Virus police nationale

Résolu
bxlucky -  
 mxzone -
Bonjour,



j ai chopé hier soir un virus police notionale sacem sur mon portable qui est sous vista, je n ai plus d acces a windows ni en normal ni en mode sans echec. Quelqu un peu t il me venir en aide.

merci
bxlucky
A voir également:

35 réponses

Précédent
  • 1
  • 2
Réponse 21 / 35
bxlucky
 
en tout cas un grand merci pour ton aide, je vais faire les mises a jour
0
Réponse 22 / 35
Utilisateur anonyme
 
Re

Télécharge TDSSKiller

*Créez un nouveau dossier sur votre bureau puis décompressez l'archive dedans
* Lancez le programme en cliquant sur TDSSKiller.exe, l'analyse se fait automatiquement, si l'infection est détectée, des éléments cachés (= hidden) seront alors affichés.


Si TDSS.tdl2 est détecté: l'option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté: assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté: assure toi que Cure est bien cochée.
Si Rootkit.Win32.ZAccess.* est détecté : règle sur "cure" en haut , et "delete" en bas
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
une fois qu'il a terminé , redémarre s'il te le demande pour finir de nettoyer

sinon , ferme TDSSKiller et le rapport s'affichera sur le bureau

Poste moi son rapport à l'issue; merci

@+
0
Réponse 23 / 35
bxlucky
 
je trouve pas le rapport
0
Réponse 24 / 35
Utilisateur anonyme
 
Re

Regarde à C:\TDSSKiller_N°Version_Date_Heure.txt

@+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 35
bxlucky
 
19:23:43.0576 7448 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
19:23:43.0783 7448 ============================================================
19:23:43.0783 7448 Current date / time: 2012/04/28 19:23:43.0783
19:23:43.0783 7448 SystemInfo:
19:23:43.0783 7448
19:23:43.0783 7448 OS Version: 6.0.6000 ServicePack: 0.0
19:23:43.0783 7448 Product type: Workstation
19:23:43.0783 7448 ComputerName: PC-DE-BRUNO
19:23:43.0783 7448 UserName: bruno
19:23:43.0783 7448 Windows directory: C:\Windows
19:23:43.0783 7448 System windows directory: C:\Windows
19:23:43.0783 7448 Processor architecture: Intel x86
19:23:43.0783 7448 Number of processors: 2
19:23:43.0783 7448 Page size: 0x1000
19:23:43.0783 7448 Boot type: Normal boot
19:23:43.0783 7448 ============================================================
19:23:44.0503 7448 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:23:44.0633 7448 ============================================================
19:23:44.0633 7448 \Device\Harddisk0\DR0:
19:23:44.0633 7448 MBR partitions:
19:23:44.0633 7448 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x6, StartLBA 0x1385000, BlocksNum 0x8B8C000
19:23:44.0633 7448 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9F11000, BlocksNum 0x8B08000
19:23:44.0633 7448 ============================================================
19:23:44.0673 7448 C: <-> \Device\Harddisk0\DR0\Partition0
19:23:44.0713 7448 D: <-> \Device\Harddisk0\DR0\Partition1
19:23:44.0713 7448 ============================================================
19:23:44.0713 7448 Initialize success
19:23:44.0713 7448 ============================================================
19:23:49.0503 7548 ============================================================
19:23:49.0503 7548 Scan started
19:23:49.0503 7548 Mode: Manual;
19:23:49.0503 7548 ============================================================
19:23:52.0646 7548 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
19:23:52.0646 7548 ACPI - ok
19:23:52.0706 7548 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
19:23:52.0716 7548 adp94xx - ok
19:23:52.0766 7548 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
19:23:52.0786 7548 adpahci - ok
19:23:52.0816 7548 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
19:23:52.0826 7548 adpu160m - ok
19:23:52.0856 7548 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
19:23:52.0876 7548 adpu320 - ok
19:23:52.0926 7548 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:23:52.0926 7548 AeLookupSvc - ok
19:23:52.0956 7548 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
19:23:52.0966 7548 AFD - ok
19:23:53.0006 7548 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
19:23:53.0016 7548 agp440 - ok
19:23:53.0066 7548 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:23:53.0086 7548 aic78xx - ok
19:23:53.0096 7548 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
19:23:53.0096 7548 ALG - ok
19:23:53.0136 7548 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
19:23:53.0136 7548 aliide - ok
19:23:53.0156 7548 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
19:23:53.0166 7548 amdagp - ok
19:23:53.0186 7548 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
19:23:53.0196 7548 amdide - ok
19:23:53.0216 7548 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
19:23:53.0216 7548 AmdK7 - ok
19:23:53.0246 7548 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
19:23:53.0256 7548 AmdK8 - ok
19:23:53.0346 7548 AMService - ok
19:23:53.0396 7548 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys
19:23:53.0406 7548 ApfiltrService - ok
19:23:53.0436 7548 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
19:23:53.0436 7548 Appinfo - ok
19:23:53.0476 7548 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
19:23:53.0486 7548 arc - ok
19:23:53.0506 7548 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
19:23:53.0516 7548 arcsas - ok
19:23:53.0556 7548 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
19:23:53.0556 7548 AsyncMac - ok
19:23:53.0586 7548 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
19:23:53.0596 7548 atapi - ok
19:23:53.0656 7548 athr (b0c272def210b149c0bfa0d85600ce4b) C:\Windows\system32\DRIVERS\athr.sys
19:23:53.0666 7548 athr - ok
19:23:53.0716 7548 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
19:23:53.0716 7548 AudioEndpointBuilder - ok
19:23:53.0736 7548 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
19:23:53.0736 7548 Audiosrv - ok
19:23:53.0786 7548 b57nd60x (c7ea0e3e37ff1cd2bb65636448322572) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:23:53.0816 7548 b57nd60x - ok
19:23:53.0906 7548 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
19:23:53.0916 7548 BBSvc - ok
19:23:53.0976 7548 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
19:23:53.0986 7548 BBUpdate - ok
19:23:54.0066 7548 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
19:23:54.0066 7548 Beep - ok
19:23:54.0196 7548 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
19:23:54.0216 7548 BITS - ok
19:23:54.0226 7548 blbdrive - ok
19:23:54.0276 7548 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
19:23:54.0276 7548 bowser - ok
19:23:54.0316 7548 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:23:54.0336 7548 BrFiltLo - ok
19:23:54.0356 7548 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:23:54.0366 7548 BrFiltUp - ok
19:23:54.0406 7548 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
19:23:54.0416 7548 Browser - ok
