Virus et pb de pare feu

angelique0106 Messages postés 11 Statut Membre -  
juju666 Messages postés 38404 Statut Contributeur sécurité -
Bonjour,
Mon pc a détecté un virux : trojan proxy win 32 sevbov e que je n'arrive pas a supprimer . une page bleu avec des écritures blanches apparait et eteint mon pc . Puis , je ne peux plus activer mon pare feu et windows defender erreur 0 80070424 . Si quelq'un peut m'éclairer . . .


A voir également:

16 réponses

Réponse 1 / 16
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
salut

Dans l'ordre :
▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan"

Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
Si Rootkit.Win32.ZAccess.* est détecté règle sur "cure" en haut , et "delete" en bas

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.

~~


fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.


▶ Télécharge ici :

Malwarebytes

▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

▶ Lance Malwarebyte's .

Fais un examen dit "Complet" .

▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

0
Réponse 2 / 16
angelique0106 Messages postés 11 Statut Membre
 
10:20:14.0456 5248 TDSS rootkit removing tool 2.7.3.0 Jan 16 2012 18:53:41
10:20:14.0643 5248 ============================================================
10:20:14.0643 5248 Current date / time: 2012/01/17 10:20:14.0643
10:20:14.0643 5248 SystemInfo:
10:20:14.0643 5248
10:20:14.0643 5248 OS Version: 6.0.6002 ServicePack: 2.0
10:20:14.0643 5248 Product type: Workstation
10:20:14.0643 5248 ComputerName: PC-DE-ANGÉLIQUE
10:20:14.0643 5248 UserName: Angélique
10:20:14.0643 5248 Windows directory: C:\Windows
10:20:14.0643 5248 System windows directory: C:\Windows
10:20:14.0643 5248 Processor architecture: Intel x86
10:20:14.0643 5248 Number of processors: 1
10:20:14.0643 5248 Page size: 0x1000
10:20:14.0643 5248 Boot type: Normal boot
10:20:14.0643 5248 ============================================================
10:20:15.0923 5248 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:20:16.0001 5248 Initialize success
10:20:25.0735 5272 ============================================================
10:20:25.0735 5272 Scan started
10:20:25.0735 5272 Mode: Manual;
10:20:25.0735 5272 ============================================================
10:20:26.0843 5272 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:20:26.0874 5272 ACPI - ok
10:20:27.0108 5272 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:20:27.0155 5272 adp94xx - ok
10:20:27.0404 5272 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:20:27.0420 5272 adpahci - ok
10:20:27.0560 5272 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:20:27.0576 5272 adpu160m - ok
10:20:27.0638 5272 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:20:27.0669 5272 adpu320 - ok
10:20:27.0794 5272 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:20:27.0825 5272 AFD - ok
10:20:27.0935 5272 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:20:27.0950 5272 agp440 - ok
10:20:27.0997 5272 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:20:28.0013 5272 aic78xx - ok
10:20:28.0122 5272 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:20:28.0137 5272 aliide - ok
10:20:28.0215 5272 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:20:28.0231 5272 amdagp - ok
10:20:28.0309 5272 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:20:28.0325 5272 amdide - ok
10:20:28.0418 5272 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:20:28.0418 5272 AmdK7 - ok
10:20:28.0527 5272 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
10:20:28.0543 5272 AmdK8 - ok
10:20:28.0683 5272 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:20:28.0699 5272 arc - ok
10:20:28.0886 5272 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:20:28.0902 5272 arcsas - ok
10:20:29.0120 5272 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:20:29.0136 5272 AsyncMac - ok
10:20:29.0261 5272 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:20:29.0276 5272 atapi - ok
10:20:29.0526 5272 athr (6046a55f79de9c581b8d5e9c1366cc81) C:\Windows\system32\DRIVERS\athr.sys
10:20:29.0541 5272 athr - ok
10:20:29.0666 5272 AVFSFilter - ok
10:20:29.0729 5272 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:20:29.0744 5272 Beep - ok
10:20:29.0916 5272 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:20:29.0931 5272 blbdrive - ok
10:20:30.0072 5272 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:20:30.0103 5272 bowser - ok
10:20:30.0165 5272 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:20:30.0181 5272 BrFiltLo - ok
10:20:30.0306 5272 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:20:30.0306 5272 BrFiltUp - ok
10:20:30.0337 5272 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:20:30.0384 5272 Brserid - ok
10:20:30.0446 5272 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:20:30.0462 5272 BrSerWdm - ok
10:20:30.0618 5272 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:20:30.0633 5272 BrUsbMdm - ok
10:20:30.0696 5272 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:20:30.0711 5272 BrUsbSer - ok
10:20:30.0805 5272 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:20:30.0821 5272 BTHMODEM - ok
10:20:30.0992 5272 catchme - ok
10:20:31.0117 5272 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:20:31.0133 5272 cdfs - ok
10:20:31.0211 5272 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:20:31.0226 5272 cdrom - ok
10:20:31.0304 5272 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:20:31.0304 5272 circlass - ok
10:20:31.0398 5272 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:20:31.0429 5272 CLFS - ok
10:20:31.0679 5272 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
10:20:31.0694 5272 CmBatt - ok
10:20:31.0757 5272 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:20:31.0757 5272 cmdide - ok
10:20:31.0819 5272 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
10:20:31.0835 5272 Compbatt - ok
10:20:31.0959 5272 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:20:31.0959 5272 crcdisk - ok
10:20:32.0069 5272 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:20:32.0084 5272 Crusoe - ok
10:20:32.0209 5272 DfsC (eadef15138ad2f2b7f8c479d96d1debd) C:\Windows\system32\Drivers\dfsc.sys
10:20:32.0209 5272 Suspicious file (NoAccess): C:\Windows\system32\Drivers\dfsc.sys. md5: eadef15138ad2f2b7f8c479d96d1debd
10:20:32.0209 5272 DfsC ( LockedFile.Multi.Generic ) - warning
10:20:32.0209 5272 DfsC - detected LockedFile.Multi.Generic (1)
10:20:32.0381 5272 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:20:32.0396 5272 disk - ok
10:20:32.0521 5272 driverhardwarev2 (685a4f171de1a9464de7d0a3782f8449) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
10:20:32.0537 5272 driverhardwarev2 - ok
10:20:32.0646 5272 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:20:32.0661 5272 drmkaud - ok
10:20:32.0724 5272 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:20:32.0739 5272 DXGKrnl - ok
10:20:32.0880 5272 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:20:32.0911 5272 E1G60 - ok
10:20:32.0973 5272 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:20:32.0989 5272 Ecache - ok
10:20:33.0098 5272 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:20:33.0161 5272 elxstor - ok
10:20:33.0239 5272 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:20:33.0254 5272 ErrDev - ok
10:20:33.0348 5272 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:20:33.0379 5272 exfat - ok
