpKsl3aacee50 - ok
11:31:23.0781 2688 MpKsl3d69b439 - ok
11:31:23.0828 2688 MpKsl426a1ea9 - ok
11:31:23.0828 2688 MpKsl42a741c8 - ok
11:31:23.0843 2688 MpKsl47230daf - ok
11:31:23.0875 2688 MpKsl48aa0f47 - ok
11:31:23.0890 2688 MpKsl4a5081df - ok
11:31:23.0890 2688 MpKsl4aaef3c5 - ok
11:31:23.0906 2688 MpKsl4f33b198 - ok
11:31:23.0937 2688 MpKsl50388444 - ok
11:31:23.0937 2688 MpKsl5059e6bc - ok
11:31:23.0953 2688 MpKsl53ccafd4 - ok
11:31:23.0984 2688 MpKsl547fce3c - ok
11:31:24.0000 2688 MpKsl55557f92 - ok
11:31:24.0015 2688 MpKsl58e2e32d - ok
11:31:24.0031 2688 MpKsl5a0abeb6 - ok
11:31:24.0046 2688 MpKsl5a845585 - ok
11:31:24.0093 2688 MpKsl5ababdb9 - ok
11:31:24.0109 2688 MpKsl5c5f1c8a - ok
11:31:24.0109 2688 MpKsl63787b63 - ok
11:31:24.0125 2688 MpKsl63f54a2f - ok
11:31:24.0125 2688 MpKsl652df5ce - ok
11:31:24.0140 2688 MpKsl6ace854d - ok
11:31:24.0140 2688 MpKsl6b4fc0ea - ok
11:31:24.0156 2688 MpKsl6c40c08a - ok
11:31:24.0171 2688 MpKsl6de641c9 - ok
11:31:24.0171 2688 MpKsl707ea1b5 - ok
11:31:24.0234 2688 MpKsl7185d08a - ok
11:31:24.0250 2688 MpKsl743ef076 - ok
11:31:24.0265 2688 MpKsl75e3d3af - ok
11:31:24.0265 2688 MpKsl76eaeff4 - ok
11:31:24.0281 2688 MpKsl76f6aca2 - ok
11:31:24.0296 2688 MpKsl78b231df - ok
11:31:24.0312 2688 MpKsl78c9b809 - ok
11:31:24.0312 2688 MpKsl78fc9a3a - ok
11:31:24.0343 2688 MpKsl7dd148d1 - ok
11:31:24.0343 2688 MpKsl826937b6 - ok
11:31:24.0359 2688 MpKsl855dfe43 - ok
11:31:24.0375 2688 MpKsl87003bdf - ok
11:31:24.0390 2688 MpKsl8768ae57 - ok
11:31:24.0421 2688 MpKsl881586ae - ok
11:31:24.0437 2688 MpKsl8b5c4aef - ok
11:31:24.0453 2688 MpKsl8b6f52c5 - ok
11:31:24.0468 2688 MpKsl8be91f6f - ok
11:31:24.0484 2688 MpKsl8fb0b080 - ok
11:31:24.0500 2688 MpKsl93a8336e - ok
11:31:24.0515 2688 MpKsl96028240 - ok
11:31:24.0531 2688 MpKsl96851503 - ok
11:31:24.0546 2688 MpKsl9973f897 - ok
11:31:24.0546 2688 MpKsl9a66a2f3 - ok
11:31:24.0578 2688 MpKsl9e23c0c7 - ok
11:31:24.0593 2688 MpKsl9f963da6 - ok
11:31:24.0609 2688 MpKsla28d3bca - ok
11:31:24.0625 2688 MpKsla84f2e00 - ok
11:31:24.0640 2688 MpKsla87911df - ok
11:31:24.0640 2688 MpKsla9ed1199 - ok
11:31:24.0656 2688 MpKslaa1eb1bc - ok
11:31:24.0734 2688 MpKslaad28313 - ok
11:31:24.0750 2688 MpKslaca02b84 - ok
11:31:24.0750 2688 MpKslaf77db03 - ok
11:31:24.0781 2688 MpKslb2cbeb1d - ok
11:31:24.0781 2688 MpKslb56ea04b - ok
11:31:24.0796 2688 MpKslb9c1bc94 - ok
11:31:24.0828 2688 MpKslbda851e6 - ok
11:31:24.0843 2688 MpKslbdde8b49 - ok
11:31:24.0875 2688 MpKslbe4d8ca5 - ok
11:31:24.0906 2688 MpKslc0ae4f56 - ok
11:31:24.0921 2688 MpKslc4cb5b4d - ok
11:31:24.0953 2688 MpKslc50cf809 - ok
11:31:24.0953 2688 MpKslc5212890 - ok
11:31:24.0984 2688 MpKslc62d3fe0 - ok
11:31:24.0984 2688 MpKslcb1a0b2e - ok
11:31:25.0015 2688 MpKslcd9621c8 - ok
11:31:25.0031 2688 MpKslcfaef469 - ok
11:31:25.0093 2688 MpKslcfd9e8ef - ok
11:31:25.0140 2688 MpKslcffff389 - ok
11:31:25.0187 2688 MpKsld00d5073 - ok
11:31:25.0234 2688 MpKsld536c405 - ok
11:31:25.0250 2688 MpKsld58d676c - ok
11:31:25.0265 2688 MpKsld77869d0 - ok
11:31:25.0281 2688 MpKsldd401814 - ok
11:31:25.0343 2688 MpKsldd81f9e7 - ok
11:31:25.0359 2688 MpKsle179e235 - ok
11:31:25.0406 2688 MpKsle18deade - ok
11:31:25.0437 2688 MpKsle403137e - ok
11:31:25.0453 2688 MpKsle4b53695 - ok
11:31:25.0484 2688 MpKsle5040a36 - ok
11:31:25.0484 2688 MpKsle638cbf8 - ok
11:31:25.0500 2688 MpKsle6d11e75 - ok
11:31:25.0500 2688 MpKslec5bc4b3 - ok
11:31:25.0515 2688 MpKslec71a611 - ok
11:31:25.0515 2688 MpKslee762e21 - ok
11:31:25.0531 2688 MpKslf33a5d0c - ok
11:31:25.0531 2688 MpKslfac3c85d - ok
11:31:25.0546 2688 MpKslff5eed8f - ok
11:31:25.0656 2688 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:31:25.0656 2688 mraid35x - ok
11:31:25.0718 2688 MRVW245 (275796d1114b524aec686091e8aafd3c) C:\WINDOWS\system32\DRIVERS\MRVW245.sys
11:31:25.0734 2688 MRVW245 - ok
11:31:25.0812 2688 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:31:25.0812 2688 MRxDAV - ok
11:31:25.0859 2688 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:31:25.0859 2688 MRxSmb - ok
11:31:25.0890 2688 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:31:25.0890 2688 Msfs - ok
11:31:25.0921 2688 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:31:25.0921 2688 MSKSSRV - ok
11:31:25.0968 2688 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:31:25.0968 2688 MSPCLOCK - ok
11:31:26.0015 2688 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:31:26.0031 2688 MSPQM - ok
11:31:26.0093 2688 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:31:26.0093 2688 mssmbios - ok
11:31:26.0156 2688 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:31:26.0171 2688 Mup - ok
11:31:26.0234 2688 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:31:26.0234 2688 NDIS - ok
11:31:26.0296 2688 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:31:26.0296 2688 NdisTapi - ok
11:31:26.0343 2688 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:31:26.0343 2688 Ndisuio - ok
11:31:26.0375 2688 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:31:26.0375 2688 NdisWan - ok
11:31:26.0437 2688 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:31:26.0437 2688 NDProxy - ok
11:31:26.0500 2688 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:31:26.0500 2688 NetBIOS - ok
11:31:26.0531 2688 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:31:26.0531 2688 NetBT - ok
11:31:26.0828 2688 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:31:26.0843 2688 NIC1394 - ok
11:31:26.0937 2688 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:31:26.0937 2688 Npfs - ok
11:31:27.0015 2688 NSHE (f8e396f5e703d7a8f37d90f59c776268) C:\WINDOWS\system32\Drivers\NSHE.SYS
11:31:27.0015 2688 NSHE - ok
11:31:27.0062 2688 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:31:27.0078 2688 Ntfs - ok
11:31:27.0109 2688 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:31:27.0109 2688 Null - ok
11:31:27.0328 2688 nv (f85e109844787668ce8aab54ef14362a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:31:27.0484 2688 nv - ok
11:31:27.0562 2688 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:31:27.0562 2688 NwlnkFlt - ok
11:31:27.0593 2688 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:31:27.0609 2688 NwlnkFwd - ok
11:31:27.0640 2688 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:31:27.0640 2688 ohci1394 - ok
11:31:27.0671 2688 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
11:31:27.0671 2688 Parport - ok
11:31:27.0703 2688 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:31:27.0718 2688 PartMgr - ok
11:31:27.0765 2688 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
11:31:27.0765 2688 ParVdm - ok
11:31:27.0796 2688 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
11:31:27.0812 2688 PCI - ok
11:31:27.0843 2688 PCIDump - ok
11:31:27.0890 2688 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:31:27.0890 2688 PCIIde - ok
11:31:27.0953 2688 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:31:27.0953 2688 Pcmcia - ok
11:31:28.0000 2688 PDCOMP - ok
11:31:28.0062 2688 PDFRAME - ok
11:31:28.0109 2688 PDRELI - ok
11:31:28.0140 2688 PDRFRAME - ok
11:31:28.0203 2688 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
11:31:28.0203 2688 perc2 - ok
11:31:28.0218 2688 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:31:28.0218 2688 perc2hib - ok
11:31:28.0281 2688 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:31:28.0296 2688 PptpMiniport - ok
11:31:28.0312 2688 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
11:31:28.0312 2688 Processor - ok
11:31:28.0359 2688 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:31:28.0359 2688 PSched - ok
11:31:28.0375 2688 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:31:28.0375 2688 Ptilink - ok
11:31:28.0421 2688 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:31:28.0421 2688 PxHelp20 - ok
11:31:28.0453 2688 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:31:28.0453 2688 ql1080 - ok