19:23:54.0446 7548 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:23:54.0466 7548 Brserid - ok
19:23:54.0496 7548 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:23:54.0506 7548 BrSerWdm - ok
19:23:54.0546 7548 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:23:54.0556 7548 BrUsbMdm - ok
19:23:54.0576 7548 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:23:54.0586 7548 BrUsbSer - ok
19:23:54.0626 7548 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:23:54.0626 7548 BTHMODEM - ok
19:23:54.0726 7548 ccEvtMgr (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
19:23:54.0726 7548 ccEvtMgr - ok
19:23:54.0736 7548 ccSetMgr (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
19:23:54.0736 7548 ccSetMgr - ok
19:23:54.0766 7548 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
19:23:54.0766 7548 cdfs - ok
19:23:54.0786 7548 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
19:23:54.0786 7548 cdrom - ok
19:23:54.0826 7548 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
19:23:54.0826 7548 CertPropSvc - ok
19:23:54.0836 7548 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\DRIVERS\circlass.sys
19:23:54.0846 7548 circlass - ok
19:23:54.0906 7548 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
19:23:54.0916 7548 CLFS - ok
19:23:54.0986 7548 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:23:55.0006 7548 clr_optimization_v2.0.50727_32 - ok
19:23:55.0016 7548 CLTNetCnService (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
19:23:55.0016 7548 CLTNetCnService - ok
19:23:55.0056 7548 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
19:23:55.0066 7548 CmBatt - ok
19:23:55.0096 7548 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
19:23:55.0106 7548 cmdide - ok
19:23:55.0156 7548 cmuda - ok
19:23:55.0196 7548 comHost (7ce352882828c12dd7632b172253a02c) C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
19:23:55.0216 7548 comHost - ok
19:23:55.0246 7548 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
19:23:55.0246 7548 Compbatt - ok
19:23:55.0246 7548 COMSysApp - ok
19:23:55.0266 7548 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
19:23:55.0266 7548 crcdisk - ok
19:23:55.0296 7548 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
19:23:55.0306 7548 Crusoe - ok
19:23:55.0346 7548 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
19:23:55.0356 7548 CryptSvc - ok
19:23:55.0426 7548 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
19:23:55.0436 7548 DcomLaunch - ok
19:23:55.0496 7548 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
19:23:55.0496 7548 DfsC - ok
19:23:55.0686 7548 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
19:23:55.0736 7548 DFSR - ok
19:23:55.0876 7548 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
19:23:55.0886 7548 Dhcp - ok
19:23:55.0926 7548 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
19:23:55.0926 7548 disk - ok
19:23:55.0946 7548 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
19:23:55.0956 7548 DKbFltr - ok
19:23:55.0996 7548 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
19:23:56.0006 7548 Dnscache - ok
19:23:56.0026 7548 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
19:23:56.0036 7548 dot3svc - ok
19:23:56.0056 7548 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
19:23:56.0066 7548 DPS - ok
19:23:56.0116 7548 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
19:23:56.0126 7548 DritekPortIO - ok
19:23:56.0146 7548 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
19:23:56.0156 7548 drmkaud - ok
19:23:56.0226 7548 DXGKrnl (b95202efd0464d226e7542c1e319c028) C:\Windows\System32\drivers\dxgkrnl.sys
19:23:56.0226 7548 DXGKrnl - ok
19:23:56.0256 7548 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:23:56.0266 7548 E1G60 - ok
19:23:56.0296 7548 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
19:23:56.0296 7548 EapHost - ok
19:23:56.0326 7548 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
19:23:56.0326 7548 Ecache - ok
19:23:56.0456 7548 eDataSecurity Service (f54907aa07f60aff81e1e09e97af98b0) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
19:23:56.0476 7548 eDataSecurity Service - ok
19:23:56.0606 7548 eeCtrl (fb069d8270853023f6e315745b5bbad4) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
19:23:56.0626 7548 eeCtrl - ok
19:23:56.0686 7548 ehRecvr (b4580122b0a7b263b6ee9acba69c8013) C:\Windows\ehome\ehRecvr.exe
19:23:56.0696 7548 ehRecvr - ok
19:23:56.0716 7548 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:23:56.0716 7548 ehSched - ok
19:23:56.0726 7548 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:23:56.0736 7548 ehstart - ok
19:23:56.0786 7548 eLockService (fb5383bfd4dec6792aaef76c9343ecff) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
19:23:56.0796 7548 eLockService - ok
19:23:56.0946 7548 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
19:23:56.0966 7548 elxstor - ok
19:23:57.0046 7548 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
19:23:57.0056 7548 EMDMgmt - ok
19:23:57.0086 7548 enecir (29dcaeb81dde6f154aa4d36b18ecbb1f) C:\Windows\system32\DRIVERS\enecir.sys
19:23:57.0096 7548 enecir - ok
19:23:57.0146 7548 eNet Service (9316c26f089cf2cea2bd1496ac9f38a4) C:\Acer\Empowering Technology\eNet\eNet Service.exe
19:23:57.0166 7548 eNet Service - ok
19:23:57.0206 7548 eRecoveryService (3d184410ef5ee017e186ac96181b3ff8) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
19:23:57.0216 7548 eRecoveryService - ok
19:23:57.0236 7548 eSettingsService (cf2584cdf90da24d3044021aaad5dbab) C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
19:23:57.0246 7548 eSettingsService - ok
19:23:57.0306 7548 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
19:23:57.0316 7548 EventSystem - ok
19:23:57.0346 7548 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
19:23:57.0346 7548 fastfat - ok
19:23:57.0396 7548 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
19:23:57.0406 7548 fdc - ok
19:23:57.0456 7548 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
19:23:57.0456 7548 fdPHost - ok
19:23:57.0486 7548 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:23:57.0486 7548 FDResPub - ok
19:23:57.0496 7548 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
19:23:57.0506 7548 FileInfo - ok
19:23:57.0536 7548 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
19:23:57.0536 7548 Filetrace - ok
19:23:57.0546 7548 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
19:23:57.0556 7548 flpydisk - ok
19:23:57.0576 7548 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
19:23:57.0586 7548 FltMgr - ok
19:23:57.0676 7548 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:23:57.0696 7548 FontCache3.0.0.0 - ok
19:23:57.0726 7548 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
19:23:57.0736 7548 fssfltr - ok
19:23:57.0896 7548 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:23:57.0926 7548 fsssvc - ok
19:23:57.0966 7548 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