10:20:33.0551 5272 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:20:33.0566 5272 fastfat - ok
10:20:33.0613 5272 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:20:33.0644 5272 fdc - ok
10:20:33.0738 5272 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:20:33.0769 5272 FileInfo - ok
10:20:33.0816 5272 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:20:33.0816 5272 Filetrace - ok
10:20:33.0909 5272 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:20:33.0909 5272 flpydisk - ok
10:20:33.0987 5272 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:20:33.0987 5272 FltMgr - ok
10:20:34.0128 5272 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:20:34.0143 5272 Fs_Rec - ok
10:20:34.0159 5272 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
10:20:34.0175 5272 FwLnk - ok
10:20:34.0221 5272 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:20:34.0237 5272 gagp30kx - ok
10:20:34.0455 5272 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:20:34.0471 5272 HdAudAddService - ok
10:20:34.0533 5272 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:20:34.0580 5272 HDAudBus - ok
10:20:34.0767 5272 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:20:34.0767 5272 HidBth - ok
10:20:34.0845 5272 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:20:34.0845 5272 HidIr - ok
10:20:34.0923 5272 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:20:34.0939 5272 HidUsb - ok
10:20:35.0033 5272 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:20:35.0048 5272 HpCISSs - ok
10:20:35.0111 5272 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:20:35.0142 5272 HSFHWAZL - ok
10:20:35.0267 5272 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:20:35.0313 5272 HSF_DPV - ok
10:20:35.0454 5272 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:20:35.0469 5272 HSXHWAZL - ok
10:20:35.0547 5272 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
10:20:35.0579 5272 HTTP - ok
10:20:35.0859 5272 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:20:35.0875 5272 i2omp - ok
10:20:36.0000 5272 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:20:36.0000 5272 i8042prt - ok
10:20:36.0078 5272 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
10:20:36.0093 5272 iaStor - ok
10:20:36.0249 5272 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:20:36.0281 5272 iaStorV - ok
10:20:36.0624 5272 igfx (038815297078d236d8cc064c295a74c6) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:20:36.0671 5272 igfx - ok
10:20:36.0827 5272 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:20:36.0827 5272 iirsp - ok
10:20:37.0061 5272 IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
10:20:37.0154 5272 IntcAzAudAddService - ok
10:20:37.0373 5272 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
10:20:37.0388 5272 IntcHdmiAddService - ok
10:20:37.0482 5272 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:20:37.0497 5272 intelide - ok
10:20:37.0513 5272 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:20:37.0529 5272 intelppm - ok
10:20:37.0638 5272 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:20:37.0653 5272 IpFilterDriver - ok
10:20:37.0669 5272 IpInIp - ok
10:20:37.0700 5272 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:20:37.0716 5272 IPMIDRV - ok
10:20:37.0731 5272 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:20:37.0747 5272 IPNAT - ok
10:20:37.0763 5272 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:20:37.0778 5272 IRENUM - ok
10:20:37.0919 5272 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:20:37.0934 5272 isapnp - ok
10:20:38.0043 5272 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:20:38.0059 5272 iScsiPrt - ok
10:20:38.0106 5272 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:20:38.0121 5272 iteatapi - ok
10:20:38.0199 5272 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:20:38.0215 5272 iteraid - ok
10:20:38.0246 5272 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:20:38.0246 5272 kbdclass - ok
10:20:38.0309 5272 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
10:20:38.0309 5272 kbdhid - ok
10:20:38.0418 5272 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
10:20:38.0449 5272 KSecDD - ok
10:20:38.0496 5272 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:20:38.0527 5272 lltdio - ok
10:20:38.0652 5272 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:20:38.0667 5272 LSI_FC - ok
10:20:38.0745 5272 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:20:38.0745 5272 LSI_SAS - ok
10:20:38.0901 5272 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:20:38.0901 5272 LSI_SCSI - ok
10:20:39.0042 5272 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:20:39.0089 5272 luafv - ok
10:20:39.0151 5272 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
10:20:39.0151 5272 MBAMProtector - ok
10:20:39.0213 5272 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:20:39.0229 5272 mdmxsdk - ok
10:20:39.0291 5272 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:20:39.0291 5272 megasas - ok
10:20:39.0354 5272 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:20:39.0369 5272 MegaSR - ok
10:20:39.0432 5272 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:20:39.0432 5272 Modem - ok
10:20:39.0494 5272 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:20:39.0510 5272 monitor - ok
10:20:39.0557 5272 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:20:39.0557 5272 mouclass - ok
10:20:39.0588 5272 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:20:39.0588 5272 mouhid - ok
10:20:39.0666 5272 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:20:39.0681 5272 MountMgr - ok
10:20:39.0775 5272 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
10:20:39.0806 5272 MpFilter - ok
10:20:39.0869 5272 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:20:39.0900 5272 mpio - ok
10:20:40.0009 5272 MpKsl12fb3b13 - ok
10:20:40.0025 5272 MpKsl1f770071 - ok
10:20:40.0040 5272 MpKsl2966807d - ok
10:20:40.0056 5272 MpKsl42046a2c - ok
10:20:40.0071 5272 MpKsl494a9fba - ok
10:20:40.0071 5272 MpKsl4e96c459 - ok
10:20:40.0134 5272 MpKsl5d61c548 (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5D24A7AA-3E04-450E-BD28-062801631A78}\MpKsl5d61c548.sys
10:20:40.0149 5272 MpKsl5d61c548 - ok
10:20:40.0259 5272 MpKsl72774e69 - ok
10:20:40.0259 5272 MpKsl753e5542 - ok
10:20:40.0259 5272 MpKsl9ffd5d44 - ok
10:20:40.0274 5272 MpKslaa2d931d - ok
10:20:40.0290 5272 MpKslcc098b92 - ok
10:20:40.0305 5272 MpKslec1a5e18 - ok
10:20:40.0446 5272 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
10:20:40.0461 5272 MpNWMon - ok
10:20:40.0539 5272 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:20:40.0555 5272 mpsdrv - ok
10:20:40.0602 5272 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:20:40.0617 5272 Mraid35x - ok
10:20:40.0758 5272 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:20:40.0773 5272 MRxDAV - ok
10:20:40.0851 5272 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:20:40.0867 5272 mrxsmb - ok
10:20:40.0961 5272 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:20:40.0992 5272 mrxsmb10 - ok
10:20:41.0070 5272 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:20:41.0070 5272 mrxsmb20 - ok
10:20:41.0210 5272 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:20:41.0226 5272 msahci - ok
10:20:41.0273 5272 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:20:41.0288 5272 msdsm - ok