11:31:28.0484 2688 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:31:28.0484 2688 Ql10wnt - ok
11:31:28.0531 2688 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:31:28.0531 2688 ql12160 - ok
11:31:28.0562 2688 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:31:28.0578 2688 ql1240 - ok
11:31:28.0609 2688 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:31:28.0609 2688 ql1280 - ok
11:31:28.0656 2688 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:31:28.0656 2688 RasAcd - ok
11:31:28.0718 2688 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:31:28.0718 2688 Rasl2tp - ok
11:31:28.0734 2688 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:31:28.0750 2688 RasPppoe - ok
11:31:28.0765 2688 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:31:28.0765 2688 Raspti - ok
11:31:28.0781 2688 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:31:28.0781 2688 Rdbss - ok
11:31:28.0796 2688 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:31:28.0796 2688 RDPCDD - ok
11:31:28.0828 2688 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:31:28.0828 2688 rdpdr - ok
11:31:28.0890 2688 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:31:28.0906 2688 RDPWD - ok
11:31:28.0953 2688 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:31:28.0953 2688 redbook - ok
11:31:29.0015 2688 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:31:29.0015 2688 Secdrv - ok
11:31:29.0046 2688 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
11:31:29.0046 2688 Serial - ok
11:31:29.0093 2688 sfdrv01 (56250672235bbe54ba8a4963b1ac997c) C:\WINDOWS\system32\drivers\sfdrv01.sys
11:31:29.0093 2688 sfdrv01 - ok
11:31:29.0125 2688 sfhlp02 (3ad2b15ccc03febfbaf5ff057822aa75) C:\WINDOWS\system32\drivers\sfhlp02.sys
11:31:29.0125 2688 sfhlp02 - ok
11:31:29.0171 2688 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:31:29.0187 2688 Sfloppy - ok
11:31:29.0296 2688 Simbad - ok
11:31:29.0421 2688 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:31:29.0421 2688 sisagp - ok
11:31:29.0468 2688 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:31:29.0484 2688 Sparrow - ok
11:31:29.0531 2688 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:31:29.0531 2688 splitter - ok
11:31:29.0562 2688 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
11:31:29.0578 2688 sr - ok
11:31:29.0640 2688 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:31:29.0640 2688 Srv - ok
11:31:29.0703 2688 ssm_bus (df5c19f053eff7f8ba25d73aea899656) C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
11:31:29.0703 2688 ssm_bus - ok
11:31:29.0765 2688 ssm_mdfl (5347169fa449eabc4d0728ae39fab926) C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
11:31:29.0765 2688 ssm_mdfl - ok
11:31:29.0843 2688 ssm_mdm (7aae23dd105eed15c4f45fc269fa42a9) C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
11:31:29.0843 2688 ssm_mdm - ok
11:31:29.0906 2688 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:31:29.0906 2688 swenum - ok
11:31:29.0937 2688 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:31:29.0937 2688 swmidi - ok
11:31:29.0984 2688 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
11:31:29.0984 2688 symc810 - ok
11:31:30.0015 2688 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:31:30.0015 2688 symc8xx - ok
11:31:30.0031 2688 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:31:30.0031 2688 sym_hi - ok
11:31:30.0062 2688 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:31:30.0062 2688 sym_u3 - ok
11:31:30.0125 2688 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:31:30.0125 2688 sysaudio - ok
11:31:30.0187 2688 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:31:30.0187 2688 Tcpip - ok
11:31:30.0234 2688 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:31:30.0234 2688 TDPIPE - ok
11:31:30.0281 2688 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:31:30.0281 2688 TDTCP - ok
11:31:30.0328 2688 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:31:30.0328 2688 TermDD - ok
11:31:30.0390 2688 TosIde (b411668322c3bf4e690888706b999679) C:\WINDOWS\system32\DRIVERS\toside.sys
11:31:30.0390 2688 TosIde - ok
11:31:30.0437 2688 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:31:30.0453 2688 Udfs - ok
11:31:30.0484 2688 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
11:31:30.0484 2688 ultra - ok
11:31:30.0546 2688 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:31:30.0562 2688 Update - ok
11:31:30.0640 2688 usbbus (9419faac6552a51542dbba02971c841c) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
11:31:30.0640 2688 usbbus - ok
11:31:30.0687 2688 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:31:30.0687 2688 usbccgp - ok
11:31:30.0718 2688 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
11:31:30.0718 2688 UsbDiag - ok
11:31:30.0796 2688 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:31:30.0796 2688 usbehci - ok
11:31:30.0843 2688 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:31:30.0843 2688 usbhub - ok
11:31:30.0875 2688 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
11:31:30.0875 2688 USBModem - ok
11:31:30.0906 2688 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:31:30.0906 2688 usbohci - ok
11:31:30.0937 2688 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:31:30.0937 2688 usbprint - ok
11:31:30.0953 2688 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:31:30.0968 2688 usbscan - ok
11:31:31.0015 2688 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:31:31.0015 2688 USBSTOR - ok
11:31:31.0046 2688 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:31:31.0046 2688 usbuhci - ok
11:31:31.0078 2688 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:31:31.0093 2688 VgaSave - ok
11:31:31.0187 2688 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:31:31.0187 2688 viaagp - ok
11:31:31.0218 2688 ViaIde (a5d8b6c8d43786d4215c1df6fab0aae0) C:\WINDOWS\system32\DRIVERS\viaidexp.sys
11:31:31.0218 2688 ViaIde - ok
11:31:31.0250 2688 viamraid (fbf18f9f5fb852c2976723587b44f346) C:\WINDOWS\system32\DRIVERS\viamraid.sys
11:31:31.0250 2688 viamraid - ok
11:31:31.0281 2688 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
11:31:31.0281 2688 VolSnap - ok
11:31:31.0359 2688 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:31:31.0359 2688 Wanarp - ok
11:31:31.0375 2688 wanatw - ok
11:31:31.0390 2688 WDICA - ok
11:31:31.0437 2688 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:31:31.0437 2688 wdmaud - ok
11:31:31.0531 2688 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:31:31.0531 2688 WpdUsb - ok
11:31:31.0578 2688 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:31:31.0578 2688 WS2IFSL - ok
11:31:31.0625 2688 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:31:31.0734 2688 \Device\Harddisk0\DR0 - ok
11:31:31.0734 2688 Boot (0x1200) (52dd0159d539ca21bcb98eeace3c8a76) \Device\Harddisk0\DR0\Partition0
11:31:31.0734 2688 \Device\Harddisk0\DR0\Partition0 - ok
11:31:31.0734 2688 ============================================================
11:31:31.0734 2688 Scan finished
11:31:31.0734 2688 ============================================================
11:31:31.0750 2648 Detected object count: 2
11:31:31.0750 2648 Actual detected object count: 2
11:31:34.0890 2648 HKLM\SYSTEM\ControlSet001\services\cd81bc32 - will be deleted on reboot
11:31:34.0890 2648 HKLM\SYSTEM\ControlSet002\services\cd81bc32 - will be deleted on reboot
11:31:34.0906 2648 C:\WINDOWS\851214797:847135693.exe - will be deleted on reboot
11:31:34.0906 2648 cd81bc32 ( Rootkit.Win32.PMax.gen ) - User select action: Delete
11:31:35.0203 2648 Backup copy found, using it..
11:31:35.0203 2648 C:\WINDOWS\system32\DRIVERS\ipsec.sys - will be cured on reboot
11:31:35.0203 2648 IPSec ( Rootkit.Win32.ZAccess.e ) - User select action: Cure
0
Réponse 4 / 48
Utilisateur anonyme
2 nov. 2011 à 11:36
ok la suite :)