19:23:57.0966 7548 Fs_Rec - ok
19:23:57.0986 7548 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
19:23:57.0996 7548 gagp30kx - ok
19:23:58.0056 7548 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
19:23:58.0066 7548 gpsvc - ok
19:23:58.0106 7548 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:23:58.0116 7548 HdAudAddService - ok
19:23:58.0136 7548 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:23:58.0136 7548 HDAudBus - ok
19:23:58.0166 7548 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:23:58.0176 7548 HidBth - ok
19:23:58.0196 7548 HidIr (f24393c44fdfe2e5e9f416fd3bdf98e2) C:\Windows\system32\DRIVERS\hidir.sys
19:23:58.0196 7548 HidIr - ok
19:23:58.0206 7548 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
19:23:58.0216 7548 hidserv - ok
19:23:58.0236 7548 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
19:23:58.0246 7548 HidUsb - ok
19:23:58.0266 7548 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
19:23:58.0276 7548 hkmsvc - ok
19:23:58.0296 7548 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
19:23:58.0306 7548 HpCISSs - ok
19:23:58.0336 7548 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:23:58.0346 7548 HSFHWAZL - ok
19:23:58.0516 7548 HSF_DPV (3f53b4af98f8fd83b7f0b8b65d2d90a7) C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:23:58.0566 7548 HSF_DPV - ok
19:23:58.0596 7548 HSXHWAZL (194bc52fc0f53e540faf9de8a9c05255) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:23:58.0606 7548 HSXHWAZL - ok
19:23:58.0676 7548 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
19:23:58.0696 7548 HTTP - ok
19:23:58.0736 7548 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
19:23:58.0746 7548 i2omp - ok
19:23:58.0786 7548 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
19:23:58.0796 7548 i8042prt - ok
19:23:58.0896 7548 IAANTMON (ae38a12f79a4980ddb88f36514f8a1da) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:23:58.0926 7548 IAANTMON - ok
19:23:58.0966 7548 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\DRIVERS\iaStor.sys
19:23:58.0966 7548 iaStor - ok
19:23:59.0016 7548 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
19:23:59.0026 7548 iaStorV - ok
19:23:59.0236 7548 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:23:59.0266 7548 idsvc - ok
19:23:59.0346 7548 IDSvix86 (78432a57d085328cf8baf125985425d2) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20061025.029\IDSvix86.sys
19:23:59.0366 7548 IDSvix86 - ok
19:23:59.0606 7548 igfx (f93a6b133a2fa961cd49ddbcc16449bb) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:23:59.0646 7548 igfx - ok
19:23:59.0766 7548 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:23:59.0776 7548 iirsp - ok
19:23:59.0836 7548 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
19:23:59.0836 7548 IKEEXT - ok
19:23:59.0916 7548 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
19:23:59.0926 7548 int15 - ok
19:24:00.0126 7548 IntcAzAudAddService (90a10b39896040b3154613c11c932aeb) C:\Windows\system32\drivers\RTKVHDA.sys
19:24:00.0186 7548 IntcAzAudAddService - ok
19:24:00.0306 7548 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
19:24:00.0316 7548 intelide - ok
19:24:00.0336 7548 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
19:24:00.0336 7548 intelppm - ok
19:24:00.0376 7548 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
19:24:00.0396 7548 IPBusEnum - ok
19:24:00.0416 7548 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:24:00.0416 7548 IpFilterDriver - ok
19:24:00.0456 7548 IpInIp - ok
19:24:00.0526 7548 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
19:24:00.0536 7548 IPMIDRV - ok
19:24:00.0566 7548 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
19:24:00.0576 7548 IPNAT - ok
19:24:00.0616 7548 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
19:24:00.0626 7548 IRENUM - ok
19:24:00.0666 7548 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
19:24:00.0666 7548 isapnp - ok
19:24:00.0706 7548 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
19:24:00.0706 7548 iScsiPrt - ok
19:24:00.0786 7548 ISPwdSvc (36474fde02f8422b8b1a52ead9894dbc) C:\Program Files\Norton Internet Security\isPwdSvc.exe
19:24:00.0806 7548 ISPwdSvc - ok
19:24:00.0826 7548 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:24:00.0836 7548 iteatapi - ok
19:24:00.0886 7548 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:24:00.0896 7548 iteraid - ok
19:24:00.0936 7548 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
19:24:00.0956 7548 kbdclass - ok
19:24:00.0986 7548 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
19:24:00.0996 7548 kbdhid - ok
19:24:01.0036 7548 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:24:01.0046 7548 KeyIso - ok
19:24:01.0096 7548 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
19:24:01.0106 7548 KSecDD - ok
19:24:01.0146 7548 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
19:24:01.0156 7548 KtmRm - ok
19:24:01.0196 7548 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
19:24:01.0196 7548 LanmanServer - ok
19:24:01.0236 7548 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
19:24:01.0236 7548 LanmanWorkstation - ok
19:24:01.0306 7548 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:24:01.0326 7548 LightScribeService - ok
19:24:01.0606 7548 LiveUpdate (3c7fcbbc35e0a52ce9b12e9cc4f5b991) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
19:24:01.0696 7548 LiveUpdate - ok
19:24:01.0816 7548 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
19:24:01.0826 7548 lltdio - ok
19:24:01.0866 7548 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
19:24:01.0886 7548 lltdsvc - ok
19:24:01.0906 7548 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:24:01.0916 7548 lmhosts - ok
19:24:01.0946 7548 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
19:24:01.0956 7548 LSI_FC - ok
19:24:01.0976 7548 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
19:24:01.0986 7548 LSI_SAS - ok
19:24:02.0006 7548 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
19:24:02.0016 7548 LSI_SCSI - ok
19:24:02.0036 7548 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
19:24:02.0036 7548 luafv - ok
19:24:02.0096 7548 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
19:24:02.0106 7548 MBAMProtector - ok
19:24:02.0176 7548 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:24:02.0196 7548 MBAMService - ok
19:24:02.0236 7548 Mcx2Svc (e93c1ad58e88a0846eaee10671c2a8f3) C:\Windows\system32\Mcx2Svc.dll
19:24:02.0246 7548 Mcx2Svc - ok
19:24:02.0256 7548 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:24:02.0266 7548 mdmxsdk - ok
19:24:02.0306 7548 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
19:24:02.0316 7548 megasas - ok
19:24:02.0326 7548 meraksmtp - ok
19:24:02.0366 7548 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
19:24:02.0366 7548 MMCSS - ok
19:24:02.0406 7548 MobilityService - ok
19:24:02.0426 7548 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
