Bonjour...clique sur un lien je suis redirigé vers un autre

Fermé
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012 - Modifié par irongege le 6/10/2012 à 17:49
 Utilisateur anonyme - 27 oct. 2012 à 10:02
Bonjour,

je clique sur un lien de google et je suis redirigé vers un autre? serait'il possible svp. de m'aider je suis nouveau içi .

. merci de votre attention. encore une fois merci a l'avance de votre gentillesse.



25 réponses

andreaparker Messages postés 75 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 3 décembre 2012 8
6 oct. 2012 à 17:51
bonjour
il y a surement un spyware ou trojan
donc il faut faire un nettoyage
avec trojan killer
ou malwarebyte
ou spybot
ou rogue killer
0
Utilisateur anonyme
6 oct. 2012 à 18:16
Spybot = Daube à jeter.
Et si c'est sa page d'accueille qui change, c'est que c'est un adware..
0
Utilisateur anonyme
6 oct. 2012 à 17:51
salut

Attention !!! : cet outil peut etre détecté à tort comme virus
Attention !!! : cet outil est puissant suivre scrupuleusement les instructions ci-dessous

tous les processus "non vitaux de windows" vont être coupés , enregistre ton travail.

Désactive toutes tes protections si possible , antivirus , sandbox , pare-feux , etc....

telecharge et enregistre Pre_Scan sur ton bureau :

https://forums-fec.be/gen-hackman/Pre_Scan.exe

si le lien ne fonctionne pas :

http://general-changelog-team.fr/fr/downloads/viewdownload/41-outils-de-gen-hackman/52-pre-scan
http://www.archive-host.com

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

https://forums-fec.be/gen-hackman/Pre_Scan.pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan

Il est possible que l'outil fasse redemarrer ton pc , laisse-le faire

NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider


0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
6 oct. 2012 à 18:16
il ne veut pas l'ouvrir??
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
6 oct. 2012 à 18:19
ok j'ai réussi a le mettre sur mon bureau mais je vais quand meme imprimer tes instructiion je ne veut pas me retrouver tout seul et ne pas savoir quoi faire merci encore je commence...
0
rebonjour voila le lien tel que demandé du post prescan

http://pjjoint.malekal.com/files.php?id=20121007_d11i8y12k15i5
0
Utilisateur anonyme
6 oct. 2012 à 17:56
bonjour,

De quel lien parle tu ? Sur quel lien tu as clicler ? Sur quel site/lien est tu arrivé ?
Essaye d'être plus préçis dans tes questions !
Pour ma part je pense que tu a du cliquer sur un lien faisant de la pub qui apparait en fonction de ta recherche.

C'est mon avis mais je suis loin d'être un expert j'ai eu le m^me probléme que toi.
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
6 oct. 2012 à 18:02
merci, je croit que c est généraliser a google et autres..
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
6 oct. 2012 à 18:13
ok je suis un peu perdu sur se site excusé moi, je ne saisi pas bien quoi faire,je perd le fil içi, on recomence si vous le voulez bien ,merci.
ca ma l'air du probleme assez complexe a résoudre... merci a l'avance.
0
Utilisateur anonyme
6 oct. 2012 à 18:22
Désactive ton antivirus, ta sandbox, pare feu etc....
En gros désactive tous les processus sauf explorer.exe et les processus voitaux de windows, l'outil s'en chargera.

Le lien ( https://forums-fec.be/gen-hackman/Pre_Scan.exe ) va te télécharger un "Winlogon.exe" pour duper l'infection.
Une fois winlogon (Pre_Scan) téléchargé sur le bureau, l'exécuter.
Cliquer sur "Kill"
Si une erreur se produit, nous en informer.
Si l'outil détecte certaines infections, les supprimer comme dit plus haut par G3n.
Puis poster le lien du rapport qui se trouve sur le bureau, et l'héberger sur un site du genre de http://pjjoint.malekal.com ou cjoint.com si pijoint ne marche pas.
Une fois ceci exécuté, poster le lien du rapport après l'avoir envoyer sur pijoint ou cjoint.
J'espère t'avoir aidé :) !
Bonne continuation à vous deux!
0
merci je te soumet aussi le lien plus on es mieux c'est pour resoudre ce facheux problème
0
Utilisateur anonyme
7 oct. 2012 à 11:01
Ok G3n s'occupera de toi t'inquiète, et ton problème sera résolue (ce n'est pas bien grave).
0
merci Homerlulu vous j'aprécie le coup de pouce.
0
Utilisateur anonyme
7 oct. 2012 à 12:46
re