gen
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 48
Benji60000 Messages postés 18 Date d'inscription mardi 1 novembre 2011 Statut Membre Dernière intervention 27 novembre 2011
2 nov. 2011 à 16:10
Là il doit tout avoir :



11:30:57.0156 3268 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
11:30:57.0312 3268 ============================================================
11:30:57.0312 3268 Current date / time: 2011/11/02 11:30:57.0312
11:30:57.0312 3268 SystemInfo:
11:30:57.0312 3268
11:30:57.0312 3268 OS Version: 5.1.2600 ServicePack: 3.0
11:30:57.0312 3268 Product type: Workstation
11:30:57.0312 3268 ComputerName: SN120480220313
11:30:57.0312 3268 UserName: Ben
11:30:57.0312 3268 Windows directory: C:\WINDOWS
11:30:57.0312 3268 System windows directory: C:\WINDOWS
11:30:57.0312 3268 Processor architecture: Intel x86
11:30:57.0312 3268 Number of processors: 2
11:30:57.0312 3268 Page size: 0x1000
11:30:57.0312 3268 Boot type: Normal boot
11:30:57.0312 3268 ============================================================
11:30:58.0203 3268 Initialize success
11:31:16.0140 2688 ============================================================
11:31:16.0140 2688 Scan started
11:31:16.0140 2688 Mode: Manual;
11:31:16.0140 2688 ============================================================
11:31:16.0421 2688 Abiosdsk - ok
11:31:16.0484 2688 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:31:16.0484 2688 abp480n5 - ok
11:31:16.0562 2688 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:31:16.0562 2688 ACPI - ok
11:31:16.0609 2688 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:31:16.0609 2688 ACPIEC - ok
11:31:16.0625 2688 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:31:16.0625 2688 adpu160m - ok
11:31:16.0671 2688 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:31:16.0671 2688 aec - ok
11:31:16.0718 2688 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:31:16.0718 2688 AFD - ok
11:31:16.0765 2688 AFS2K (b34b1ab0a7690a0e2301fec6d17b2fc1) C:\WINDOWS\system32\drivers\AFS2K.sys
11:31:16.0765 2688 AFS2K - ok
11:31:16.0812 2688 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
11:31:16.0812 2688 agp440 - ok
11:31:16.0828 2688 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:31:16.0828 2688 agpCPQ - ok
11:31:16.0875 2688 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:31:16.0875 2688 Aha154x - ok
11:31:16.0921 2688 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:31:16.0921 2688 aic78u2 - ok
11:31:16.0937 2688 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:31:16.0937 2688 aic78xx - ok
11:31:17.0015 2688 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
11:31:17.0031 2688 AliIde - ok
11:31:17.0062 2688 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:31:17.0062 2688 alim1541 - ok
11:31:17.0093 2688 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:31:17.0093 2688 amdagp - ok
11:31:17.0109 2688 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
11:31:17.0109 2688 amsint - ok
11:31:17.0171 2688 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:31:17.0171 2688 Arp1394 - ok
11:31:17.0203 2688 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
11:31:17.0203 2688 asc - ok
11:31:17.0218 2688 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:31:17.0218 2688 asc3350p - ok
11:31:17.0250 2688 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:31:17.0250 2688 asc3550 - ok
11:31:17.0296 2688 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
11:31:17.0296 2688 ASCTRM - ok
11:31:17.0343 2688 Aspi32 - ok
11:31:17.0390 2688 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:31:17.0390 2688 AsyncMac - ok
11:31:17.0406 2688 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:31:17.0406 2688 atapi - ok
11:31:17.0437 2688 Atdisk - ok
11:31:17.0515 2688 atksgt (72bc628af75c4c3250f2a3bac260265a) C:\WINDOWS\system32\DRIVERS\atksgt.sys
11:31:17.0515 2688 atksgt - ok
11:31:17.0562 2688 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:31:17.0562 2688 Atmarpc - ok
11:31:17.0625 2688 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:31:17.0625 2688 audstub - ok
11:31:17.0703 2688 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:31:17.0703 2688 Beep - ok
11:31:17.0781 2688 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:31:17.0781 2688 cbidf - ok
11:31:17.0812 2688 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:31:17.0812 2688 cbidf2k - ok
11:31:17.0859 2688 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:31:17.0859 2688 cd20xrnt - ok
11:31:17.0906 2688 cd81bc32 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\851214797:847135693.exe
11:31:19.0171 2688 Suspicious file (Hidden): C:\WINDOWS\851214797:847135693.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
11:31:19.0171 2688 cd81bc32 ( Rootkit.Win32.PMax.gen ) - infected
11:31:19.0171 2688 cd81bc32 - detected Rootkit.Win32.PMax.gen (0)
11:31:19.0421 2688 CdaC15BA (08f60f40d1a2a95a1f12eddbd9f25c1c) C:\WINDOWS\system32\drivers\CdaC15BA.SYS
11:31:19.0421 2688 CdaC15BA - ok
11:31:19.0437 2688 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:31:19.0453 2688 Cdaudio - ok
11:31:19.0500 2688 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:31:19.0500 2688 Cdfs - ok
11:31:19.0515 2688 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:31:19.0515 2688 Cdrom - ok
11:31:19.0546 2688 Changer - ok
11:31:19.0593 2688 CmdIde (e3726ad522d0bdae090671048c991ab3) C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:31:19.0593 2688 CmdIde - ok
11:31:19.0656 2688 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:31:19.0656 2688 Cpqarray - ok
11:31:19.0703 2688 CrystalSysInfo - ok
11:31:19.0750 2688 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:31:19.0750 2688 dac2w2k - ok
11:31:19.0765 2688 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:31:19.0765 2688 dac960nt - ok
11:31:19.0812 2688 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:31:19.0812 2688 Disk - ok
11:31:19.0890 2688 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
11:31:19.0937 2688 dmboot - ok
11:31:19.0968 2688 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
11:31:19.0968 2688 dmio - ok
11:31:19.0984 2688 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:31:19.0984 2688 dmload - ok
11:31:20.0031 2688 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:31:20.0031 2688 DMusic - ok
11:31:20.0093 2688 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:31:20.0093 2688 dpti2o - ok
11:31:20.0125 2688 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:31:20.0140 2688 drmkaud - ok
11:31:20.0187 2688 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:31:20.0187 2688 Fastfat - ok
11:31:20.0250 2688 fbxusb (99b2f2d42631afaf14269a92ab68390f) C:\WINDOWS\system32\DRIVERS\fbxusb.sys
11:31:20.0250 2688 fbxusb - ok
11:31:20.0312 2688 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:31:20.0312 2688 Fdc - ok
11:31:20.0375 2688 FET5X86V (e7072827d0b5f9bd99d6961571a38973) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
11:31:20.0375 2688 FET5X86V - ok
11:31:20.0375 2688 FETND5BV (e7072827d0b5f9bd99d6961571a38973) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
11:31:20.0390 2688 FETND5BV - ok