10:20:41.0413 5272 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:20:41.0413 5272 Msfs - ok
10:20:41.0460 5272 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:20:41.0460 5272 msisadrv - ok
10:20:41.0600 5272 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:20:41.0616 5272 MSKSSRV - ok
10:20:41.0787 5272 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:20:41.0787 5272 MSPCLOCK - ok
10:20:41.0959 5272 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:20:41.0990 5272 MSPQM - ok
10:20:42.0084 5272 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:20:42.0099 5272 MsRPC - ok
10:20:42.0162 5272 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:20:42.0209 5272 mssmbios - ok
10:20:42.0271 5272 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:20:42.0271 5272 MSTEE - ok
10:20:42.0349 5272 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:20:42.0365 5272 Mup - ok
10:20:42.0443 5272 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:20:42.0458 5272 NativeWifiP - ok
10:20:42.0583 5272 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:20:42.0614 5272 NDIS - ok
10:20:42.0817 5272 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:20:42.0833 5272 NdisTapi - ok
10:20:42.0973 5272 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:20:42.0989 5272 Ndisuio - ok
10:20:43.0113 5272 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:20:43.0129 5272 NdisWan - ok
10:20:43.0223 5272 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:20:43.0223 5272 NDProxy - ok
10:20:43.0285 5272 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:20:43.0301 5272 NetBIOS - ok
10:20:43.0457 5272 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:20:43.0519 5272 netbt - ok
10:20:43.0613 5272 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:20:43.0628 5272 nfrd960 - ok
10:20:43.0675 5272 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:20:43.0691 5272 NisDrv - ok
10:20:43.0722 5272 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:20:43.0737 5272 Npfs - ok
10:20:43.0940 5272 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:20:43.0956 5272 nsiproxy - ok
10:20:44.0127 5272 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:20:44.0252 5272 Ntfs - ok
10:20:44.0393 5272 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:20:44.0408 5272 ntrigdigi - ok
10:20:44.0439 5272 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:20:44.0455 5272 Null - ok
10:20:44.0564 5272 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:20:44.0580 5272 nvraid - ok
10:20:44.0595 5272 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:20:44.0611 5272 nvstor - ok
10:20:44.0720 5272 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:20:44.0736 5272 nv_agp - ok
10:20:44.0751 5272 NwlnkFlt - ok
10:20:44.0751 5272 NwlnkFwd - ok
10:20:44.0907 5272 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:20:44.0939 5272 ohci1394 - ok
10:20:45.0141 5272 PAC7302 (14191c739f2af6f9efeb58697535498f) C:\Windows\system32\DRIVERS\PAC7302.SYS
10:20:45.0219 5272 PAC7302 - ok
10:20:45.0313 5272 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:20:45.0329 5272 Parport - ok
10:20:45.0360 5272 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:20:45.0375 5272 partmgr - ok
10:20:45.0407 5272 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:20:45.0422 5272 Parvdm - ok
10:20:45.0531 5272 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:20:45.0547 5272 pci - ok
10:20:45.0594 5272 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
10:20:45.0594 5272 pciide - ok
10:20:45.0703 5272 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:20:45.0719 5272 pcmcia - ok
10:20:45.0797 5272 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:20:45.0828 5272 PEAUTH - ok
10:20:45.0984 5272 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:20:45.0999 5272 PptpMiniport - ok
10:20:46.0077 5272 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:20:46.0093 5272 Processor - ok
10:20:46.0171 5272 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:20:46.0171 5272 PSched - ok
10:20:46.0233 5272 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
10:20:46.0265 5272 PxHelp20 - ok
10:20:46.0436 5272 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:20:46.0483 5272 ql2300 - ok
10:20:46.0717 5272 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:20:46.0733 5272 ql40xx - ok
10:20:46.0811 5272 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:20:46.0826 5272 QWAVEdrv - ok
10:20:46.0904 5272 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:20:46.0920 5272 RasAcd - ok
10:20:47.0169 5272 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:20:47.0185 5272 Rasl2tp - ok
10:20:47.0357 5272 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:20:47.0372 5272 RasPppoe - ok
10:20:47.0419 5272 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:20:47.0435 5272 RasSstp - ok
10:20:47.0778 5272 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:20:47.0809 5272 rdbss - ok
10:20:47.0965 5272 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:20:47.0965 5272 RDPCDD - ok
10:20:48.0027 5272 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:20:48.0027 5272 rdpdr - ok
10:20:48.0137 5272 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:20:48.0137 5272 RDPENCDD - ok
10:20:48.0246 5272 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
10:20:48.0261 5272 RDPWD - ok
10:20:48.0433 5272 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:20:48.0449 5272 rspndr - ok
10:20:48.0542 5272 RTL8169 (8cca591019216e9523e3cb385ce643e6) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:20:48.0542 5272 RTL8169 - ok
10:20:48.0605 5272 RTL8187B (b71d269b9ab5417963e986126c12b9fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
10:20:48.0636 5272 RTL8187B - ok
10:20:48.0776 5272 RtlProt (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys
10:20:48.0792 5272 RtlProt - ok
10:20:48.0917 5272 RTSTOR (01c64783db1f40e1e3df67dd36199b35) C:\Windows\system32\drivers\RTSTOR.SYS
10:20:48.0932 5272 RTSTOR - ok
10:20:49.0057 5272 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:20:49.0073 5272 sbp2port - ok
10:20:49.0400 5272 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:20:49.0416 5272 secdrv - ok
10:20:49.0681 5272 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:20:49.0681 5272 Serenum - ok
10:20:49.0915 5272 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:20:49.0977 5272 Serial - ok
10:20:50.0211 5272 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:20:50.0227 5272 sermouse - ok
10:20:50.0321 5272 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:20:50.0321 5272 sffdisk - ok
10:20:50.0383 5272 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:20:50.0430 5272 sffp_mmc - ok
10:20:50.0492 5272 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:20:50.0508 5272 sffp_sd - ok
10:20:50.0539 5272 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:20:50.0539 5272 sfloppy - ok
10:20:50.0617 5272 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:20:50.0633 5272 sisagp - ok
10:20:50.0664 5272 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:20:50.0664 5272 SiSRaid2 - ok
10:20:51.0101 5272 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:20:51.0132 5272 SiSRaid4 - ok
10:20:51.0366 5272 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:20:51.0381 5272 Smb - ok