relance l'outil , clique sur diag puis heberge le rapport
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
7 oct. 2012 à 18:47
bonjour g3n,
quand il a terminer ou puije trouver le rapport il n'est pas sur mon bureau?
0
Utilisateur anonyme
7 oct. 2012 à 20:24
Va voir dans le C:\ ?
0
Utilisateur anonyme
7 oct. 2012 à 20:47
clic droit sur le bureau => acutaliser
0
Utilisateur anonyme
7 oct. 2012 à 20:48
+1
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
9 oct. 2012 à 02:25
bonjour a vous deux, g3n et Homerlulu, j'ai relancer le program winlogon et ensuite,j'ai cliqué sur diag comme tu me l'a indiquer. je suis rester devant l'ordi et j'ai regarder faire le programe scaner mon ordi et quand il a terminer, il a arrêter tout d'un coup et aucun dossiers ne c'est ajouter sur mon bureau?? que doije faire.......?
0
dans tes icones , un fichier texte

Pre_Diag_etc......
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
9 oct. 2012 à 02:40
re. sais tu comment prendre en photo son bureau je vais te le montrer tu verras qu'il n'y a rien! je comprend pas.....
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
9 oct. 2012 à 02:47
commet faire copie d'écran?
0
Utilisateur anonyme
9 oct. 2012 à 02:54
regarde dans c:\ alors
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
9 oct. 2012 à 02:56
j'ai fait une recherche dossier sous Pre_Diag_ et rien n'est sorti??
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
9 oct. 2012 à 03:04
excuse moi! mais ca commence a me prendre la tête, est ce que je fait quelque chose de pas correct??
0
Utilisateur anonyme
9 oct. 2012 à 08:14
▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan"

Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
Si Rootkit.Win32.ZAccess.* est détecté règle sur "cure" en haut , et "delete" en bas

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.