19:24:02.0426 7548 Modem - ok
19:24:02.0456 7548 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
19:24:02.0456 7548 monitor - ok
19:24:02.0506 7548 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
19:24:02.0516 7548 mouclass - ok
19:24:02.0546 7548 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
19:24:02.0556 7548 mouhid - ok
19:24:02.0586 7548 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
19:24:02.0586 7548 MountMgr - ok
19:24:02.0616 7548 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
19:24:02.0626 7548 mpio - ok
19:24:02.0656 7548 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
19:24:02.0666 7548 mpsdrv - ok
19:24:02.0686 7548 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:24:02.0696 7548 Mraid35x - ok
19:24:02.0726 7548 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
19:24:02.0726 7548 MRxDAV - ok
19:24:02.0756 7548 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:24:02.0756 7548 mrxsmb - ok
19:24:02.0796 7548 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:24:02.0796 7548 mrxsmb10 - ok
19:24:02.0846 7548 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:24:02.0856 7548 mrxsmb20 - ok
19:24:02.0886 7548 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\DRIVERS\msahci.sys
19:24:02.0886 7548 msahci - ok
19:24:02.0916 7548 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
19:24:02.0926 7548 msdsm - ok
19:24:02.0966 7548 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
19:24:02.0986 7548 MSDTC - ok
19:24:03.0006 7548 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
19:24:03.0016 7548 Msfs - ok
19:24:03.0036 7548 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
19:24:03.0046 7548 msisadrv - ok
19:24:03.0106 7548 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
19:24:03.0116 7548 MSiSCSI - ok
19:24:03.0126 7548 msiserver - ok
19:24:03.0146 7548 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
19:24:03.0156 7548 MSKSSRV - ok
19:24:03.0196 7548 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
19:24:03.0206 7548 MSPCLOCK - ok
19:24:03.0226 7548 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
19:24:03.0236 7548 MSPQM - ok
19:24:03.0256 7548 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
19:24:03.0266 7548 MsRPC - ok
19:24:03.0296 7548 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
19:24:03.0296 7548 mssmbios - ok
19:24:03.0306 7548 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
19:24:03.0316 7548 MSTEE - ok
19:24:03.0336 7548 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
19:24:03.0336 7548 Mup - ok
19:24:03.0376 7548 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
19:24:03.0386 7548 napagent - ok
19:24:03.0426 7548 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
19:24:03.0436 7548 NativeWifiP - ok
19:24:03.0546 7548 NAVENG (ef04748a7a7266edbdbe02b161a0685d) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVENG.SYS
19:24:03.0546 7548 NAVENG - ok
19:24:03.0646 7548 NAVEX15 (09f3bfdc47718459b42d696cb671f65f) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVEX15.SYS
19:24:03.0656 7548 NAVEX15 - ok
19:24:03.0736 7548 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
19:24:03.0736 7548 NDIS - ok
19:24:03.0776 7548 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
19:24:03.0776 7548 NdisTapi - ok
19:24:03.0796 7548 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
19:24:03.0796 7548 Ndisuio - ok
19:24:03.0816 7548 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
19:24:03.0826 7548 NdisWan - ok
19:24:03.0846 7548 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
19:24:03.0846 7548 NDProxy - ok
19:24:04.0026 7548 Nero BackItUp Scheduler 3 (2aae889742376edc5c3203dfb74f28fd) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
19:24:04.0076 7548 Nero BackItUp Scheduler 3 - ok
19:24:04.0096 7548 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
19:24:04.0096 7548 NetBIOS - ok
19:24:04.0196 7548 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
19:24:04.0196 7548 netbt - ok
19:24:04.0226 7548 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:24:04.0226 7548 Netlogon - ok
19:24:04.0276 7548 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
19:24:04.0276 7548 Netman - ok
19:24:04.0336 7548 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
19:24:04.0346 7548 netprofm - ok
19:24:04.0486 7548 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:24:04.0506 7548 NetTcpPortSharing - ok
19:24:04.0676 7548 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
19:24:04.0696 7548 NETw3v32 - ok
19:24:04.0966 7548 NETw4v32 (cb3af516a6797b27725e3f1e73f3496c) C:\Windows\system32\DRIVERS\NETw4v32.sys
19:24:05.0026 7548 NETw4v32 - ok
19:24:05.0156 7548 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:24:05.0156 7548 nfrd960 - ok
19:24:05.0196 7548 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
19:24:05.0196 7548 NlaSvc - ok
19:24:05.0366 7548 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
19:24:05.0376 7548 NMIndexingService - ok
19:24:05.0396 7548 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
19:24:05.0406 7548 Npfs - ok
19:24:05.0446 7548 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
19:24:05.0446 7548 nsi - ok
19:24:05.0506 7548 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
19:24:05.0516 7548 nsiproxy - ok
19:24:05.0626 7548 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
19:24:05.0636 7548 Ntfs - ok
19:24:05.0676 7548 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
19:24:05.0686 7548 NTIDrvr - ok
19:24:05.0706 7548 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:24:05.0716 7548 ntrigdigi - ok
19:24:05.0736 7548 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
19:24:05.0736 7548 Null - ok
19:24:05.0766 7548 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
19:24:05.0766 7548 nvraid - ok
19:24:05.0796 7548 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
19:24:05.0806 7548 nvstor - ok
19:24:05.0826 7548 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
19:24:05.0836 7548 nv_agp - ok
19:24:05.0836 7548 NwlnkFlt - ok
19:24:05.0846 7548 NwlnkFwd - ok
19:24:05.0996 7548 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:24:06.0016 7548 odserv - ok
19:24:06.0046 7548 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
19:24:06.0056 7548 ohci1394 - ok
19:24:06.0096 7548 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:24:06.0106 7548 ose - ok
19:24:06.0186 7548 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:24:06.0216 7548 p2pimsvc - ok
19:24:06.0226 7548 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:24:06.0236 7548 p2psvc - ok
19:24:06.0276 7548 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:24:06.0286 7548 Parport - ok
19:24:06.0296 7548 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
19:24:06.0296 7548 partmgr - ok
19:24:06.0316 7548 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:24:06.0316 7548 Parvdm - ok