10:20:51.0678 5272 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:20:51.0678 5272 spldr - ok
10:20:52.0177 5272 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:20:52.0193 5272 srv - ok
10:20:52.0380 5272 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:20:52.0411 5272 srv2 - ok
10:20:52.0676 5272 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:20:52.0707 5272 srvnet - ok
10:20:53.0207 5272 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys
10:20:53.0207 5272 StarOpen - ok
10:20:53.0581 5272 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:20:53.0597 5272 swenum - ok
10:20:54.0158 5272 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:20:54.0174 5272 Symc8xx - ok
10:20:54.0611 5272 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:20:54.0626 5272 Sym_hi - ok
10:20:55.0016 5272 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:20:55.0032 5272 Sym_u3 - ok
10:20:55.0219 5272 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
10:20:55.0235 5272 SynTP - ok
10:20:55.0562 5272 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
10:20:55.0656 5272 Tcpip - ok
10:20:55.0812 5272 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
10:20:55.0827 5272 Tcpip6 - ok
10:20:56.0015 5272 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
10:20:56.0030 5272 tcpipreg - ok
10:20:56.0139 5272 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
10:20:56.0155 5272 tdcmdpst - ok
10:20:56.0217 5272 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:20:56.0264 5272 TDPIPE - ok
10:20:56.0436 5272 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:20:56.0451 5272 TDTCP - ok
10:20:56.0498 5272 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:20:56.0514 5272 tdx - ok
10:20:56.0701 5272 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:20:56.0717 5272 TermDD - ok
10:20:56.0857 5272 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
10:20:56.0873 5272 tos_sps32 - ok
10:20:57.0060 5272 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:20:57.0075 5272 tssecsrv - ok
10:20:57.0341 5272 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:20:57.0356 5272 tunmp - ok
10:20:57.0653 5272 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:20:57.0653 5272 tunnel - ok
10:20:57.0809 5272 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
10:20:57.0824 5272 TVALZ - ok
10:20:58.0074 5272 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:20:58.0589 5272 uagp35 - ok
10:20:58.0854 5272 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:20:58.0885 5272 udfs - ok
10:20:59.0119 5272 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:20:59.0135 5272 uliagpkx - ok
10:20:59.0384 5272 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:20:59.0400 5272 uliahci - ok
10:20:59.0681 5272 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:20:59.0696 5272 UlSata - ok
10:20:59.0899 5272 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:20:59.0915 5272 ulsata2 - ok
10:21:00.0164 5272 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:21:00.0180 5272 umbus - ok
10:21:00.0367 5272 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
10:21:00.0398 5272 usbaudio - ok
10:21:00.0601 5272 usbbus - ok
10:21:00.0710 5272 USBCamera - ok
10:21:00.0788 5272 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:21:00.0804 5272 usbccgp - ok
10:21:00.0944 5272 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:21:00.0960 5272 usbcir - ok
10:21:01.0100 5272 UsbDiag - ok
10:21:01.0334 5272 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:21:01.0350 5272 usbehci - ok
10:21:02.0177 5272 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:21:02.0208 5272 usbhub - ok
10:21:02.0379 5272 USBModem - ok
10:21:02.0426 5272 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
10:21:02.0426 5272 usbohci - ok
10:21:02.0598 5272 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:21:02.0613 5272 usbprint - ok
10:21:02.0847 5272 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:21:02.0863 5272 usbscan - ok
10:21:02.0957 5272 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:21:02.0972 5272 USBSTOR - ok
10:21:03.0066 5272 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:21:03.0081 5272 usbuhci - ok
10:21:03.0222 5272 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
10:21:03.0253 5272 usbvideo - ok
10:21:03.0284 5272 UVCFTR (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
10:21:03.0300 5272 UVCFTR - ok
10:21:03.0581 5272 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:21:03.0596 5272 vga - ok
10:21:03.0674 5272 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:21:03.0690 5272 VgaSave - ok
10:21:03.0799 5272 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:21:03.0815 5272 viaagp - ok
10:21:03.0986 5272 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:21:04.0002 5272 ViaC7 - ok
10:21:04.0158 5272 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:21:04.0173 5272 viaide - ok
10:21:04.0314 5272 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:21:04.0329 5272 volmgr - ok
10:21:04.0454 5272 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:21:04.0485 5272 volmgrx - ok
10:21:04.0563 5272 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:21:04.0579 5272 volsnap - ok
10:21:04.0829 5272 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:21:04.0844 5272 vsmraid - ok
10:21:05.0047 5272 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:21:05.0063 5272 WacomPen - ok
10:21:05.0094 5272 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:21:05.0109 5272 Wanarp - ok
10:21:05.0125 5272 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:21:05.0125 5272 Wanarpv6 - ok
10:21:05.0328 5272 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:21:05.0343 5272 Wd - ok
10:21:05.0531 5272 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:21:05.0562 5272 Wdf01000 - ok
10:21:05.0780 5272 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:21:05.0827 5272 winachsf - ok
10:21:06.0045 5272 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
10:21:06.0045 5272 WmiAcpi - ok
10:21:06.0201 5272 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
10:21:06.0201 5272 WpdUsb - ok
10:21:06.0295 5272 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:21:06.0326 5272 ws2ifsl - ok
10:21:06.0435 5272 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:21:06.0467 5272 WUDFRd - ok
10:21:06.0560 5272 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
10:21:06.0560 5272 XAudio - ok
10:21:06.0638 5272 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:21:06.0685 5272 \Device\Harddisk0\DR0 - ok
10:21:06.0701 5272 Boot (0x1200) (79b8a9c4c549030a63dd3ac647f477b5) \Device\Harddisk0\DR0\Partition0
10:21:06.0701 5272 \Device\Harddisk0\DR0\Partition0 - ok
10:21:06.0716 5272 Boot (0x1200) (54c71c1a30113ae1a794a1284d8593f6) \Device\Harddisk0\DR0\Partition1
10:21:06.0732 5272 \Device\Harddisk0\DR0\Partition1 - ok
10:21:06.0732 5272 ============================================================
10:21:06.0732 5272 Scan finished
10:21:06.0732 5272 ============================================================
10:21:06.0747 3816 Detected object count: 1
10:21:06.0747 3816 Actual detected object count: 1
10:21:27.0199 3816 DfsC ( LockedFile.Multi.Generic ) - skipped by user
10:21:27.0199 3816 DfsC ( LockedFile.Multi.Generic ) - User select action: Skip
10:21:35.0810 4572 Deinitialize success
0
Réponse 3 / 16
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
mouais....