0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
10 oct. 2012 à 04:40
22:36:12.0300 0988 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
22:36:12.0554 0988 ============================================================
22:36:12.0554 0988 Current date / time: 2012/10/09 22:36:12.0554
22:36:12.0554 0988 SystemInfo:
22:36:12.0554 0988
22:36:12.0554 0988 OS Version: 6.1.7601 ServicePack: 1.0
22:36:12.0554 0988 Product type: Workstation
22:36:12.0554 0988 ComputerName: FS662-PC
22:36:12.0554 0988 UserName: Sylvain
22:36:12.0554 0988 Windows directory: C:\windows
22:36:12.0554 0988 System windows directory: C:\windows
22:36:12.0555 0988 Running under WOW64
22:36:12.0555 0988 Processor architecture: Intel x64
22:36:12.0555 0988 Number of processors: 4
22:36:12.0555 0988 Page size: 0x1000
22:36:12.0555 0988 Boot type: Normal boot
22:36:12.0555 0988 ============================================================
22:36:13.0358 0988 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:36:13.0359 0988 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:36:13.0364 0988 ============================================================
22:36:13.0364 0988 \Device\Harddisk1\DR1:
22:36:13.0365 0988 MBR partitions:
22:36:13.0365 0988 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:36:13.0365 0988 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3712E000
22:36:13.0365 0988 \Device\Harddisk0\DR0:
22:36:13.0365 0988 MBR partitions:
22:36:13.0365 0988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2410AAE1
22:36:13.0365 0988 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2410AB20, BlocksNum 0x1322BA1
22:36:13.0365 0988 ============================================================
22:36:13.0373 0988 C: <-> \Device\Harddisk1\DR1\Partition2
22:36:13.0401 0988 D: <-> \Device\Harddisk0\DR0\Partition2
22:36:13.0445 0988 E: <-> \Device\Harddisk0\DR0\Partition1
22:36:13.0445 0988 ============================================================
22:36:13.0445 0988 Initialize success
22:36:13.0445 0988 ============================================================
22:36:16.0111 5040 ============================================================
22:36:16.0111 5040 Scan started
22:36:16.0111 5040 Mode: Manual;
22:36:16.0111 5040 ============================================================
22:36:16.0615 5040 ================ Scan system memory ========================
22:36:16.0615 5040 System memory - ok
22:36:16.0616 5040 ================ Scan services =============================
22:36:16.0752 5040 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
22:36:16.0754 5040 1394ohci - ok
22:36:16.0784 5040 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
22:36:16.0787 5040 ACPI - ok
22:36:16.0800 5040 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
22:36:16.0800 5040 AcpiPmi - ok
22:36:16.0908 5040 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:36:16.0909 5040 AdobeARMservice - ok
22:36:17.0136 5040 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:36:17.0138 5040 AdobeFlashPlayerUpdateSvc - ok
22:36:17.0176 5040 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
22:36:17.0179 5040 adp94xx - ok
22:36:17.0216 5040 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
22:36:17.0218 5040 adpahci - ok
22:36:17.0235 5040 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
22:36:17.0236 5040 adpu320 - ok
22:36:17.0294 5040 [ BB6F577A7BB95B5CD3A7BBECB104C100 ] AE3000 C:\windows\system32\DRIVERS\AE3000w764.sys
22:36:17.0306 5040 AE3000 - ok
22:36:17.0331 5040 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
22:36:17.0332 5040 AeLookupSvc - ok
22:36:17.0389 5040 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
22:36:17.0392 5040 AFD - ok
22:36:17.0416 5040 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
22:36:17.0417 5040 agp440 - ok
22:36:17.0431 5040 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
22:36:17.0432 5040 ALG - ok
22:36:17.0445 5040 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
22:36:17.0446 5040 aliide - ok
22:36:17.0476 5040 [ 03EF6DE693096A19C677FD262B7F3155 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
22:36:17.0478 5040 AMD External Events Utility - ok
22:36:17.0511 5040 AMD FUEL Service - ok
22:36:17.0526 5040 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
22:36:17.0526 5040 amdide - ok
22:36:17.0540 5040 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\windows\system32\DRIVERS\amdiox64.sys
22:36:17.0541 5040 amdiox64 - ok
22:36:17.0550 5040 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
22:36:17.0551 5040 AmdK8 - ok
22:36:17.0709 5040 [ D7048FA43C3B7F0885022730737AEA10 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
22:36:17.0773 5040 amdkmdag - ok
22:36:17.0804 5040 [ DF5950F967D6911433A4B80338B527CC ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
22:36:17.0806 5040 amdkmdap - ok
22:36:17.0817 5040 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