19:24:06.0356 7548 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
19:24:06.0356 7548 PcaSvc - ok
19:24:06.0366 7548 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
19:24:06.0376 7548 pci - ok
19:24:06.0426 7548 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\DRIVERS\pciide.sys
19:24:06.0436 7548 pciide - ok
19:24:06.0536 7548 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:24:06.0556 7548 pcmcia - ok
19:24:06.0666 7548 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:24:06.0676 7548 PEAUTH - ok
19:24:06.0896 7548 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
19:24:06.0926 7548 pla - ok
19:24:07.0006 7548 Planificateur LiveUpdate automatique (018fe8992fe4d70b69ae866ea0d83f0d) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
19:24:07.0026 7548 Planificateur LiveUpdate automatique - ok
19:24:07.0172 7548 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
19:24:07.0203 7548 PLFlash DeviceIoControl Service - ok
19:24:07.0244 7548 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
19:24:07.0254 7548 PlugPlay - ok
19:24:07.0334 7548 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:24:07.0344 7548 PNRPAutoReg - ok
19:24:07.0364 7548 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:24:07.0364 7548 PNRPsvc - ok
19:24:07.0424 7548 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
19:24:07.0424 7548 PolicyAgent - ok
19:24:07.0564 7548 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
19:24:07.0564 7548 PptpMiniport - ok
19:24:07.0634 7548 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
19:24:07.0654 7548 Processor - ok
19:24:07.0694 7548 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
19:24:07.0694 7548 ProfSvc - ok
19:24:07.0724 7548 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:24:07.0734 7548 ProtectedStorage - ok
19:24:07.0764 7548 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
19:24:07.0764 7548 PSched - ok
19:24:07.0784 7548 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
19:24:07.0794 7548 PSDFilter - ok
19:24:07.0824 7548 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
19:24:07.0844 7548 PSDNServ - ok
19:24:07.0874 7548 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
19:24:07.0884 7548 psdvdisk - ok
19:24:07.0984 7548 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
19:24:08.0024 7548 ql2300 - ok
19:24:08.0074 7548 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:24:08.0094 7548 ql40xx - ok
19:24:08.0144 7548 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
19:24:08.0144 7548 QWAVE - ok
19:24:08.0194 7548 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
19:24:08.0194 7548 QWAVEdrv - ok
19:24:08.0204 7548 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
19:24:08.0214 7548 RasAcd - ok
19:24:08.0234 7548 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
19:24:08.0244 7548 RasAuto - ok
19:24:08.0274 7548 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:24:08.0274 7548 Rasl2tp - ok
19:24:08.0314 7548 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
19:24:08.0334 7548 RasMan - ok
19:24:08.0354 7548 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
19:24:08.0364 7548 RasPppoe - ok
19:24:08.0414 7548 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
19:24:08.0414 7548 rdbss - ok
19:24:08.0444 7548 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:24:08.0454 7548 RDPCDD - ok
19:24:08.0534 7548 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
19:24:08.0544 7548 rdpdr - ok
19:24:08.0554 7548 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
19:24:08.0564 7548 RDPENCDD - ok
19:24:08.0604 7548 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
19:24:08.0624 7548 RDPWD - ok
19:24:08.0664 7548 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
19:24:08.0664 7548 RemoteAccess - ok
19:24:08.0714 7548 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
19:24:08.0724 7548 RemoteRegistry - ok
19:24:08.0804 7548 RichVideo (0a468612a19feb657d127e7c4810f6fc) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
19:24:08.0834 7548 RichVideo - ok
19:24:08.0864 7548 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
19:24:08.0874 7548 rimmptsk - ok
19:24:08.0914 7548 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
19:24:08.0924 7548 rimsptsk - ok
19:24:08.0954 7548 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
19:24:08.0964 7548 rismxdp - ok
19:24:08.0994 7548 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:24:08.0994 7548 RpcLocator - ok
19:24:09.0064 7548 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
19:24:09.0074 7548 RpcSs - ok
19:24:09.0104 7548 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
19:24:09.0114 7548 rspndr - ok
19:24:09.0134 7548 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:24:09.0134 7548 SamSs - ok
19:24:09.0154 7548 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:24:09.0154 7548 sbp2port - ok
19:24:09.0194 7548 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
19:24:09.0194 7548 SCardSvr - ok
19:24:09.0274 7548 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
19:24:09.0284 7548 Schedule - ok
19:24:09.0314 7548 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
19:24:09.0314 7548 SCPolicySvc - ok
19:24:09.0354 7548 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
19:24:09.0364 7548 sdbus - ok
19:24:09.0394 7548 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
19:24:09.0394 7548 SDRSVC - ok
19:24:09.0414 7548 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:24:09.0424 7548 secdrv - ok
19:24:09.0454 7548 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
19:24:09.0454 7548 seclogon - ok
19:24:09.0484 7548 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
19:24:09.0484 7548 SENS - ok
19:24:09.0524 7548 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:24:09.0534 7548 Serenum - ok
19:24:09.0554 7548 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:24:09.0574 7548 Serial - ok
19:24:09.0624 7548 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
19:24:09.0634 7548 sermouse - ok
19:24:09.0674 7548 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
19:24:09.0684 7548 SessionEnv - ok
19:24:09.0724 7548 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
19:24:09.0734 7548 sffdisk - ok
19:24:09.0754 7548 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
19:24:09.0754 7548 sffp_mmc - ok
19:24:09.0774 7548 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
19:24:09.0784 7548 sffp_sd - ok
19:24:09.0804 7548 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:24:09.0824 7548 sfloppy - ok
19:24:09.0894 7548 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
19:24:09.0904 7548 SharedAccess - ok
19:24:09.0964 7548 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
19:24:09.0974 7548 ShellHWDetection - ok
19:24:09.0994 7548 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
19:24:09.0994 7548 sisagp - ok
19:24:10.0024 7548 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