lance mbam on fera un truc cool après :)
0
Réponse 4 / 16
angelique0106
 
Le pc endommagé est toujours en train de rechercher des infections avec le deuxième logiciel . Pour le moment il en a détecté une . Donc je ne peux pas encore faire l'autre truc .
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
yes j attend le rapport de malwarebytes de toute manière ;)
0
Réponse 6 / 16
angelique0106 Messages postés 11 Statut Membre
 
Alors le pc s'est éteint durant l 'analyse , il a analysé pendant plusieurs heures et a la suite de ce beug j'ai mit du temps a le rallumer . J'ai trois rapports mais surementr pas complet ...

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3025
Windows 6.0.6001 Service Pack 1

24/10/2009 18:15:58
mbam-log-2009-10-24 (18-15-58).txt

Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 227370
Temps écoulé: 1 hour(s), 29 minute(s), 25 second(s)

Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 8

Processus mémoire infecté(s):
C:\Users\Angélique\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Windows\System32\rsiAAEF.tmp.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Delete on reboot.
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (Rogue.Eorezo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{b6acb3f1-6a83-432c-b854-3e1056f87f4e} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{819db72d-1c28-4387-9778-e2ff3dc86f74} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c7b76b90-3455-4ae6-a752-eac4d19689e5} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7b76b90-3455-4ae6-a752-eac4d19689e5} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SoftStronghold (Rogue.SoftStronghold) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eoengine (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rsiaaef.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SoftStronghold (Rogue.SoftStronghold) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\desktop sms (Worm.P2P) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Angélique\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (Rogue.Eorezo) -> Delete on reboot.
C:\Windows\System32\rsiAAEF.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Angélique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F5RU3245\14[1].exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Angélique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AEXPFUGV\setup[1].exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Angélique\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
0
Réponse 7 / 16
angelique0106 Messages postés 11 Statut Membre
 
alwarebytes Anti-Malware (Essai) 1.60.0.1800
www.malwarebytes.org

Version de la base de données: v2012.01.17.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Angélique :: PC-DE-ANGÉLIQUE [administrateur]

Protection: Activé

17/01/2012 10:13:34
mbam-log-2012-01-17 (10-13-34).txt

Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 3045
Temps écoulé: 5 minute(s), 5 seconde(s) [abandonné]

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
0
Réponse 8 / 16
angelique0106 Messages postés 11 Statut Membre
 
2012/01/17 10:13:13 +0100 PC-DE-ANGÉLIQUE Angélique MESSAGE Starting protection
2012/01/17 10:13:18 +0100 PC-DE-ANGÉLIQUE Angélique MESSAGE Protection started successfully
2012/01/17 10:13:21 +0100 PC-DE-ANGÉLIQUE Angélique MESSAGE Starting IP protection
2012/01/17 10:13:21 +0100 PC-DE-ANGÉLIQUE Angélique ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/01/17 10:19:35 +0100 PC-DE-ANGÉLIQUE Angélique MESSAGE Executing scheduled update: Daily
2012/01/17 10:19:37 +0100 PC-DE-ANGÉLIQUE Angélique MESSAGE Database already up-to-date
2012/01/17 15:17:00 +0100 PC-DE-ANGÉLIQUE Angélique MESSAGE Starting protection
2012/01/17 15:17:03 +0100 PC-DE-ANGÉLIQUE Angélique MESSAGE Protection started successfully
2012/01/17 15:17:06 +0100 PC-DE-ANGÉLIQUE Angélique MESSAGE Starting IP protection
2012/01/17 15:17:06 +0100 PC-DE-ANGÉLIQUE Angélique ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
0
Réponse 9 / 16
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
ok ....

Télécharge et lance ComboFix
Ne touche à rien durant le scan

~~

Une fois combofix terminé :


Télécharge DDS de sUBs sur le bureau:

(.scr) https://download.bleepingcomputer.com/sUBs/dds.scr


Lances-le en cliquant sur l'icône

Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau.
Il te sera demandé si tu veux faire le scan optionnel.
Accepte par Oui

Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau.

Poste moi les 3 rapports ainsi obtenus.

0
Réponse 10 / 16
angelique0106 Messages postés 11 Statut Membre
 
rapport dds :