22:36:17.0818 5040 AmdPPM - ok
22:36:17.0853 5040 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
22:36:17.0854 5040 amdsata - ok
22:36:17.0885 5040 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
22:36:17.0887 5040 amdsbs - ok
22:36:17.0909 5040 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
22:36:17.0909 5040 amdxata - ok
22:36:17.0932 5040 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
22:36:17.0933 5040 AppID - ok
22:36:17.0951 5040 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
22:36:17.0953 5040 AppIDSvc - ok
22:36:17.0964 5040 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
22:36:17.0965 5040 Appinfo - ok
22:36:18.0053 5040 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:36:18.0054 5040 Apple Mobile Device - ok
22:36:18.0060 5040 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
22:36:18.0061 5040 arc - ok
22:36:18.0067 5040 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
22:36:18.0068 5040 arcsas - ok
22:36:18.0078 5040 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
22:36:18.0079 5040 AsyncMac - ok
22:36:18.0090 5040 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
22:36:18.0090 5040 atapi - ok
22:36:18.0119 5040 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
22:36:18.0121 5040 AtiHDAudioService - ok
22:36:18.0283 5040 [ D7048FA43C3B7F0885022730737AEA10 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
22:36:18.0347 5040 atikmdag - ok
22:36:18.0390 5040 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
22:36:18.0395 5040 AudioEndpointBuilder - ok
22:36:18.0406 5040 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
22:36:18.0411 5040 AudioSrv - ok
22:36:18.0475 5040 [ 3D19081FEDE8E9EF5B4FBB5F88EE4544 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
22:36:18.0477 5040 AVP - ok
22:36:18.0490 5040 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
22:36:18.0492 5040 AxInstSV - ok
22:36:18.0521 5040 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
22:36:18.0524 5040 b06bdrv - ok
22:36:18.0551 5040 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
22:36:18.0554 5040 b57nd60a - ok
22:36:18.0569 5040 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
22:36:18.0571 5040 BDESVC - ok
22:36:18.0593 5040 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
22:36:18.0594 5040 Beep - ok
22:36:18.0625 5040 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
22:36:18.0630 5040 BFE - ok
22:36:18.0668 5040 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
22:36:18.0675 5040 BITS - ok
22:36:18.0706 5040 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
22:36:18.0706 5040 blbdrive - ok
22:36:18.0760 5040 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:36:18.0764 5040 Bonjour Service - ok
22:36:18.0786 5040 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
22:36:18.0787 5040 bowser - ok
22:36:18.0811 5040 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
22:36:18.0812 5040 BrFiltLo - ok
22:36:18.0817 5040 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
22:36:18.0817 5040 BrFiltUp - ok
22:36:18.0853 5040 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
22:36:18.0855 5040 Browser - ok
22:36:18.0863 5040 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
22:36:18.0865 5040 Brserid - ok
22:36:18.0898 5040 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
22:36:18.0899 5040 BrSerWdm - ok
22:36:18.0905 5040 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
22:36:18.0906 5040 BrUsbMdm - ok
22:36:18.0920 5040 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
22:36:18.0921 5040 BrUsbSer - ok
22:36:18.0933 5040 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
22:36:18.0934 5040 BTHMODEM - ok
22:36:18.0974 5040 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
22:36:18.0975 5040 bthserv - ok
22:36:18.0989 5040 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
22:36:18.0990 5040 cdfs - ok
22:36:19.0010 5040 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
22:36:19.0011 5040 cdrom - ok
22:36:19.0032 5040 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
22:36:19.0034 5040 CertPropSvc - ok
22:36:19.0046 5040 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
22:36:19.0047 5040 circlass - ok
22:36:19.0061 5040 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
22:36:19.0064 5040 CLFS - ok
22:36:19.0125 5040 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:36:19.0126 5040 clr_optimization_v2.0.50727_32 - ok
22:36:19.0156 5040 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:36:19.0157 5040 clr_optimization_v2.0.50727_64 - ok
22:36:19.0225 5040 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:36:19.0226 5040 clr_optimization_v4.0.30319_32 - ok
22:36:19.0244 5040 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:36:19.0246 5040 clr_optimization_v4.0.30319_64 - ok
22:36:19.0272 5040 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
22:36:19.0273 5040 CmBatt - ok