19:24:10.0034 7548 SiSRaid2 - ok
19:24:10.0054 7548 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
19:24:10.0064 7548 SiSRaid4 - ok
19:24:10.0254 7548 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
19:24:10.0304 7548 slsvc - ok
19:24:10.0424 7548 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
19:24:10.0424 7548 SLUINotify - ok
19:24:10.0504 7548 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
19:24:10.0514 7548 Smb - ok
19:24:10.0544 7548 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:24:10.0544 7548 SNMPTRAP - ok
19:24:10.0694 7548 SNP2UVC (ef1f141a83c61503333569d2862f3999) C:\Windows\system32\DRIVERS\snp2uvc.sys
19:24:10.0734 7548 SNP2UVC - ok
19:24:10.0864 7548 SPBBCDrv (905782bcf15b6e5af9905b77923c7fa2) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
19:24:10.0884 7548 SPBBCDrv - ok
19:24:10.0994 7548 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
19:24:10.0994 7548 spldr - ok
19:24:11.0014 7548 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
19:24:11.0024 7548 Spooler - ok
19:24:11.0054 7548 SRTSP (15e29eb26dd53eb6385629f4622b5519) C:\Windows\system32\Drivers\SRTSP.SYS
19:24:11.0054 7548 SRTSP - ok
19:24:11.0084 7548 SRTSPL (fd0c0333fae09dbd1170e0d607eca5c8) C:\Windows\system32\Drivers\SRTSPL.SYS
19:24:11.0104 7548 SRTSPL - ok
19:24:11.0124 7548 SRTSPX (7e60a4a4035be470f47c6806da57db99) C:\Windows\system32\Drivers\SRTSPX.SYS
19:24:11.0134 7548 SRTSPX - ok
19:24:11.0174 7548 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
19:24:11.0174 7548 srv - ok
19:24:11.0224 7548 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
19:24:11.0224 7548 srv2 - ok
19:24:11.0234 7548 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
19:24:11.0254 7548 srvnet - ok
19:24:11.0274 7548 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
19:24:11.0274 7548 SSDPSRV - ok
19:24:11.0334 7548 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
19:24:11.0344 7548 stisvc - ok
19:24:11.0374 7548 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
19:24:11.0374 7548 swenum - ok
19:24:11.0424 7548 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
19:24:11.0434 7548 swprv - ok
19:24:11.0654 7548 Symantec Core LC (2698cd77f4d73ea7988f0bc63de8e3d6) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
19:24:11.0714 7548 Symantec Core LC - ok
19:24:11.0744 7548 SymAppCore (2fe779b1a07747fed8074c433c3c4604) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
19:24:11.0764 7548 SymAppCore - ok
19:24:11.0894 7548 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:24:11.0914 7548 Symc8xx - ok
19:24:11.0944 7548 SymEvent (9d98270b5f10a4c84e8da417c30756e1) C:\Windows\system32\Drivers\SYMEVENT.SYS
19:24:11.0964 7548 SymEvent - ok
19:24:11.0994 7548 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:24:12.0004 7548 Sym_hi - ok
19:24:12.0034 7548 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:24:12.0044 7548 Sym_u3 - ok
19:24:12.0104 7548 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
19:24:12.0114 7548 SysMain - ok
19:24:12.0154 7548 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:24:12.0154 7548 TabletInputService - ok
19:24:12.0174 7548 tap0901 - ok
19:24:12.0214 7548 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
19:24:12.0224 7548 TapiSrv - ok
19:24:12.0234 7548 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
19:24:12.0244 7548 TBS - ok
19:24:12.0324 7548 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
19:24:12.0354 7548 Tcpip - ok
19:24:12.0384 7548 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
19:24:12.0384 7548 Tcpip6 - ok
19:24:12.0414 7548 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
19:24:12.0424 7548 tcpipreg - ok
19:24:12.0454 7548 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
19:24:12.0454 7548 TDPIPE - ok
19:24:12.0474 7548 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
19:24:12.0484 7548 TDTCP - ok
19:24:12.0524 7548 tdx (c46e1bfead0a2b4105c9fbc8da30a930) C:\Windows\system32\DRIVERS\tdx.sys
19:24:12.0534 7548 tdx ( Virus.Win32.ZAccess.c ) - infected
19:24:12.0534 7548 tdx - detected Virus.Win32.ZAccess.c (0)
19:24:12.0554 7548 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
19:24:12.0564 7548 TermDD - ok
19:24:12.0624 7548 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
19:24:12.0634 7548 TermService - ok
19:24:12.0684 7548 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
19:24:12.0684 7548 Themes - ok
19:24:12.0714 7548 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
19:24:12.0724 7548 THREADORDER - ok
19:24:12.0744 7548 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
19:24:12.0744 7548 TrkWks - ok
19:24:12.0804 7548 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
19:24:12.0804 7548 TrustedInstaller - ok
19:24:12.0824 7548 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:24:12.0834 7548 tssecsrv - ok
19:24:12.0864 7548 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
19:24:12.0864 7548 tunmp - ok
19:24:12.0884 7548 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
19:24:12.0884 7548 tunnel - ok
19:24:12.0924 7548 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
19:24:12.0934 7548 uagp35 - ok
19:24:12.0974 7548 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
19:24:12.0974 7548 udfs - ok
19:24:13.0024 7548 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
19:24:13.0024 7548 UI0Detect - ok
19:24:13.0054 7548 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
19:24:13.0064 7548 uliagpkx - ok
19:24:13.0094 7548 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
19:24:13.0104 7548 uliahci - ok
19:24:13.0134 7548 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:24:13.0154 7548 UlSata - ok
19:24:13.0174 7548 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:24:13.0174 7548 ulsata2 - ok
19:24:13.0214 7548 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
19:24:13.0224 7548 umbus - ok
19:24:13.0244 7548 uphclean - ok
19:24:13.0304 7548 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
19:24:13.0314 7548 upnphost - ok
19:24:13.0354 7548 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
19:24:13.0364 7548 usbccgp - ok
19:24:13.0394 7548 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:24:13.0404 7548 usbcir - ok
19:24:13.0424 7548 usbehci (11fa3acbf0de0286829c69e01fe705e4) C:\Windows\system32\DRIVERS\usbehci.sys
19:24:13.0434 7548 usbehci - ok
19:24:13.0474 7548 usbhub (6a7858a38b5105731e219e7c6a238730) C:\Windows\system32\DRIVERS\usbhub.sys
19:24:13.0494 7548 usbhub - ok
19:24:13.0524 7548 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:24:13.0534 7548 usbohci - ok
19:24:13.0564 7548 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
19:24:13.0574 7548 usbprint - ok
19:24:13.0614 7548 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:24:13.0614 7548 USBSTOR - ok
19:24:13.0634 7548 usbuhci (4013315fed70a2d293b998cbba4022ee) C:\Windows\system32\DRIVERS\usbuhci.sys