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Angélique at 18:03:42 on 2012-01-17
Microsoft® Windows Vista(TM) Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.2037.821 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\mswinext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10u_ActiveX.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2542115
mDefault_Page_URL = hxxp://www.google.fr
uInternet Settings,ProxyOverride = localhost
uURLSearchHooks: P2P Energy Toolbar: {2bae58c2-79f9-45d1-a286-81f911301c3a} - c:\program files\p2p_energy\tbP2P_.dll
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
uURLSearchHooks: Nova-FR Toolbar: {ec69794b-60b3-44fe-a0b1-1efebfc131eb} - c:\program files\nova-fr\prxtbNov0.dll
uURLSearchHooks: Discover France Toolbar: {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - c:\program files\recherche_france\prxtbRec0.dll
uURLSearchHooks: Softonic_France Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - c:\program files\softonic_france\tbSoft.dll
mURLSearchHooks: P2P Energy Toolbar: {2bae58c2-79f9-45d1-a286-81f911301c3a} - c:\program files\p2p_energy\tbP2P_.dll
mURLSearchHooks: Nova-FR Toolbar: {ec69794b-60b3-44fe-a0b1-1efebfc131eb} - c:\program files\nova-fr\prxtbNov0.dll
mURLSearchHooks: Discover France Toolbar: {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - c:\program files\recherche_france\prxtbRec0.dll
mURLSearchHooks: Softonic_France Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - c:\program files\softonic_france\tbSoft.dll
BHO: Aide pour le lien d'Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: P2P Energy Toolbar: {2bae58c2-79f9-45d1-a286-81f911301c3a} - c:\program files\p2p_energy\tbP2P_.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Softonic_France Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - c:\program files\softonic_france\tbSoft.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Interest recogniser for Crazyloader (powered by Spointer): {c5f65718-341d-4e7d-9842-fcb9cc89527e} - c:\program files\crazyloader\spointer\extensions\crazyloader_air_ie.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
BHO: Discover France Toolbar: {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - c:\program files\recherche_france\prxtbRec0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Nova-FR Toolbar: {ec69794b-60b3-44fe-a0b1-1efebfc131eb} - c:\program files\nova-fr\prxtbNov0.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: P2P Energy Toolbar: {2bae58c2-79f9-45d1-a286-81f911301c3a} - c:\program files\p2p_energy\tbP2P_.dll
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: Nova-FR Toolbar: {ec69794b-60b3-44fe-a0b1-1efebfc131eb} - c:\program files\nova-fr\prxtbNov0.dll
TB: Discover France Toolbar: {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - c:\program files\recherche_france\prxtbRec0.dll
TB: Softonic_France Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - c:\program files\softonic_france\tbSoft.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Speech Recognition] "c:\windows\speech\common\sapisvr.exe" -SpeechUX -Startup
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [msnmsgr] ~"c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [EADM] "c:\program files\origin\Origin.exe" -AutoStart
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album edition découverte\3.2\apps\apdproxy.exe"
mRun: [Skytel] Skytel.exe
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\users\angliq~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\notifi~1.lnk - c:\users\angélique\appdata\roaming\microsoft\notification de cadeaux msn\lsnfier.exe
StartupFolder: c:\users\angliq~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr
IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6DD1CD46-EB2A-4992-A366-0E0BDC3DE9A8} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsl5d61c548;MpKsl5d61c548;c:\programdata\microsoft\microsoft antimalware\definition updates\{5d24a7aa-3e04-450e-bd28-062801631a78}\MpKsl5d61c548.sys [2012-1-17 29904]
R1 MpKsl6c2c2922;MpKsl6c2c2922;c:\programdata\microsoft\microsoft antimalware\definition updates\{5d24a7aa-3e04-450e-bd28-062801631a78}\MpKsl6c2c2922.sys [2012-1-17 29904]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\drivers\RtlProt.sys [2009-4-11 25896]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2007-12-25 40960]
R2 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-17 652872]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-2-15 7168]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-17 20464]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-1-17 40776]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Inspection réseau Microsoft;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 RTL8187B;Adaptateur réseau USB 2.0 54Mbps, 802.11b/g sans fil Realtek RTL8187B;c:\windows\system32\drivers\rtl8187B.sys [2009-4-11 290304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca03c8ba68770b;Service Google Update (gupdate1ca03c8ba68770b);c:\program files\google\update\GoogleUpdate.exe [2009-7-13 133104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-2-15 30192]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-7-13 133104]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-2-15 111616]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-9-23 238960]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-01-17 16:37:39 -------- d-s---w- C:\ComboFix
2012-01-17 14:18:54 -------- d-----w- c:\users\angélique\appdata\local\{678644F7-79FA-4C23-9B89-C68F930F4866}
2012-01-17 14:18:22 -------- d-----w- c:\users\angélique\appdata\local\{3AD2B3E7-B3D8-4717-9DFF-17C4CE932745}
2012-01-17 14:13:20 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5d24a7aa-3e04-450e-bd28-062801631a78}\MpKsl6c2c2922.sys
2012-01-17 09:23:14 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-17 09:05:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-17 09:05:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-17 08:58:34 703824 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll
2012-01-17 08:58:32 703824 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3347bf98-7de5-430d-a73b-2ed33d4870c3}\gapaengine.dll
2012-01-17 08:57:14 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5d24a7aa-3e04-450e-bd28-062801631a78}\MpKsl5d61c548.sys
2012-01-17 08:56:55 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5d24a7aa-3e04-450e-bd28-062801631a78}\offreg.dll
2012-01-17 08:56:50 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5d24a7aa-3e04-450e-bd28-062801631a78}\mpengine.dll
2012-01-17 08:51:57 -------- d-----w- c:\program files\Microsoft Security Client
2012-01-17 08:51:01 -------- d-----w- c:\users\angélique\appdata\local\{4438E0CE-D63C-4757-B9E2-294C2B70436A}
2012-01-17 08:50:33 -------- d-----w- c:\users\angélique\appdata\local\{DDE86F6D-B75D-4599-86A6-24DC762E2A9E}
2012-01-17 08:47:14 -------- d-----w- c:\users\angélique\appdata\local\Origin
2012-01-17 08:47:08 -------- d-----w- c:\users\angélique\appdata\roaming\Origin
2012-01-17 08:28:43 -------- d-----w- c:\programdata\Origin
2012-01-17 08:27:23 -------- d-----w- c:\program files\Origin
2012-01-17 08:24:11 -------- d-----w- c:\users\angélique\appdata\local\{C7FAFF31-3852-4B6C-B699-2AE4625D8B1E}
2012-01-17 08:23:45 -------- d-----w- c:\users\angélique\appdata\local\{7C5FCCA4-5628-402B-85C2-E622D068F84C}
2012-01-17 08:12:58 -------- d-----w- c:\users\angélique\appdata\local\{BD058F5E-DD45-4B13-B654-6D8FB2A8F81A}