22:36:19.0278 5040 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
22:36:19.0278 5040 cmdide - ok
22:36:19.0334 5040 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
22:36:19.0338 5040 CNG - ok
22:36:19.0352 5040 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
22:36:19.0352 5040 Compbatt - ok
22:36:19.0368 5040 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
22:36:19.0369 5040 CompositeBus - ok
22:36:19.0374 5040 COMSysApp - ok
22:36:19.0390 5040 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
22:36:19.0390 5040 crcdisk - ok
22:36:19.0434 5040 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
22:36:19.0436 5040 CryptSvc - ok
22:36:19.0490 5040 [ AB1201F8DE199E764DA9A32ABF71049C ] CSCrySec C:\windows\system32\DRIVERS\CSCrySec.sys
22:36:19.0491 5040 CSCrySec - ok
22:36:19.0544 5040 [ 6E5B42219F1FE4A3D087D9D501E343D5 ] CSObjectsSrv C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
22:36:19.0549 5040 CSObjectsSrv - ok
22:36:19.0577 5040 [ A6EED705BB510FA6B0F9F097165A3395 ] CSVirtualDiskDrv C:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys
22:36:19.0578 5040 CSVirtualDiskDrv - ok
22:36:19.0672 5040 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:36:19.0678 5040 cvhsvc - ok
22:36:19.0714 5040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
22:36:19.0719 5040 DcomLaunch - ok
22:36:19.0742 5040 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
22:36:19.0745 5040 defragsvc - ok
22:36:19.0754 5040 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
22:36:19.0755 5040 DfsC - ok
22:36:19.0774 5040 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
22:36:19.0777 5040 Dhcp - ok
22:36:19.0797 5040 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
22:36:19.0798 5040 discache - ok
22:36:19.0821 5040 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
22:36:19.0822 5040 Disk - ok
22:36:19.0847 5040 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
22:36:19.0849 5040 Dnscache - ok
22:36:19.0865 5040 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
22:36:19.0868 5040 dot3svc - ok
22:36:19.0884 5040 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
22:36:19.0886 5040 DPS - ok
22:36:19.0909 5040 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
22:36:19.0910 5040 drmkaud - ok
22:36:19.0952 5040 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
22:36:19.0955 5040 dtsoftbus01 - ok
22:36:19.0983 5040 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
22:36:19.0990 5040 DXGKrnl - ok
22:36:20.0005 5040 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
22:36:20.0007 5040 EapHost - ok
22:36:20.0065 5040 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
22:36:20.0086 5040 ebdrv - ok
22:36:20.0131 5040 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
22:36:20.0132 5040 EFS - ok
22:36:20.0201 5040 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
22:36:20.0206 5040 ehRecvr - ok
22:36:20.0222 5040 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
22:36:20.0223 5040 ehSched - ok
22:36:20.0263 5040 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
22:36:20.0267 5040 elxstor - ok
22:36:20.0314 5040 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
22:36:20.0315 5040 EpsonBidirectionalService - ok
22:36:20.0380 5040 [ 757305C7AD34222F4A46D86FE0BEE241 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
22:36:20.0384 5040 EpsonCustomerParticipation - ok
22:36:20.0407 5040 [ 7C5BFAAC8DCE7292B0C04EBF892E71F9 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
22:36:20.0408 5040 EPSON_EB_RPCV4_04 - ok
22:36:20.0418 5040 [ D4615670CD49A1679E6067F155C47C68 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
22:36:20.0419 5040 EPSON_PM_RPCV4_04 - ok
22:36:20.0426 5040 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
22:36:20.0426 5040 ErrDev - ok
22:36:20.0461 5040 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
22:36:20.0464 5040 EventSystem - ok
22:36:20.0485 5040 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
22:36:20.0486 5040 exfat - ok
22:36:20.0504 5040 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
22:36:20.0506 5040 fastfat - ok
22:36:20.0531 5040 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
22:36:20.0536 5040 Fax - ok
22:36:20.0543 5040 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
22:36:20.0543 5040 fdc - ok
22:36:20.0562 5040 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
22:36:20.0563 5040 fdPHost - ok
22:36:20.0575 5040 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
22:36:20.0577 5040 FDResPub - ok
22:36:20.0588 5040 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
22:36:20.0590 5040 FileInfo - ok
22:36:20.0603 5040 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
22:36:20.0604 5040 Filetrace - ok
22:36:20.0624 5040 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
22:36:20.0625 5040 flpydisk - ok
22:36:20.0643 5040 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
22:36:20.0645 5040 FltMgr - ok