19:24:13.0644 7548 usbuhci - ok
19:24:13.0684 7548 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
19:24:13.0694 7548 UxSms - ok
19:24:13.0744 7548 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
19:24:13.0754 7548 vds - ok
19:24:13.0774 7548 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
19:24:13.0794 7548 vga - ok
19:24:13.0824 7548 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
19:24:13.0834 7548 VgaSave - ok
19:24:13.0864 7548 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
19:24:13.0884 7548 viaagp - ok
19:24:13.0914 7548 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
19:24:13.0924 7548 ViaC7 - ok
19:24:13.0944 7548 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
19:24:13.0954 7548 viaide - ok
19:24:13.0974 7548 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
19:24:13.0974 7548 volmgr - ok
19:24:14.0024 7548 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
19:24:14.0024 7548 volmgrx - ok
19:24:14.0054 7548 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
19:24:14.0054 7548 volsnap - ok
19:24:14.0094 7548 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
19:24:14.0104 7548 vsmraid - ok
19:24:14.0194 7548 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
19:24:14.0214 7548 VSS - ok
19:24:14.0264 7548 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
19:24:14.0264 7548 W32Time - ok
19:24:14.0304 7548 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:24:14.0314 7548 WacomPen - ok
19:24:14.0344 7548 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
19:24:14.0354 7548 Wanarp - ok
19:24:14.0364 7548 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
19:24:14.0364 7548 Wanarpv6 - ok
19:24:14.0404 7548 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
19:24:14.0404 7548 wcncsvc - ok
19:24:14.0434 7548 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:24:14.0444 7548 WcsPlugInService - ok
19:24:14.0474 7548 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
19:24:14.0484 7548 Wd - ok
19:24:14.0544 7548 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
19:24:14.0544 7548 Wdf01000 - ok
19:24:14.0564 7548 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
19:24:14.0564 7548 WdiServiceHost - ok
19:24:14.0584 7548 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
19:24:14.0584 7548 WdiSystemHost - ok
19:24:14.0624 7548 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
19:24:14.0634 7548 WebClient - ok
19:24:14.0664 7548 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
19:24:14.0674 7548 Wecsvc - ok
19:24:14.0684 7548 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
19:24:14.0684 7548 wercplsupport - ok
19:24:14.0714 7548 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
19:24:14.0714 7548 WerSvc - ok
19:24:14.0784 7548 winachsf (c9c63410d8cf98f621b9cc62243fb877) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:24:14.0814 7548 winachsf - ok
19:24:14.0824 7548 WinHttpAutoProxySvc - ok
19:24:14.0894 7548 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
19:24:14.0894 7548 Winmgmt - ok
19:24:14.0954 7548 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
19:24:14.0964 7548 WinRM - ok
19:24:15.0044 7548 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
19:24:15.0054 7548 Wlansvc - ok
19:24:15.0114 7548 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:24:15.0124 7548 WmiAcpi - ok
19:24:15.0164 7548 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
19:24:15.0174 7548 wmiApSrv - ok
19:24:15.0254 7548 WMIService (7641b16bd15a392de305d2b1c76aa42a) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
19:24:15.0274 7548 WMIService - ok
19:24:15.0404 7548 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:24:15.0424 7548 WMPNetworkSvc - ok
19:24:15.0474 7548 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
19:24:15.0484 7548 WPCSvc - ok
19:24:15.0504 7548 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
19:24:15.0504 7548 WPDBusEnum - ok
19:24:15.0574 7548 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
19:24:15.0584 7548 ws2ifsl - ok
19:24:15.0594 7548 WSearch - ok
19:24:15.0784 7548 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:24:15.0844 7548 wuauserv - ok
19:24:15.0954 7548 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:24:15.0964 7548 WUDFRd - ok
19:24:15.0984 7548 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
19:24:15.0984 7548 wudfsvc - ok
19:24:16.0024 7548 XAudio (2e579520e114a9ca309f13bf40ad8292) C:\Windows\system32\DRIVERS\xaudio.sys
19:24:16.0024 7548 XAudio - ok
19:24:16.0074 7548 XAudioService (f82fc2c30a19442b95ae554215837c46) C:\Windows\system32\DRIVERS\xaudio.exe
19:24:16.0154 7548 XAudioService - ok
19:24:16.0224 7548 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (8098180b3f6c430a4e60333bc036f936) C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
19:24:16.0234 7548 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
19:24:16.0254 7548 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
19:24:19.0954 7548 \Device\Harddisk0\DR0 - ok
19:24:19.0974 7548 Boot (0x1200) (d158322288337b034bd7fc75abf55836) \Device\Harddisk0\DR0\Partition0
19:24:19.0974 7548 \Device\Harddisk0\DR0\Partition0 - ok
19:24:19.0994 7548 Boot (0x1200) (886632fadce28bb3b4361c42b8e6f22b) \Device\Harddisk0\DR0\Partition1
19:24:19.0994 7548 \Device\Harddisk0\DR0\Partition1 - ok
19:24:19.0994 7548 ============================================================
19:24:19.0994 7548 Scan finished
19:24:19.0994 7548 ============================================================
19:24:20.0024 7540 Detected object count: 1
19:24:20.0024 7540 Actual detected object count: 1
19:26:27.0004 7540 C:\Windows\system32\DRIVERS\tdx.sys - copied to quarantine
19:26:27.0014 7540 C:\Windows\$NtUninstallKB32385$\258240997\@ - copied to quarantine
19:26:27.0014 7540 C:\Windows\$NtUninstallKB32385$\258240997\cfg.ini - copied to quarantine
19:26:27.0024 7540 C:\Windows\$NtUninstallKB32385$\258240997\Desktop.ini - copied to quarantine
19:26:27.0054 7540 C:\Windows\$NtUninstallKB32385$\258240997\L\qnbwvoto - copied to quarantine
19:26:27.0064 7540 C:\Windows\$NtUninstallKB32385$\258240997\oemid - copied to quarantine
19:26:27.0084 7540 C:\Windows\$NtUninstallKB32385$\258240997\U\00000001.@ - copied to quarantine
19:26:27.0144 7540 C:\Windows\$NtUninstallKB32385$\258240997\U\00000002.@ - copied to quarantine
19:26:27.0174 7540 C:\Windows\$NtUninstallKB32385$\258240997\U\00000004.@ - copied to quarantine
19:26:27.0204 7540 C:\Windows\$NtUninstallKB32385$\258240997\U\80000000.@ - copied to quarantine
19:26:27.0234 7540 C:\Windows\$NtUninstallKB32385$\258240997\U\80000004.@ - copied to quarantine
19:26:27.0264 7540 C:\Windows\$NtUninstallKB32385$\258240997\U\80000032.@ - copied to quarantine
19:26:27.0284 7540 C:\Windows\$NtUninstallKB32385$\258240997\version - copied to quarantine
19:26:27.0294 7540 VerifyFileNameVersionInfo: Get
0
Réponse 26 / 35
Utilisateur anonyme
 