11:31:20.0421 2688 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
11:31:20.0421 2688 Fips - ok
11:31:20.0453 2688 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:31:20.0468 2688 Flpydisk - ok
11:31:20.0515 2688 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:31:20.0515 2688 FltMgr - ok
11:31:20.0562 2688 fssfltr (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
11:31:20.0562 2688 fssfltr - ok
11:31:20.0578 2688 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:31:20.0578 2688 Fs_Rec - ok
11:31:20.0640 2688 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:31:20.0656 2688 Ftdisk - ok
11:31:20.0718 2688 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:31:20.0734 2688 Gpc - ok
11:31:20.0750 2688 Hardlock - ok
11:31:20.0843 2688 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:31:20.0843 2688 HDAudBus - ok
11:31:20.0875 2688 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:31:20.0875 2688 HidUsb - ok
11:31:20.0953 2688 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
11:31:20.0953 2688 hpn - ok
11:31:20.0984 2688 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:31:20.0984 2688 HPZid412 - ok
11:31:21.0031 2688 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:31:21.0031 2688 HPZipr12 - ok
11:31:21.0062 2688 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:31:21.0062 2688 HPZius12 - ok
11:31:21.0140 2688 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:31:21.0156 2688 HTTP - ok
11:31:21.0218 2688 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
11:31:21.0218 2688 i2omgmt - ok
11:31:21.0250 2688 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:31:21.0250 2688 i2omp - ok
11:31:21.0265 2688 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:31:21.0265 2688 i8042prt - ok
11:31:21.0328 2688 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:31:21.0328 2688 Imapi - ok
11:31:21.0406 2688 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:31:21.0406 2688 ini910u - ok
11:31:21.0812 2688 IntcAzAudAddService (fa9a9468f982835e99c1ec21257f7e60) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:31:21.0843 2688 IntcAzAudAddService - ok
11:31:22.0031 2688 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:31:22.0062 2688 IntelIde - ok
11:31:22.0156 2688 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:31:22.0171 2688 intelppm - ok
11:31:22.0203 2688 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:31:22.0203 2688 Ip6Fw - ok
11:31:22.0234 2688 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:31:22.0234 2688 IpFilterDriver - ok
11:31:22.0312 2688 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:31:22.0312 2688 IpInIp - ok
11:31:22.0359 2688 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:31:22.0375 2688 IpNat - ok
11:31:22.0406 2688 IPSec (c3b55c9f04b8b9214b26659c56ec3e04) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:31:22.0406 2688 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ipsec.sys. Real md5: c3b55c9f04b8b9214b26659c56ec3e04, Fake md5: 23c74d75e36e7158768dd63d92789a91
11:31:22.0406 2688 IPSec ( Rootkit.Win32.ZAccess.e ) - infected
11:31:22.0406 2688 IPSec - detected Rootkit.Win32.ZAccess.e (0)
11:31:22.0437 2688 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:31:22.0437 2688 IRENUM - ok
11:31:22.0484 2688 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:31:22.0484 2688 isapnp - ok
11:31:22.0531 2688 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:31:22.0531 2688 Kbdclass - ok
11:31:22.0562 2688 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:31:22.0562 2688 kbdhid - ok
11:31:22.0609 2688 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:31:22.0609 2688 kmixer - ok
11:31:22.0671 2688 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:31:22.0671 2688 KSecDD - ok
11:31:22.0703 2688 lbrtfdc - ok
11:31:22.0765 2688 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
11:31:22.0765 2688 lirsgt - ok
11:31:22.0812 2688 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
11:31:22.0812 2688 MBAMSwissArmy - ok
11:31:22.0843 2688 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
11:31:22.0843 2688 MHNDRV - ok
11:31:22.0906 2688 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:31:22.0906 2688 mnmdd - ok
11:31:22.0937 2688 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
11:31:22.0937 2688 Modem - ok
11:31:23.0015 2688 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:31:23.0015 2688 Mouclass - ok
11:31:23.0078 2688 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:31:23.0078 2688 mouhid - ok
11:31:23.0125 2688 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:31:23.0125 2688 MountMgr - ok
11:31:23.0171 2688 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:31:23.0171 2688 MpFilter - ok
11:31:23.0250 2688 MpKsl0434c5bc - ok
11:31:23.0265 2688 MpKsl049ba9ff - ok
11:31:23.0281 2688 MpKsl0993c279 - ok
11:31:23.0281 2688 MpKsl0c7d1c31 - ok
11:31:23.0296 2688 MpKsl0ced5d51 - ok
11:31:23.0312 2688 MpKsl0dbecbe7 - ok
11:31:23.0312 2688 MpKsl10204a16 - ok
11:31:23.0328 2688 MpKsl1289697c - ok
11:31:23.0343 2688 MpKsl130870e5 - ok
11:31:23.0359 2688 MpKsl14e6eaa1 - ok
11:31:23.0390 2688 MpKsl16e5d49b - ok
11:31:23.0484 2688 MpKsl17866866 - ok
11:31:23.0546 2688 MpKsl19cb27b1 - ok
11:31:23.0562 2688 MpKsl1a56abfd - ok
11:31:23.0578 2688 MpKsl1b7b0ac4 - ok
11:31:23.0578 2688 MpKsl1bce167b - ok
11:31:23.0593 2688 MpKsl20a21600 - ok
11:31:23.0593 2688 MpKsl22b836db - ok
11:31:23.0593 2688 MpKsl236d6d9d - ok
11:31:23.0609 2688 MpKsl242f2ad7 - ok
11:31:23.0640 2688 MpKsl290aefd2 - ok
11:31:23.0656 2688 MpKsl292e8495 - ok
11:31:23.0671 2688 MpKsl2d32003f - ok
11:31:23.0671 2688 MpKsl300bd8be - ok
11:31:23.0703 2688 MpKsl31e8cdc1 - ok
11:31:23.0718 2688 MpKsl34347dd8 - ok
11:31:23.0734 2688 MpKsl3695b02b - ok
11:31:23.0781 2688 MpKsl3aacee50 - ok
11:31:23.0781 2688 MpKsl3d69b439 - ok
11:31:23.0828 2688 MpKsl426a1ea9 - ok
11:31:23.0828 2688 MpKsl42a741c8 - ok
11:31:23.0843 2688 MpKsl47230daf - ok
11:31:23.0875 2688 MpKsl48aa0f47 - ok
11:31:23.0890 2688 MpKsl4a5081df - ok
11:31:23.0890 2688 MpKsl4aaef3c5 - ok
11:31:23.0906 2688 MpKsl4f33b198 - ok
11:31:23.0937 2688 MpKsl50388444 - ok
11:31:23.0937 2688 MpKsl5059e6bc - ok
11:31:23.0953 2688 MpKsl53ccafd4 - ok
11:31:23.0984 2688 MpKsl547fce3c - ok
11:31:24.0000 2688 MpKsl55557f92 - ok
11:31:24.0015 2688 MpKsl58e2e32d - ok
11:31:24.0031 2688 MpKsl5a0abeb6 - ok
11:31:24.0046 2688 MpKsl5a845585 - ok
11:31:24.0093 2688 MpKsl5ababdb9 - ok
11:31:24.0109 2688 MpKsl5c5f1c8a - ok
11:31:24.0109 2688 MpKsl63787b63 - ok
11:31:24.0125 2688 MpKsl63f54a2f - ok
11:31:24.0125 2688 MpKsl652df5ce - ok
11:31:24.0140 2688 MpKsl6ace854d - ok
11:31:24.0140 2688 MpKsl6b4fc0ea - ok
11:31:24.0156 2688 MpKsl6c40c08a - ok
11:31:24.0171 2688 MpKsl6de641c9 - ok
11:31:24.0171 2688 MpKsl707ea1b5 - ok
11:31:24.0234 2688 MpKsl7185d08a - ok
11:31:24.0250 2688 MpKsl743ef076 - ok
11:31:24.0265 2688 MpKsl75e3d3af - ok
11:31:24.0265 2688 MpKsl76eaeff4 - ok
11:31:24.0281 2688 MpKsl76f6aca2 - ok
11:31:24.0296 2688 MpKsl78b231df - ok
11:31:24.0312 2688 MpKsl78c9b809 - ok
11:31:24.0312 2688 MpKsl78fc9a3a - ok
11:31:24.0343 2688 MpKsl7dd148d1 - ok
11:31:24.0343 2688 MpKsl826937b6 - ok
11:31:24.0359 2688 MpKsl855dfe43 - ok