2012-01-17 08:12:34 -------- d-----w- c:\users\angélique\appdata\local\{9437CDB8-CFAD-4ECC-A920-A535BF132179}
2012-01-16 13:47:19 98816 ----a-w- c:\windows\sed.exe
2012-01-16 13:47:19 518144 ----a-w- c:\windows\SWREG.exe
2012-01-16 13:47:19 256000 ----a-w- c:\windows\PEV.exe
2012-01-16 13:47:19 208896 ----a-w- c:\windows\MBR.exe
2012-01-16 13:36:31 -------- d-----w- c:\users\angélique\appdata\local\{A5CA4256-ECDC-4760-8A0C-9505A331FC90}
2012-01-16 13:36:09 -------- d-----w- c:\users\angélique\appdata\local\{A096B08D-DF4A-4683-BA64-AFE3EFB44CDD}
2012-01-16 12:44:27 -------- d-----w- c:\programdata\clp
2012-01-16 12:43:54 -------- d-----w- c:\users\angélique\appdata\roaming\Fighters
2012-01-16 12:43:18 -------- d-----w- c:\programdata\Common Toolkit Suite
2012-01-16 12:42:08 -------- d-----w- c:\programdata\Fighters
2012-01-16 12:21:29 -------- d-----w- c:\users\angélique\appdata\local\{A0544166-50C1-4B58-987B-458007DFDF7B}
2012-01-16 12:21:09 -------- d-----w- c:\users\angélique\appdata\local\{293E87F8-E106-4964-A5C1-F7BDCE985BE3}
2012-01-16 11:34:41 -------- d-----w- c:\users\angélique\appdata\local\{22C82404-24C4-4B53-810D-2EB103621695}
2012-01-16 11:34:21 -------- d-----w- c:\users\angélique\appdata\local\{94C37076-804C-45F5-BB85-B0FF0ADD9B4C}
2012-01-13 16:43:38 -------- d-----w- C:\ZHP
2012-01-13 16:37:27 -------- d-----w- c:\users\angélique\appdata\local\{72E65EBB-E21C-4FA4-AF7B-5B7AB4D30863}
2012-01-13 16:36:55 -------- d-----w- c:\users\angélique\appdata\local\{14A39C0D-D59F-4C83-8081-1FBA62818580}
2012-01-13 16:10:02 -------- d-----w- c:\users\angélique\appdata\local\{9578CFFD-AC43-4C0B-8519-43A507BF5637}
2012-01-13 10:35:19 -------- d-----w- c:\users\angélique\appdata\local\{5810A355-C463-4AAE-93F5-F3479A14949E}
2012-01-13 10:34:55 -------- d-----w- c:\users\angélique\appdata\local\{7E1B5E41-CB4A-4494-A178-264B972D9F6F}
2012-01-13 10:31:01 -------- d-----w- c:\users\angélique\appdata\local\{73E6E8D7-92E2-45A4-A3EA-4C74C9B97E6F}
2012-01-12 13:41:38 -------- d-----w- c:\users\angélique\appdata\local\{28445BBE-7F36-41DC-B60D-39E940C25309}
2012-01-12 13:41:07 -------- d-----w- c:\users\angélique\appdata\local\{4DB1F7C6-E0CC-412B-86A6-FE849DCE4704}
2012-01-12 09:00:55 -------- d-----w- c:\users\angélique\appdata\local\{F17C064A-4081-4DA3-9845-F63ABD8965AB}
2012-01-12 09:00:28 -------- d-----w- c:\users\angélique\appdata\local\{5D619A54-AB23-4F77-B9DD-412CE64E29C7}
2012-01-11 10:25:09 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 10:25:09 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 10:25:08 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 10:25:05 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 10:25:04 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 10:25:02 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-01-11 10:24:43 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 10:24:43 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 09:49:18 -------- d-----w- c:\users\angélique\appdata\local\{4B25456F-556F-4687-9687-A041095EB60C}
2012-01-11 09:48:46 -------- d-----w- c:\users\angélique\appdata\local\{473953BB-D9DE-49E6-8073-9578724ECBB7}
2012-01-10 17:09:48 -------- d-----w- c:\users\angélique\appdata\local\{A72944B0-BF27-4C5A-B492-CFD6F699C403}
2012-01-10 17:09:15 -------- d-----w- c:\users\angélique\appdata\local\{E4C7A628-D16F-40A3-9B2E-89578934A792}
2012-01-10 08:32:57 -------- d-----w- c:\program files\Alex Feinman
2012-01-10 07:45:24 -------- d-----w- c:\users\angélique\appdata\local\{323C34CC-4C84-44A6-A9EA-CC323A679B6C}
2012-01-10 07:45:04 -------- d-----w- c:\users\angélique\appdata\local\{3240F923-3A10-4434-B82C-5D37B0C7C440}
2012-01-02 10:15:22 -------- d-----w- c:\users\angélique\appdata\local\SanctionedMedia
2012-01-02 09:40:29 -------- d-----w- c:\users\angélique\appdata\local\{05856BC5-C9C6-46A3-AD76-B1A0E7C69D9C}
2012-01-02 09:40:18 -------- d-----w- c:\users\angélique\appdata\local\{7A7A57A4-DAD8-443E-9078-10C49B90AA4D}
2012-01-01 16:55:58 -------- d-----w- c:\users\angélique\appdata\local\{F1D92652-816E-4D1C-A302-AB839A432ACC}
2012-01-01 16:55:47 -------- d-----w- c:\users\angélique\appdata\local\{8E4E47F2-F635-4617-9BD9-1E174E46C162}
2012-01-01 10:37:21 -------- d-----w- c:\users\angélique\appdata\local\{048EAF38-F83E-421F-8799-F25C0E2F444B}
2012-01-01 10:37:06 -------- d-----w- c:\users\angélique\appdata\local\{48473438-6ADD-4561-8DDA-BABAFEC9E551}
2011-12-27 16:50:55 -------- d-----w- c:\users\angélique\appdata\local\{EA0AA2D8-7A52-4309-9120-6228851ED054}
2011-12-27 16:50:31 -------- d-----w- c:\users\angélique\appdata\local\{0F6E237E-6D4D-423F-A92A-3F6B71B1CB24}
2011-12-27 12:31:04 -------- d-----w- c:\users\angélique\appdata\local\{8E315077-A327-40E0-9D13-CE897F26CEE4}
2011-12-27 12:18:00 -------- d-----w- c:\users\angélique\appdata\local\{A0918E41-DB71-44D3-919E-ED533EA06771}
2011-12-27 12:17:46 -------- d-----w- c:\users\angélique\appdata\local\{8F800748-E78D-4466-AE8E-171B44AB46EB}
2011-12-26 12:02:56 -------- d-----w- c:\users\angélique\appdata\local\{55F12A1D-257F-49DE-8E3E-137216FECB47}
2011-12-26 12:02:29 -------- d-----w- c:\users\angélique\appdata\local\{17C3E1DB-1E87-4170-B00B-182EB701C9D3}
2011-12-25 13:26:16 -------- d-----w- c:\users\angélique\appdata\local\{FA5A97F0-9029-48A1-8D2A-19AA1865B3F3}
2011-12-25 13:26:05 -------- d-----w- c:\users\angélique\appdata\local\{E8BDB8EF-9927-43A7-AF43-4BFFBB5D1E44}
2011-12-24 13:46:16 -------- d-----w- c:\users\angélique\appdata\local\{F0970799-99D9-4FDB-9F49-2E732A354789}
2011-12-24 13:45:55 -------- d-----w- c:\users\angélique\appdata\local\{C24C2CFE-D5F9-4D1C-825D-B188F5C0D524}
2011-12-23 11:34:41 -------- d-----w- c:\users\angélique\appdata\local\{4FBF4773-E2B2-4088-8D3B-4150D53729AC}
2011-12-23 11:34:26 -------- d-----w- c:\users\angélique\appdata\local\{5956E130-6DBB-4FD2-BB59-6E9D83559E06}
2011-12-22 11:40:19 -------- d-----w- c:\users\angélique\appdata\local\{D6F53FB6-083B-4EF4-AA6C-25BDC8059069}
2011-12-22 11:40:08 -------- d-----w- c:\users\angélique\appdata\local\{4E7B47AD-BE94-4192-A8F5-BECC4EF66769}
2011-12-22 09:36:35 -------- d-----w- c:\users\angélique\appdata\local\{1318284F-B619-49FB-BCB9-D873D4D9682F}
2011-12-22 09:36:24 -------- d-----w- c:\users\angélique\appdata\local\{3B1C3522-D3A8-4A0D-8438-9076AD27E4BD}
2011-12-21 15:15:42 -------- d-----w- c:\users\angélique\appdata\local\{57C3953A-F862-4D11-9BE8-B8F052A556C9}
2011-12-21 15:15:09 -------- d-----w- c:\users\angélique\appdata\local\{DD4343D2-4724-4767-A6DC-F22315E42FEE}
2011-12-20 07:59:53 -------- d-----w- c:\users\angélique\appdata\local\{01D3D662-19F6-4E96-8CBD-7F0844DB44B5}
2011-12-20 07:59:38 -------- d-----w- c:\users\angélique\appdata\local\{172CFBBD-0A1C-44AA-BF06-840D2D7275F0}
2011-12-19 08:09:36 -------- d-----w- c:\users\angélique\appdata\local\{324DD9B9-CD54-4647-B4DB-AF7FA4789BE9}
2011-12-19 08:08:08 -------- d-----w- c:\users\angélique\appdata\local\{2F4AA6B4-AA12-4620-BBB6-1984BA0D274F}
.
==================== Find3M ====================
.
2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 14:42:19 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 08:01:53 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01:53 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 15:56:04 49152 ----a-w- c:\windows\system32\csrsrv.dll
.
============= FINISH: 18:04:09,67 ===============
0
Réponse 11 / 16
angelique0106 Messages postés 11 Statut Membre
 