22:36:20.0689 5040 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
22:36:20.0698 5040 FontCache - ok
22:36:20.0746 5040 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:36:20.0747 5040 FontCache3.0.0.0 - ok
22:36:20.0753 5040 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
22:36:20.0754 5040 FsDepends - ok
22:36:20.0789 5040 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
22:36:20.0790 5040 Fs_Rec - ok
22:36:20.0803 5040 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
22:36:20.0805 5040 fvevol - ok
22:36:20.0826 5040 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
22:36:20.0826 5040 gagp30kx - ok
22:36:20.0863 5040 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
22:36:20.0864 5040 GEARAspiWDM - ok
22:36:20.0896 5040 [ 676B3710A6F3D3A97A4B5859BC0E0BB7 ] GeneStor C:\windows\system32\DRIVERS\GeneStor.sys
22:36:20.0897 5040 GeneStor - ok
22:36:20.0924 5040 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
22:36:20.0930 5040 gpsvc - ok
22:36:20.0974 5040 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:36:20.0975 5040 gupdate - ok
22:36:20.0986 5040 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:36:20.0987 5040 gupdatem - ok
22:36:21.0024 5040 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:36:21.0025 5040 gusvc - ok
22:36:21.0049 5040 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
22:36:21.0049 5040 hcw85cir - ok
22:36:21.0059 5040 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:36:21.0062 5040 HdAudAddService - ok
22:36:21.0077 5040 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
22:36:21.0079 5040 HDAudBus - ok
22:36:21.0084 5040 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
22:36:21.0085 5040 HidBatt - ok
22:36:21.0098 5040 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
22:36:21.0099 5040 HidBth - ok
22:36:21.0111 5040 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
22:36:21.0112 5040 HidIr - ok
22:36:21.0136 5040 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
22:36:21.0137 5040 hidserv - ok
22:36:21.0144 5040 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
22:36:21.0145 5040 HidUsb - ok
22:36:21.0154 5040 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
22:36:21.0155 5040 hkmsvc - ok
22:36:21.0174 5040 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:36:21.0178 5040 HomeGroupListener - ok
22:36:21.0204 5040 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:36:21.0207 5040 HomeGroupProvider - ok
22:36:21.0233 5040 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
22:36:21.0234 5040 HpSAMD - ok
22:36:21.0259 5040 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
22:36:21.0264 5040 HTTP - ok
22:36:21.0278 5040 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
22:36:21.0279 5040 hwpolicy - ok
22:36:21.0318 5040 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
22:36:21.0319 5040 i8042prt - ok
22:36:21.0341 5040 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
22:36:21.0345 5040 iaStorV - ok
22:36:21.0405 5040 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:36:21.0411 5040 idsvc - ok
22:36:21.0429 5040 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
22:36:21.0430 5040 iirsp - ok
22:36:21.0462 5040 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
22:36:21.0469 5040 IKEEXT - ok
22:36:21.0529 5040 [ 177B4E48C7A288E70779B42AB81D2D06 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
22:36:21.0547 5040 IntcAzAudAddService - ok
22:36:21.0555 5040 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
22:36:21.0556 5040 intelide - ok
22:36:21.0583 5040 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
22:36:21.0583 5040 intelppm - ok
22:36:21.0610 5040 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
22:36:21.0611 5040 IPBusEnum - ok
22:36:21.0618 5040 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
22:36:21.0619 5040 IpFilterDriver - ok
22:36:21.0641 5040 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
22:36:21.0646 5040 iphlpsvc - ok
22:36:21.0653 5040 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
22:36:21.0654 5040 IPMIDRV - ok
22:36:21.0661 5040 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
22:36:21.0662 5040 IPNAT - ok
22:36:21.0723 5040 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:36:21.0729 5040 iPod Service - ok
22:36:21.0749 5040 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
22:36:21.0750 5040 IRENUM - ok
22:36:21.0756 5040 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
22:36:21.0756 5040 isapnp - ok
22:36:21.0771 5040 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
22:36:21.0773 5040 iScsiPrt - ok
22:36:21.0801 5040 [ 1DED0D0AA513E2A5862B20A520D3A1E1 ] JME Keyboard C:\Windows\jmesoft\Service.exe
22:36:21.0802 5040 JME Keyboard - ok
22:36:21.0810 5040 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
22:36:21.0811 5040 kbdclass - ok
22:36:21.0857 5040 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
22:36:21.0858 5040 kbdhid - ok