11:31:24.0375 2688 MpKsl87003bdf - ok
11:31:24.0390 2688 MpKsl8768ae57 - ok
11:31:24.0421 2688 MpKsl881586ae - ok
11:31:24.0437 2688 MpKsl8b5c4aef - ok
11:31:24.0453 2688 MpKsl8b6f52c5 - ok
11:31:24.0468 2688 MpKsl8be91f6f - ok
11:31:24.0484 2688 MpKsl8fb0b080 - ok
11:31:24.0500 2688 MpKsl93a8336e - ok
11:31:24.0515 2688 MpKsl96028240 - ok
11:31:24.0531 2688 MpKsl96851503 - ok
11:31:24.0546 2688 MpKsl9973f897 - ok
11:31:24.0546 2688 MpKsl9a66a2f3 - ok
11:31:24.0578 2688 MpKsl9e23c0c7 - ok
11:31:24.0593 2688 MpKsl9f963da6 - ok
11:31:24.0609 2688 MpKsla28d3bca - ok
11:31:24.0625 2688 MpKsla84f2e00 - ok
11:31:24.0640 2688 MpKsla87911df - ok
11:31:24.0640 2688 MpKsla9ed1199 - ok
11:31:24.0656 2688 MpKslaa1eb1bc - ok
11:31:24.0734 2688 MpKslaad28313 - ok
11:31:24.0750 2688 MpKslaca02b84 - ok
11:31:24.0750 2688 MpKslaf77db03 - ok
11:31:24.0781 2688 MpKslb2cbeb1d - ok
11:31:24.0781 2688 MpKslb56ea04b - ok
11:31:24.0796 2688 MpKslb9c1bc94 - ok
11:31:24.0828 2688 MpKslbda851e6 - ok
11:31:24.0843 2688 MpKslbdde8b49 - ok
11:31:24.0875 2688 MpKslbe4d8ca5 - ok
11:31:24.0906 2688 MpKslc0ae4f56 - ok
11:31:24.0921 2688 MpKslc4cb5b4d - ok
11:31:24.0953 2688 MpKslc50cf809 - ok
11:31:24.0953 2688 MpKslc5212890 - ok
11:31:24.0984 2688 MpKslc62d3fe0 - ok
11:31:24.0984 2688 MpKslcb1a0b2e - ok
11:31:25.0015 2688 MpKslcd9621c8 - ok
11:31:25.0031 2688 MpKslcfaef469 - ok
11:31:25.0093 2688 MpKslcfd9e8ef - ok
11:31:25.0140 2688 MpKslcffff389 - ok
11:31:25.0187 2688 MpKsld00d5073 - ok
11:31:25.0234 2688 MpKsld536c405 - ok
11:31:25.0250 2688 MpKsld58d676c - ok
11:31:25.0265 2688 MpKsld77869d0 - ok
11:31:25.0281 2688 MpKsldd401814 - ok
11:31:25.0343 2688 MpKsldd81f9e7 - ok
11:31:25.0359 2688 MpKsle179e235 - ok
11:31:25.0406 2688 MpKsle18deade - ok
11:31:25.0437 2688 MpKsle403137e - ok
11:31:25.0453 2688 MpKsle4b53695 - ok
11:31:25.0484 2688 MpKsle5040a36 - ok
11:31:25.0484 2688 MpKsle638cbf8 - ok
11:31:25.0500 2688 MpKsle6d11e75 - ok
11:31:25.0500 2688 MpKslec5bc4b3 - ok
11:31:25.0515 2688 MpKslec71a611 - ok
11:31:25.0515 2688 MpKslee762e21 - ok
11:31:25.0531 2688 MpKslf33a5d0c - ok
11:31:25.0531 2688 MpKslfac3c85d - ok
11:31:25.0546 2688 MpKslff5eed8f - ok
11:31:25.0656 2688 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:31:25.0656 2688 mraid35x - ok
11:31:25.0718 2688 MRVW245 (275796d1114b524aec686091e8aafd3c) C:\WINDOWS\system32\DRIVERS\MRVW245.sys
11:31:25.0734 2688 MRVW245 - ok
11:31:25.0812 2688 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:31:25.0812 2688 MRxDAV - ok
11:31:25.0859 2688 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:31:25.0859 2688 MRxSmb - ok
11:31:25.0890 2688 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:31:25.0890 2688 Msfs - ok
11:31:25.0921 2688 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:31:25.0921 2688 MSKSSRV - ok
11:31:25.0968 2688 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:31:25.0968 2688 MSPCLOCK - ok
11:31:26.0015 2688 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:31:26.0031 2688 MSPQM - ok
11:31:26.0093 2688 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:31:26.0093 2688 mssmbios - ok
11:31:26.0156 2688 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:31:26.0171 2688 Mup - ok
11:31:26.0234 2688 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:31:26.0234 2688 NDIS - ok
11:31:26.0296 2688 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:31:26.0296 2688 NdisTapi - ok
11:31:26.0343 2688 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:31:26.0343 2688 Ndisuio - ok
11:31:26.0375 2688 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:31:26.0375 2688 NdisWan - ok
11:31:26.0437 2688 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:31:26.0437 2688 NDProxy - ok
11:31:26.0500 2688 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:31:26.0500 2688 NetBIOS - ok
11:31:26.0531 2688 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:31:26.0531 2688 NetBT - ok
11:31:26.0828 2688 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:31:26.0843 2688 NIC1394 - ok
11:31:26.0937 2688 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:31:26.0937 2688 Npfs - ok
11:31:27.0015 2688 NSHE (f8e396f5e703d7a8f37d90f59c776268) C:\WINDOWS\system32\Drivers\NSHE.SYS
11:31:27.0015 2688 NSHE - ok
11:31:27.0062 2688 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:31:27.0078 2688 Ntfs - ok
11:31:27.0109 2688 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:31:27.0109 2688 Null - ok
11:31:27.0328 2688 nv (f85e109844787668ce8aab54ef14362a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:31:27.0484 2688 nv - ok
11:31:27.0562 2688 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:31:27.0562 2688 NwlnkFlt - ok
11:31:27.0593 2688 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:31:27.0609 2688 NwlnkFwd - ok
11:31:27.0640 2688 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:31:27.0640 2688 ohci1394 - ok
11:31:27.0671 2688 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
11:31:27.0671 2688 Parport - ok
11:31:27.0703 2688 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:31:27.0718 2688 PartMgr - ok
11:31:27.0765 2688 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
11:31:27.0765 2688 ParVdm - ok
11:31:27.0796 2688 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
11:31:27.0812 2688 PCI - ok
11:31:27.0843 2688 PCIDump - ok
11:31:27.0890 2688 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:31:27.0890 2688 PCIIde - ok
11:31:27.0953 2688 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:31:27.0953 2688 Pcmcia - ok
11:31:28.0000 2688 PDCOMP - ok
11:31:28.0062 2688 PDFRAME - ok
11:31:28.0109 2688 PDRELI - ok
11:31:28.0140 2688 PDRFRAME - ok
11:31:28.0203 2688 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
11:31:28.0203 2688 perc2 - ok
11:31:28.0218 2688 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:31:28.0218 2688 perc2hib - ok
11:31:28.0281 2688 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:31:28.0296 2688 PptpMiniport - ok
11:31:28.0312 2688 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
11:31:28.0312 2688 Processor - ok
11:31:28.0359 2688 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:31:28.0359 2688 PSched - ok
11:31:28.0375 2688 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:31:28.0375 2688 Ptilink - ok
11:31:28.0421 2688 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:31:28.0421 2688 PxHelp20 - ok
11:31:28.0453 2688 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:31:28.0453 2688 ql1080 - ok
11:31:28.0484 2688 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:31:28.0484 2688 Ql10wnt - ok
11:31:28.0531 2688 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:31:28.0531 2688 ql12160 - ok
11:31:28.0562 2688 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:31:28.0578 2688 ql1240 - ok
11:31:28.0609 2688 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:31:28.0609 2688 ql1280 - ok
11:31:28.0656 2688 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:31:28.0656 2688 RasAcd - ok
11:31:28.0718 2688 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:31:28.0718 2688 Rasl2tp - ok
11:31:28.0734 2688 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:31:28.0750 2688 RasPppoe - ok