rapport attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista(TM) Édition Familiale Basique
Boot Device: \Device\HarddiskVolume2
Install Date: 11/04/2009 14:23:00
System Uptime: 17/01/2012 15:12:19 (3 hours ago)
.
Motherboard: Intel Corp. | | Base Board Product Name
Processor: Intel(R) Celeron(R) CPU 560 @ 2.13GHz | CPU | 2128/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 56 GiB total, 2,481 GiB free.
E: is FIXED (NTFS) - 55 GiB total, 50,15 GiB free.
F: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Périphérique vidéo USB
Device ID: USB\VID_04F2&PID_B070&MI_00\6&6C4765A&1&0000
Manufacturer: Microsoft
Name: Chicony USB 2.0 Camera
PNP Device ID: USB\VID_04F2&PID_B070&MI_00\6&6C4765A&1&0000
Service: usbvideo
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Synaptics PS/2 Port TouchPad
Device ID: ACPI\SYN1913\4&1FE68D94&0
Manufacturer: Synaptics
Name: Synaptics PS/2 Port TouchPad
PNP Device ID: ACPI\SYN1913\4&1FE68D94&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP630: 17/01/2012 09:12:30 - Removed Skype(TM) 5.5
RP631: 17/01/2012 09:14:35 - Windows Update
RP633: 17/01/2012 09:27:11 - Supprimé LG PC Suite II
RP635: 17/01/2012 09:40:19 - Supprimé LG USB Modem driver
RP636: 17/01/2012 09:43:40 - Removed Skype(TM) 5.5
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Ad-Remover By C_XX
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.2.0 - Français
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Edition Découverte 3.2
Apple Mobile Device Support
Apple Software Update
ArcSoft Software Suite
Astérix Maxi-Délirium
AVS Media Player 4.1.2.65
AVS Update Manager 1.0
AVS Video Converter 6
AVS4YOU Software Navigator 1.4
Barre d'outils Bing
Bing Bar Platform
Bonjour
Click to Call with Skype
Codeur Windows Media Série 9
Conduit Engine
CrazyLoader
CX4300_5500_DX4400 Manuel
D3DX10
Desktop SMS
DVD MovieFactory for TOSHIBA
eoEngine 9.1
Falsh Player 10
Galerie de photos Windows Live
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
Google Earth
HDAUDIO Soft Data Fax Modem with SmartCP
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
ISO Recorder
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 3
Junk Mail filter update
Les Sims(TM) 3
Les Sims(TM) 3 Accès VIP
Les Sims(TM) 3 Ambitions
Logiciel d'archivage WinRAR
Ma-Config.com
Malwarebytes Anti-Malware version 1.60.0.1800
Manuels TOSHIBA
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - fra
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile FRA Language Pack
Microsoft Antimalware
Microsoft Antimalware Service FR-FR Language Pack
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (French) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (French) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office PowerPoint Viewer 2007 (French)
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (French) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Client FR-FR Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft XML Parser
Mise à jour Microsoft Office Excel 2007 Help (KB963678)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)
Mise à jour Microsoft Office Word 2007 Help (KB963665)
Module de compatibilité pour Microsoft Office System 2007
Module linguistique Microsoft .NET Framework 3.5 SP1- fra
Module linguistique Microsoft .NET Framework 4 Client Profile FRA
MSVCRT
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
myphotobook 3.5
NetWaiting
Notification de cadeaux MSN
Nova-FR Toolbar
OpenOffice.org 3.2
Origin
P2P_Energy Toolbar
Pando Media Booster
PC Camera
PDF-XChange 3
Picasa 3
QuickTime
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
REALTEK RTL8187B Wireless LAN Driver
Realtek USB 2.0 Card Reader
Realtek WiFi Protected Setup Library
Recherche_France Toolbar
Réducteur de bruit du lecteur de CD/DVD
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663)
Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Segoe UI
Softonic_France Toolbar
SoftwareUpdate 1.0
SweetIM for Messenger 2.7
SweetIM Toolbar for Internet Explorer 3.4
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
Toshiba Online Product Information
TOSHIBA Recovery Disc Creator
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TRDCReminder
TRORDCLauncher
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office OneNote 2007 (KB980729)
Windows Live
Windows Live Communications Platform
Windows Live FolderShare
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== End Of File ===========================
0
Réponse 12 / 16
angelique0106 Messages postés 11 Statut Membre
 
POur combo fix c'est normal que se soit long ? ILy a marqué une dizaine de minnute et au bout de 30 minutes toujours rien donc j'ai fais les deux autres . Vous avez besoin du premier ?
0
Réponse 13 / 16
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
yes si possible j'ai besoin du combofix ....

il en est où ?
0
Réponse 14 / 16
angelique0106 Messages postés 11 Statut Membre
 
J'ai l'impression que sa ne marche pas
0
Réponse 15 / 16
angelique0106
 
C'est écrit : recherche de fichiers infectés
ceci ne prend generalement pas plus de 10 minutes
Le temos d'analyse d'une machinse seerement infectée peut facilement doubler

Et , une barre horizontal clignote

Mais c'est tout .
0
Réponse 16 / 16
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
redémarre la machine en mode sans échec (tapote F8 au démarrage)
et lance le en mode sans échec
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
telecharger une vidéo d'un feu de cheminée réèl sur clé USB
Jfa -
Panth33ra -

1 réponse
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Erreur 0x800700E1
Didiervd -
Viktimz -

11 réponses