Re

Pour vérification:

Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Ou ici : https://forospyware.com
>Renomme le pour l'enregistrer sur ton bureau en asdehi (tout simplement pour que l'infection ne le contre pas)
-> Double clique combofix.exe.(ou clic droit sous vista « exécuter en tant que... » )
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'Internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe ; (ou clic droit sous vista « exécuter en tant que... »)

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.


- Installe le console de récupération comme demandé ;utile en cas de plantage

- Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programme. Risque de figer l'ordinateur

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\ : risque de figer l'ordinateur (plantage complet)


::Si combofix détecte quelque chose et de demande a redémarrer tu acceptes


@+
0
Réponse 27 / 35
bxlucky
 
impossible d ouvrir le fichier combofix.txt
0
Réponse 28 / 35
bxlucky
 
en fait je peux rien ouvrir meme lancer internet
0
Réponse 29 / 35
bxlucky
 
c est bon

ComboFix 12-04-28.01 - bruno 28/04/2012 20:05:05.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.2037.1200 [GMT 2:00]
Lancé depuis: c:\users\bruno\Desktop\asdehi.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\drv\Tuner\Yuan\Resources\_desktop.ini
c:\windows\$NtUninstallKB32385$
c:\windows\$NtUninstallKB32385$\258240997\L\qnbwvoto
c:\windows\system32\bdaplgin.ax
c:\windows\system32\cero.rs
c:\windows\system32\dds_trash_log.cmd
c:\windows\system32\divxdec.ax
c:\windows\system32\esrb.rs
c:\windows\system32\g711codc.ax
c:\windows\system32\htvcdsvcd70.ax
c:\windows\system32\iac25_32.ax
c:\windows\system32\ir41_32.ax
c:\windows\system32\ivfsrc.ax
c:\windows\system32\ksproxy.ax
c:\windows\system32\kstvtune.ax
c:\windows\system32\Kswdmcap.ax
c:\windows\system32\ksxbar.ax
c:\windows\system32\Mpeg2Data.ax
c:\windows\system32\mpg2splt.ax
c:\windows\system32\MSDvbNP.ax
c:\windows\system32\MSNP.ax
c:\windows\system32\oflc.rs
c:\windows\system32\pegi-fi.rs
c:\windows\system32\pegi-pt.rs
c:\windows\system32\pegi.rs
c:\windows\system32\pegibbfc.rs
c:\windows\system32\psisrndr.ax
c:\windows\system32\usk.rs
c:\windows\system32\VBICodec.ax
c:\windows\system32\vbisurf.ax
c:\windows\system32\vidcap.ax
c:\windows\system32\WEB.rs
c:\windows\system32\WSTPager.ax
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AMService
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-03-28 au 2012-04-28 ))))))))))))))))))))))))))))))))))))
.
.
2012-04-28 20:01 . 2012-04-28 20:01 -------- d-----w- C:\_OTL
2012-04-28 18:15 . 2012-04-28 18:19 -------- d-----w- c:\users\bruno\AppData\Local\temp
2012-04-28 18:15 . 2012-04-28 18:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-28 17:26 . 2012-04-28 17:26 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-28 15:32 . 2012-04-28 15:32 -------- d-----w- c:\users\bruno\AppData\Roaming\Malwarebytes
2012-04-28 15:32 . 2012-04-28 15:32 -------- d-----w- c:\programdata\Malwarebytes
2012-04-28 15:32 . 2012-04-28 15:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-28 15:32 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-28 17:28 . 2006-11-02 08:57 68096 ----a-w- c:\windows\system32\drivers\tdx.sys
2012-04-27 03:40 . 2006-11-02 08:31 74752 ----a-w- c:\windows\system32\drivers\dfsc.sys
2012-03-07 19:20 . 2011-11-19 15:30 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2009-11-07 19:35 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-08 06:03 . 2012-03-06 19:53 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{412BF2C5-4008-444A-8162-A4F1537F999C}\mpengine.dll
2012-02-07 09:02 . 2012-02-07 09:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"= "c:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL" [2008-12-13 57344]
.
[HKEY_CLASSES_ROOT\clsid\{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-02-03 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 1286144]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 107112]
"IS CfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [2006-11-21 46728]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-11-21 22696]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-25 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-25 154392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-25 138008]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-06-27 752136]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-24 206952]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-8-10 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jmcheng]
2012-04-28 14:22 10752 ----a-w- c:\windows\System32\config\systemprofile\AppData\Local\jmcheng.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\lkapoer]
2012-03-12 19:32 10752 ----a-w- c:\windows\System32\config\systemprofile\AppData\Local\lkapoer.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - COMHOST
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
tap0901
foldersize
uphclean
meraksmtp
cmuda
PCDCODEC
.
Contenu du dossier 'Tâches planifiées'
.
2012-04-28 c:\windows\Tasks\User_Feed_Synchronization-{084DB03B-B2F6-4B43-8C0E-E5AEC842B1BC}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://m.fr.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://fr.fr.acer.yahoo.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-Acer Tour - (no file)
HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd
HKLM-Run-eRecoveryService - (no file)
SafeBoot-82236029.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-28 20:19
Windows 6.0.6000 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(3664)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\Microsoft\BingBar\BBSvc.EXE
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\acer\Empowering Technology\eNet\eNet Service.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\acer\Empowering Technology\ePower\ePowerSvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Launch Manager\LManager.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\acer\Empowering Technology\ENET\ENMTRAY.EXE
c:\acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
c:\acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
c:\acer\Empowering Technology\eRecovery\ERAGENT.EXE
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
.
**************************************************************************
.
Heure de fin: 2012-04-28 20:25:42 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-04-28 18:25
.
Avant-CF: 23 542 226 944 octets libres
Après-CF: 23 666 057 216 octets libres
.
- - End Of File - - F751B57962362E097DFF827349686CB6
0
Réponse 30 / 35
Utilisateur anonyme
 
Re

Quoi de neuf?
Toujours des problèmes?

@+
0
Réponse 31 / 35
bxlucky
 
a priorit tout marche nickel, je finis quelque mise a jour.

en tout cas un grand merci pour ton aide
0
Réponse 32 / 35
Utilisateur anonyme
 
Re

1) Télécharge DelFix de Xplode

* Lance le.
* A l'invite, [Suppression]
* Un rapport va s'ouvrir à la fin, colle le dans la réponse

Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]


2)C - Ccleaner :

https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/

.enregistres le sur le bureau
.double-cliques sur le fichier pour lancer l'installation
.sur la fenêtre de l'installation langage bien choisir français et OK
.cliques sur <gras>suivant
.lis la licence et j'accepte
.cliques sur suivant
.la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner
.cliques sur installer
.cliques sur fermer
.double-cliques ou clic droit sous Vista ou Seven sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
. coches la première case vieilles données du perfetch ce qui te donnes la case vielles données du perfetch
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vérifies en appuyant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.clique maintenant sur registre et puis sur rechercher les erreurs
.laisse tout coché et clique sur réparer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.clique sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et une fois fermé tu vérifies en relançant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner.

Tuto : https://jesses.pagesperso-orange.fr/Docs/Logiciels/CCleaner.htm




@+
0
Réponse 33 / 35
bxlucky
 
c est fait
0
Réponse 34 / 35
Utilisateur anonyme
 
RE

Si tu le dis..
Je te propose donc de clore ce post si tu n'as plus de problèmes..
@+
0
Réponse 35 / 35
bxlucky
 
je te remercie encore
0

Discussions similaires

Bref. Je cherche la police d'écriture de Bref
Ratus -
Calo mnie -

10 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Police d'écriture Ricard
ponkie -
Mike-31 -

2 réponses
Quel police est utilisé dans le logo Cartier?
Ciboulette123 -
^^Marie^^ -

1 réponse
Menace "Interpol" après webcam coquine
diego34 -
Panth33ra -

4 réponses