11:31:28.0765 2688 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:31:28.0765 2688 Raspti - ok
11:31:28.0781 2688 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:31:28.0781 2688 Rdbss - ok
11:31:28.0796 2688 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:31:28.0796 2688 RDPCDD - ok
11:31:28.0828 2688 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:31:28.0828 2688 rdpdr - ok
11:31:28.0890 2688 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:31:28.0906 2688 RDPWD - ok
11:31:28.0953 2688 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:31:28.0953 2688 redbook - ok
11:31:29.0015 2688 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:31:29.0015 2688 Secdrv - ok
11:31:29.0046 2688 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
11:31:29.0046 2688 Serial - ok
11:31:29.0093 2688 sfdrv01 (56250672235bbe54ba8a4963b1ac997c) C:\WINDOWS\system32\drivers\sfdrv01.sys
11:31:29.0093 2688 sfdrv01 - ok
11:31:29.0125 2688 sfhlp02 (3ad2b15ccc03febfbaf5ff057822aa75) C:\WINDOWS\system32\drivers\sfhlp02.sys
11:31:29.0125 2688 sfhlp02 - ok
11:31:29.0171 2688 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:31:29.0187 2688 Sfloppy - ok
11:31:29.0296 2688 Simbad - ok
11:31:29.0421 2688 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:31:29.0421 2688 sisagp - ok
11:31:29.0468 2688 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:31:29.0484 2688 Sparrow - ok
11:31:29.0531 2688 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:31:29.0531 2688 splitter - ok
11:31:29.0562 2688 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
11:31:29.0578 2688 sr - ok
11:31:29.0640 2688 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:31:29.0640 2688 Srv - ok
11:31:29.0703 2688 ssm_bus (df5c19f053eff7f8ba25d73aea899656) C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
11:31:29.0703 2688 ssm_bus - ok
11:31:29.0765 2688 ssm_mdfl (5347169fa449eabc4d0728ae39fab926) C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
11:31:29.0765 2688 ssm_mdfl - ok
11:31:29.0843 2688 ssm_mdm (7aae23dd105eed15c4f45fc269fa42a9) C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
11:31:29.0843 2688 ssm_mdm - ok
11:31:29.0906 2688 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:31:29.0906 2688 swenum - ok
11:31:29.0937 2688 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:31:29.0937 2688 swmidi - ok
11:31:29.0984 2688 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
11:31:29.0984 2688 symc810 - ok
11:31:30.0015 2688 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:31:30.0015 2688 symc8xx - ok
11:31:30.0031 2688 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:31:30.0031 2688 sym_hi - ok
11:31:30.0062 2688 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:31:30.0062 2688 sym_u3 - ok
11:31:30.0125 2688 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:31:30.0125 2688 sysaudio - ok
11:31:30.0187 2688 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:31:30.0187 2688 Tcpip - ok
11:31:30.0234 2688 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:31:30.0234 2688 TDPIPE - ok
11:31:30.0281 2688 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:31:30.0281 2688 TDTCP - ok
11:31:30.0328 2688 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:31:30.0328 2688 TermDD - ok
11:31:30.0390 2688 TosIde (b411668322c3bf4e690888706b999679) C:\WINDOWS\system32\DRIVERS\toside.sys
11:31:30.0390 2688 TosIde - ok
11:31:30.0437 2688 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:31:30.0453 2688 Udfs - ok
11:31:30.0484 2688 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
11:31:30.0484 2688 ultra - ok
11:31:30.0546 2688 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:31:30.0562 2688 Update - ok
11:31:30.0640 2688 usbbus (9419faac6552a51542dbba02971c841c) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
11:31:30.0640 2688 usbbus - ok
11:31:30.0687 2688 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:31:30.0687 2688 usbccgp - ok
11:31:30.0718 2688 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
11:31:30.0718 2688 UsbDiag - ok
11:31:30.0796 2688 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:31:30.0796 2688 usbehci - ok
11:31:30.0843 2688 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:31:30.0843 2688 usbhub - ok
11:31:30.0875 2688 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
11:31:30.0875 2688 USBModem - ok
11:31:30.0906 2688 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:31:30.0906 2688 usbohci - ok
11:31:30.0937 2688 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:31:30.0937 2688 usbprint - ok
11:31:30.0953 2688 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:31:30.0968 2688 usbscan - ok
11:31:31.0015 2688 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:31:31.0015 2688 USBSTOR - ok
11:31:31.0046 2688 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:31:31.0046 2688 usbuhci - ok
11:31:31.0078 2688 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:31:31.0093 2688 VgaSave - ok
11:31:31.0187 2688 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:31:31.0187 2688 viaagp - ok
11:31:31.0218 2688 ViaIde (a5d8b6c8d43786d4215c1df6fab0aae0) C:\WINDOWS\system32\DRIVERS\viaidexp.sys
11:31:31.0218 2688 ViaIde - ok
11:31:31.0250 2688 viamraid (fbf18f9f5fb852c2976723587b44f346) C:\WINDOWS\system32\DRIVERS\viamraid.sys
11:31:31.0250 2688 viamraid - ok
11:31:31.0281 2688 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
11:31:31.0281 2688 VolSnap - ok
11:31:31.0359 2688 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:31:31.0359 2688 Wanarp - ok
11:31:31.0375 2688 wanatw - ok
11:31:31.0390 2688 WDICA - ok
11:31:31.0437 2688 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:31:31.0437 2688 wdmaud - ok
11:31:31.0531 2688 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:31:31.0531 2688 WpdUsb - ok
11:31:31.0578 2688 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:31:31.0578 2688 WS2IFSL - ok
11:31:31.0625 2688 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:31:31.0734 2688 \Device\Harddisk0\DR0 - ok
11:31:31.0734 2688 Boot (0x1200) (52dd0159d539ca21bcb98eeace3c8a76) \Device\Harddisk0\DR0\Partition0
11:31:31.0734 2688 \Device\Harddisk0\DR0\Partition0 - ok
11:31:31.0734 2688 ============================================================
11:31:31.0734 2688 Scan finished
11:31:31.0734 2688 ============================================================
11:31:31.0750 2648 Detected object count: 2
11:31:31.0750 2648 Actual detected object count: 2
11:31:34.0890 2648 HKLM\SYSTEM\ControlSet001\services\cd81bc32 - will be deleted on reboot
11:31:34.0890 2648 HKLM\SYSTEM\ControlSet002\services\cd81bc32 - will be deleted on reboot
11:31:34.0906 2648 C:\WINDOWS\851214797:847135693.exe - will be deleted on reboot
11:31:34.0906 2648 cd81bc32 ( Rootkit.Win32.PMax.gen ) - User select action: Delete
11:31:35.0203 2648 Backup copy found, using it..
11:31:35.0203 2648 C:\WINDOWS\system32\DRIVERS\ipsec.sys - will be cured on reboot
11:31:35.0203 2648 IPSec ( Rootkit.Win32.ZAccess.e ) - User select action: Cure
11:33:42.0031 3280 Deinitialize success
0
Réponse 6 / 48
Utilisateur anonyme
2 nov. 2011 à 16:13
heu...deuxieme outil apres tdsskiller :)