22:36:21.0871 5040 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
22:36:21.0873 5040 KeyIso - ok
22:36:21.0939 5040 [ 73BF91EFBE1F788D0615A396A9211A4B ] KL1 C:\windows\system32\DRIVERS\kl1.sys
22:36:21.0942 5040 KL1 - ok
22:36:21.0948 5040 [ DC3CF56209C6A19124FEDEF1CBFAF55B ] kl2 C:\windows\system32\DRIVERS\kl2.sys
22:36:21.0949 5040 kl2 - ok
22:36:22.0008 5040 [ 06F1E403D712083930310EB4BA9032C2 ] KLIF C:\windows\system32\DRIVERS\klif.sys
22:36:22.0013 5040 KLIF - ok
22:36:22.0021 5040 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\windows\system32\DRIVERS\klim6.sys
22:36:22.0022 5040 KLIM6 - ok
22:36:22.0030 5040 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\windows\system32\DRIVERS\klmouflt.sys
22:36:22.0031 5040 klmouflt - ok
22:36:22.0079 5040 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
22:36:22.0080 5040 KSecDD - ok
22:36:22.0102 5040 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
22:36:22.0103 5040 KSecPkg - ok
22:36:22.0156 5040 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
22:36:22.0157 5040 ksthunk - ok
22:36:22.0327 5040 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
22:36:22.0331 5040 KtmRm - ok
22:36:22.0366 5040 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
22:36:22.0369 5040 LanmanServer - ok
22:36:22.0385 5040 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:36:22.0388 5040 LanmanWorkstation - ok
22:36:22.0467 5040 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
22:36:22.0468 5040 LBTServ - ok
22:36:22.0503 5040 [ BECBD7CD46776B8739EE18061F45A581 ] LEqdUsb C:\windows\system32\DRIVERS\LEqdUsb.Sys
22:36:22.0504 5040 LEqdUsb - ok
22:36:22.0514 5040 [ 21D6BD7D62C270059EB8E2B1D4095880 ] LHidEqd C:\windows\system32\DRIVERS\LHidEqd.Sys
22:36:22.0515 5040 LHidEqd - ok
22:36:22.0524 5040 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\windows\system32\DRIVERS\LHidFilt.Sys
22:36:22.0525 5040 LHidFilt - ok
22:36:22.0547 5040 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
22:36:22.0548 5040 lltdio - ok
22:36:22.0571 5040 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
22:36:22.0574 5040 lltdsvc - ok
22:36:22.0597 5040 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
22:36:22.0598 5040 lmhosts - ok
22:36:22.0620 5040 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\windows\system32\DRIVERS\LMouFilt.Sys
22:36:22.0621 5040 LMouFilt - ok
22:36:22.0647 5040 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
22:36:22.0648 5040 LSI_FC - ok
22:36:22.0667 5040 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
22:36:22.0668 5040 LSI_SAS - ok
22:36:22.0674 5040 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
22:36:22.0675 5040 LSI_SAS2 - ok
22:36:22.0683 5040 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
22:36:22.0684 5040 LSI_SCSI - ok
22:36:22.0700 5040 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
22:36:22.0701 5040 luafv - ok
22:36:22.0720 5040 McAfee SiteAdvisor Service - ok
22:36:22.0740 5040 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
22:36:22.0742 5040 Mcx2Svc - ok
22:36:22.0795 5040 [ 32C69C706DA4F48F6169356C254C1F1A ] MDXAnalyticsService C:\Program Files (x86)\Microsoft Digital Experience\Microsoft.MDX.AnalyticsService.exe
22:36:22.0796 5040 MDXAnalyticsService - ok
22:36:22.0801 5040 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
22:36:22.0802 5040 megasas - ok
22:36:22.0816 5040 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
22:36:22.0818 5040 MegaSR - ok
22:36:22.0846 5040 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
22:36:22.0847 5040 MMCSS - ok
22:36:22.0862 5040 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
22:36:22.0863 5040 Modem - ok
22:36:22.0884 5040 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
22:36:22.0885 5040 monitor - ok
22:36:22.0896 5040 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
22:36:22.0896 5040 mouclass - ok
22:36:22.0913 5040 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
22:36:22.0913 5040 mouhid - ok
22:36:22.0930 5040 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
22:36:22.0931 5040 mountmgr - ok
22:36:22.0969 5040 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
22:36:22.0971 5040 mpio - ok
22:36:22.0988 5040 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
22:36:22.0989 5040 mpsdrv - ok
22:36:23.0013 5040 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
22:36:23.0019 5040 MpsSvc - ok
22:36:23.0032 5040 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
22:36:23.0033 5040 MRxDAV - ok
22:36:23.0057 5040 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
22:36:23.0059 5040 mrxsmb - ok
22:36:23.0085 5040 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
22:36:23.0087 5040 mrxsmb10 - ok
22:36:23.0102 5040 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
22:36:23.0103 5040 mrxsmb20 - ok
22:36:23.0128 5040 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
22:36:23.0129 5040 msahci - ok