https://forums.commentcamarche.net/forum/affich-23546552-virus-plus-d-antivirus-pages-redirigees#1
0
Réponse 7 / 48
Benji60000 Messages postés 18 Date d'inscription mardi 1 novembre 2011 Statut Membre Dernière intervention 27 novembre 2011
2 nov. 2011 à 16:57
Autant pour moi, ça doit être ça :

http://www.cijoint.fr/cjlink.php?file=cj201111/cijfunca61.txt
0
Réponse 8 / 48
Utilisateur anonyme
2 nov. 2011 à 17:41
desinstalle spybot => inutile et gene les desinfections (dévaccine au prealable s'il y a lieu)
desinstalle conduit engine
desinstalle powerpoint
desinstalle metastream
desinstalle offerbox

==================

fais glisser une icone n'importe quel fichier sur Pre_scan , pre_script va apparaitre

Lance Pre_script , une page vierge va s'ouvrir.

selectionne tout le texte en gras ci-dessous, puis (clic droit/copier ou ctrl+c) :
___________________________________________________
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002A"=-
"ISUSScheduler"=-
"PHIME2002ASync"=-
"nwiz"=-
[-HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\8336e067-753c-4344-8971-abfee8efe426_42]
[-HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\p2papp50]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0E5CBF21-D15F-11D0-8301-00AA005B4383}"=-
"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}"=-
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
[-HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]
[-HKCU\Software\cd81bc32]
[-HKCU\Software\conduitEngine]
[-HKCU\Software\LanConfig]
[-HKCU\Software\OfferBox]
[-HKLM\Software\18044320]
[-HKLM\Software\conduitEngine]
[-HKLM\Software\MetaStream]
[-HKLM\Software\OfferBox]
[-HKLM\Software\Trymedia Systems]
[-HKLM\Software\Viewpoint]

file::
C:\WINDOWS\System32\c_68654.nls
C:\WINDOWS\851214797
C:\WINDOWS\trzB8.tmp
C:\WINDOWS\uinst001.exe

folder::
C:\Program Files\ConduitEngine
C:\b0dfc4f6ed8505a876
C:\f6ec342a5219d7a6afb7f55e43b57f
C:\WINDOWS\[INI]
C:\Documents and Settings\Ben\Application Data\Dealio
C:\Documents and Settings\Ben\Application Data\OfferBox
C:\Documents and Settings\Ben\Application Data\Viewpoint
C:\Documents and Settings\All Users\Application Data\Software Licensors
C:\Documents and Settings\All Users\Application Data\Trymedia
C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\Documents and Settings\Ben\Local Settings\Application Data\cd81bc32
C:\Documents and Settings\Ben\Local Settings\Application Data\Conduit
C:\Documents and Settings\Ben\Local Settings\Application Data\ConduitEngine
C:\Documents and Settings\Ben\Local Settings\Application Data\p2papp50
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Viewpoint
C:\Program Files\Fichiers communs\Spigot

attrib::

clean::
___________________________________________________

colle-le ensuite (clic droit/coller ou ctrl+V) dans la page vierge.

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail

si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer

===================================

Télécharge et enregistre ADWcleaner sur ton bureau :

ADWCleaner (Merci à Xplode)

Lance le,

clique sur suppression et poste son rapport.

================================


▶ Télécharge ici : Ad-remover sur ton bureau :


▶ Déconnecte toi et ferme toutes applications en cours !

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

▶ sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

▶ clique le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis "option Nettoyer" et tape sur [entrée] .

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
0
Réponse 9 / 48
benji60000
7 nov. 2011 à 14:06
Je n'arrive pas ouvrir Pre_script
0
Réponse 10 / 48
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
7 nov. 2011 à 17:10
Bonjour gen a été banni .... il me demande de poursuivre avec toi !

Explique pourquoi tu n'arrives pas à ouvrir pre script !
0
Réponse 11 / 48
benji60000
7 nov. 2011 à 17:20
Ba il a dit : "fais glisser une icone n'importe quel fichier sur Pre_scan , pre_script va apparaitre

Lance Pre_script , une page vierge va s'ouvrir."

Quand je fais glissé un icone sur le fichier Pre-scan qui est sur mon bureau qui ne se passe, et si ont peut l'ouvrir autrement je ne sais pas comment faire .
0
Réponse 12 / 48
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
7 nov. 2011 à 17:22
Ouvre Pre_Scan, il devrait te proposer d'ouvrir Scan ou Script.
0
Réponse 13 / 48
benji60000
10 nov. 2011 à 13:36
ADWCleaner:



# AdwCleaner v1.317 - Rapport créé le 10/11/2011 à 12:18:13
# Mis à jour le 06/11/11 à 14h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Ben - SN120480220313 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\Ben\Mes documents\Downloads\adwcleaner0.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Viewpoint
Dossier Supprimé : C:\Documents and Settings\Ben\Application Data\Dealio
Dossier Supprimé : C:\Documents and Settings\Ben\Application Data\OfferBox
Dossier Supprimé : C:\Documents and Settings\Ben\Local Settings\Application Data\Conduit
Dossier Supprimé : C:\Documents and Settings\Ben\Local Settings\Application Data\ConduitEngine
Dossier Supprimé : C:\Program Files\Viewpoint
Dossier Supprimé : C:\Program Files\Mozilla Firefox\Extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}
Dossier Supprimé : C:\Program Files\Fichiers communs\spigot
Dossier Supprimé : C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\c0wxyr79.default\Conduit
Fichier Supprimé : C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\c0wxyr79.default\searchplugins\Conduit.xml

***** [Registre] *****

Clé Supprimée : HKCU\Toolbar
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\conduitEngine
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\MetaStream
Clé Supprimée : HKLM\SOFTWARE\Offerbox
Clé Supprimée : HKLM\SOFTWARE\Viewpoint
Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
Clé Supprimée : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2583879
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v3.6.4 (fr)

Profil : 7ayh7ptu.default
Fichier : C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\7ayh7ptu.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

Profil : 87vymn7d.default
Fichier : C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\87vymn7d.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

Profil : c0wxyr79.default
Fichier : C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\c0wxyr79.default\prefs.js

C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\c0wxyr79.default\user.js ... Supprimé !

Supprimée : user_pref("CT365217.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Supprimée : user_pref("CT365217.AllowNonPrivacy", true);
Supprimée : user_pref("CT365217.CTID", "CT365217");
Supprimée : user_pref("CT365217.CommunityChanged", false);
Supprimée : user_pref("CT365217.DialogsAlignMode", "LTR");
Supprimée : user_pref("CT365217.FeedLastCount128627729621038358", 0);
Supprimée : user_pref("CT365217.FeedLastCount128865957161338127", 0);
Supprimée : user_pref("CT365217.FeedPollDate128627728363068965", "Sat May 16 2009 07:33:58 GMT+0200");
Supprimée : user_pref("CT365217.FeedPollDate128627729197757090", "Sat May 16 2009 07:33:58 GMT+0200");
Supprimée : user_pref("CT365217.FeedPollDate128865957161338127", "Sat May 16 2009 07:33:59 GMT+0200");
Supprimée : user_pref("CT365217.FirstTime", true);
Supprimée : user_pref("CT365217.FirstTimeFF3", true);
Supprimée : user_pref("CT365217.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Supprimée : user_pref("CT365217.Initialize", true);
Supprimée : user_pref("CT365217.InitializeCommonPrefs", true);
Supprimée : user_pref("CT365217.IsGrouping", false);
Supprimée : user_pref("CT365217.IsMulticommunity", false);
Supprimée : user_pref("CT365217.IsOpenThankYouPage", true);
Supprimée : user_pref("CT365217.IsOpenUninstallPage", true);
Supprimée : user_pref("CT365217.LanguagePackLastCheckTime", "Sat May 16 2009 07:34:00 GMT+0200");
Supprimée : user_pref("CT365217.LanguagePackReloadIntervalMM", 1440);
Supprimée : user_pref("CT365217.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx"[...]
Supprimée : user_pref("CT365217.LastLogin", "Sat May 16 2009 07:33:59 GMT+0200");
Supprimée : user_pref("CT365217.Locale", "fr-fr");
Supprimée : user_pref("CT365217.LoginCache", "4");
Supprimée : user_pref("CT365217.MCDetectTooltipHeight", "83");
Supprimée : user_pref("CT365217.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Supprimée : user_pref("CT365217.MCDetectTooltipWidth", "295");
Supprimée : user_pref("CT365217.MyGadgetsServerUrl", "hxxp://services.MyStuff.u-page.com/MyStuffService.asmx/Leg[...]
Supprimée : user_pref("CT365217.MyGadgetsTrustedDomains", "u-page.com");
Supprimée : user_pref("CT365217.SHRINK_TOOLBAR", 1);
Supprimée : user_pref("CT365217.SearchFromAddressBarIsInit", true);
Supprimée : user_pref("CT365217.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3652[...]
Supprimée : user_pref("CT365217.Server", "hxxp://users.conduit.com");
Supprimée : user_pref("CT365217.SettingsInvalidateCache", false);
Supprimée : user_pref("CT365217.SettingsLastUpdate", "1242298758");
Supprimée : user_pref("CT365217.ThirdPartyComponentsInterval", "72");
Supprimée : user_pref("CT365217.ThirdPartyComponentsLastCheck", "Tue May 12 2009 11:07:44 GMT+0200");
Supprimée : user_pref("CT365217.ThirdPartyComponentsLastUpdate", "1242122567");
Supprimée : user_pref("CT365217.ToolbarAlignMode", "SYSTEM");
Supprimée : user_pref("CT365217.ToolbarName", "Ejayremy");
Supprimée : user_pref("CT365217.UserID", "UN68305621619282182");
Supprimée : user_pref("CT365217.VusualLastUpdateTime", "1242123888");
Supprimée : user_pref("CT365217.WeatherNetwork", "");
Supprimée : user_pref("CT365217.WeatherPollDate", "Sat May 16 2009 07:33:59 GMT+0200");
Supprimée : user_pref("CT365217.WeatherUnit", "C");
Supprimée : user_pref("CT365217.clientLogIsEnabled", false);
Supprimée : user_pref("CT365217.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx[...]
Supprimée : user_pref("CT365217.components.1000034", false);
Supprimée : user_pref("CT365217.components.1000082", false);
Supprimée : user_pref("CT365217.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Regi[...]
Supprimée : user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT365217");
Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT365217");
Supprimée : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Supprimée : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat May 16 2009 07:33:58 GMT+0200");
Supprimée : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Supprimée : user_pref("CommunityToolbar.alert.locale", "en");
Supprimée : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Supprimée : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat May 16 2009 07:33:58 GMT+0200");
Supprimée : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Supprimée : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Supprimée : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Supprimée : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Supprimée : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Supprimée : user_pref("CommunityToolbar.alert.userId", "{e1846639-0017-48ef-b925-70d5f7f5c698}");
Supprimée : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT365217&Sear[...]

-\\ Google Chrome v10.0.648.205

Fichier : C:\Documents and Settings\Ben\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [355 octets] - [10/11/2011 12:15:53]
AdwCleaner[S2].txt - [10328 octets] - [10/11/2011 12:18:13]

*************************

Dossier Temporaire : 10 dossier(s)et 12 fichier(s) supprimés

########## EOF - C:\AdwCleaner[S2].txt - [10550 octets] ##########
0
Réponse 14 / 48
Benji60000 Messages postés 18 Date d'inscription mardi 1 novembre 2011 Statut Membre Dernière intervention 27 novembre 2011
10 nov. 2011 à 13:37
AD-Remover :



======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 12:28:56 le 10/11/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Ben@SN120480220313 ( )

============== ACTION(S) ==============


Dossier supprimé: C:\Documents and Settings\All Users\Application Data\Trymedia
Dossier supprimé: C:\Documents and Settings\Ben\Application Data\Viewpoint

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{9CDF61B3-3DF3-4699-B41A-B59A50AFAE3A}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CDF61B3-3DF3-4699-B41A-B59A50AFAE3A}
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2672135
Clé supprimée: HKLM\Software\Trymedia Systems
Clé supprimée: HKCU\Software\Lanconfig
Clé supprimée: HKU\.DEFAULT\Software\Conduit
Clé supprimée: HKU\.DEFAULT\Software\conduitEngine
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Casino Tropez
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Dealio
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ClickPotato
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\InternetGameBox
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ShopperReports
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\WebMediaPlayer
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29F06F24-C619-4037-BB0D-95B39EA61CC9}
Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\62119EF862C6B3A0D853419B87EB3E2F6C78640A
Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKLM\Software\MozillaPlugins\@viewpoint.com/VMP

Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo jimddp
Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790572B676585735AA91


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.4 (fr)] ****

FIREFOX.EXE\Shell\Open\Command - "C:\Program Files\Mozilla Firefox\Firefox.exe"
HKLM_MozillaPlugins\Adobe Reader (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)

-- C:\Documents and Settings\Ben\Application Data\Mozilla\FireFox\Profiles\7ayh7ptu.default --
Extensions\unplug@compunach(2) (UnPlug)
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2) (Google Toolbar for Firefox)
Prefs.js - browser.search.defaultenginename, Google
Prefs.js - browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - user_pref(browser.startup.homepage, hxxp://starter.metacafe.com
Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.1
Prefs.js - keyword.URL, hxxp://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
Prefs.js - keyword.URL, hxxp://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
Prefs.js - keyword.URL, hxxp://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
Prefs.js - keyword.URL, hxxp://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=

========================================

**** Google Chrome Version [10.0.648.205] ****

Google Chrome\Shell\Open\Command - C:\Program Files\Google\Chrome\Application\Chrome.exe

-- C:\Documents and Settings\Ben\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.fr/
Preferences - homepage_is_newtabpage: false

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_Toolbar\WebBrowser|{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} (x)
HKCU_Toolbar\WebBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
HKCU_ElevationPolicy\{4536918A-95A8-498F-B542-CB906C561A43} - C:\Documents and Settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (x)
HKLM_ElevationPolicy\6616f61e-b0ba-472c-9384-d4dcd824cebc - C:\Program Files\Mafia2.fr\Mafia2.frToolbarHelper.exe (x)
HKLM_ElevationPolicy\7061d0a4-4ee4-490e-a424-1b925ad27295 - C:\Program Files\Mafia2.fr\Mafia2.frToolbarHelper.exe (x)
HKLM_Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - "Real.com" (C:\Program Files\Real\RealPlayer\eb_inact.ico)
HKLM_Extensions\{d9288080-1baa-4bc4-9cf8-a92d743db949} - "Run IMVU" (C:\Program Files\IMVU\imvu.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 26 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 12 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 10/11/2011 12:29:17 (634 Octet(s))

Fin à: 12:30:13, 10/11/2011

============== E.O.F ==============
0
Réponse 15 / 48
afideg
10 nov. 2011 à 13:47
Simple Up, pour suivre.
... et pour pouvoir ajouter à "Mes interventions".
Merci
Al.
0
Réponse 16 / 48
Utilisateur anonyme
10 nov. 2011 à 13:59
salut Al :)

@benji60000

il manque le rapport pre_script :)
0
Réponse 17 / 48
Benji60000 Messages postés 18 Date d'inscription mardi 1 novembre 2011 Statut Membre Dernière intervention 27 novembre 2011
10 nov. 2011 à 15:25
Il ne s'affiche pas sur le bureau, comment je peux le trouvé autrement ?
0
Réponse 18 / 48
Utilisateur anonyme
10 nov. 2011 à 16:20
vois dans C:\ ?
0
Réponse 19 / 48
Benji60000 Messages postés 18 Date d'inscription mardi 1 novembre 2011 Statut Membre Dernière intervention 27 novembre 2011
10 nov. 2011 à 17:07
il doit être bon :




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 1.0.2.96 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤

Mise à jour : 17/10/2011 | 00.40 Par g3n-h@ckm@n
Utilisateur : Ben (Administrateurs)
Ordinateur : SN120480220313
Système d'exploitation : Microsoft Windows XP (32 bits)
Internet Explorer : 8.0.6001.18702
Mozilla Firefox : 3.6.4 (fr)

Switchs possibles :

processes:: | file:: | folder:: | Registry::
Driver:: | replace:: | DNS:: | Command::
attrib:: | txt:: | Host:: | NsLook::
list:: | IP:: | ADS:: | Kill:: | clean::

Script : 12:10:00

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤


Modification du registre effectuée

¤

Supprimé : C:\WINDOWS\System32\c_68654.nls
Supprimé : C:\WINDOWS\851214797
Absent : C:\WINDOWS\trzB8.tmp
Absent : C:\WINDOWS\uinst001.exe

¤

Absent : C:\Program Files\ConduitEngine
Absent : C:\b0dfc4f6ed8505a876
Absent : C:\f6ec342a5219d7a6afb7f55e43b57f
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 1.0.2.96 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤

Mise à jour : 17/10/2011 | 00.40 Par g3n-h@ckm@n
Utilisateur : Ben (Administrateurs)
Ordinateur : SN120480220313
Système d'exploitation : Microsoft Windows XP (32 bits)
Internet Explorer : 8.0.6001.18702
Mozilla Firefox : 3.6.4 (fr)

Switchs possibles :

processes:: | file:: | folder:: | Registry::
Driver:: | replace:: | DNS:: | Command::
attrib:: | txt:: | Host:: | NsLook::
list:: | IP:: | ADS:: | Kill:: | clean::

Script : 15:21:05

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤


Modification du registre effectuée

¤

Supprimé : C:\WINDOWS\System32\c_68654.nls
Supprimé : C:\WINDOWS\851214797
Absent : C:\WINDOWS\trzB8.tmp
Absent : C:\WINDOWS\uinst001.exe

¤

Absent : C:\Program Files\ConduitEngine
Absent : C:\b0dfc4f6ed8505a876
Absent : C:\f6ec342a5219d7a6afb7f55e43b57f
0
Réponse 20 / 48
Utilisateur anonyme
10 nov. 2011 à 18:22
entier c'est possible ?
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Virus MSN Tinyurl
djkifkif -
matt56430 -

8 réponses