22:36:23.0148 5040 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
22:36:23.0149 5040 msdsm - ok
22:36:23.0170 5040 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
22:36:23.0172 5040 MSDTC - ok
22:36:23.0198 5040 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
22:36:23.0199 5040 Msfs - ok
22:36:23.0212 5040 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
22:36:23.0213 5040 mshidkmdf - ok
22:36:23.0224 5040 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
22:36:23.0224 5040 msisadrv - ok
22:36:23.0258 5040 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
22:36:23.0260 5040 MSiSCSI - ok
22:36:23.0266 5040 msiserver - ok
22:36:23.0280 5040 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
22:36:23.0281 5040 MSKSSRV - ok
22:36:23.0287 5040 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
22:36:23.0288 5040 MSPCLOCK - ok
22:36:23.0296 5040 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
22:36:23.0297 5040 MSPQM - ok
22:36:23.0317 5040 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
22:36:23.0320 5040 MsRPC - ok
22:36:23.0334 5040 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
22:36:23.0335 5040 mssmbios - ok
22:36:23.0349 5040 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
22:36:23.0350 5040 MSTEE - ok
22:36:23.0356 5040 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
22:36:23.0356 5040 MTConfig - ok
22:36:23.0375 5040 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
22:36:23.0376 5040 Mup - ok
22:36:23.0403 5040 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
22:36:23.0408 5040 napagent - ok
22:36:23.0438 5040 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
22:36:23.0440 5040 NativeWifiP - ok
22:36:23.0490 5040 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
22:36:23.0496 5040 NDIS - ok
22:36:23.0513 5040 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
22:36:23.0514 5040 NdisCap - ok
22:36:23.0534 5040 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
22:36:23.0534 5040 NdisTapi - ok
22:36:23.0549 5040 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
22:36:23.0550 5040 Ndisuio - ok
22:36:23.0564 5040 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
22:36:23.0565 5040 NdisWan - ok
22:36:23.0575 5040 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
22:36:23.0575 5040 NDProxy - ok
22:36:23.0601 5040 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\windows\system32\DRIVERS\netaapl64.sys
22:36:23.0602 5040 Netaapl - ok
22:36:23.0610 5040 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
22:36:23.0612 5040 NetBIOS - ok
22:36:23.0630 5040 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
22:36:23.0632 5040 NetBT - ok
22:36:23.0653 5040 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
22:36:23.0654 5040 Netlogon - ok
22:36:23.0685 5040 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
22:36:23.0689 5040 Netman - ok
22:36:23.0700 5040 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
22:36:23.0705 5040 netprofm - ok
22:36:23.0738 5040 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:36:23.0739 5040 NetTcpPortSharing - ok
22:36:23.0770 5040 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
22:36:23.0770 5040 nfrd960 - ok
22:36:23.0800 5040 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
22:36:23.0803 5040 NlaSvc - ok
22:36:23.0815 5040 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
22:36:23.0816 5040 Npfs - ok
22:36:23.0828 5040 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
22:36:23.0829 5040 nsi - ok
22:36:23.0839 5040 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
22:36:23.0840 5040 nsiproxy - ok
22:36:23.0886 5040 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
22:36:23.0898 5040 Ntfs - ok
22:36:23.0923 5040 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
22:36:23.0924 5040 Null - ok
22:36:23.0944 5040 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
22:36:23.0945 5040 nvraid - ok
22:36:23.0958 5040 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
22:36:23.0960 5040 nvstor - ok
22:36:23.0975 5040 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
22:36:23.0976 5040 nv_agp - ok
22:36:23.0995 5040 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
22:36:23.0996 5040 ohci1394 - ok
22:36:24.0052 5040 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:36:24.0053 5040 ose - ok
22:36:24.0148 5040 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:36:24.0180 5040 osppsvc - ok
22:36:24.0208 5040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
22:36:24.0211 5040 p2pimsvc - ok
22:36:24.0230 5040 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
22:36:24.0234 5040 p2psvc - ok
22:36:24.0257 5040 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
22:36:24.0258 5040 Parport - ok
22:36:24.0305 5040 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
22:36:24.0306 5040 partmgr - ok
22:36:24.0313 5040 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
22:36:24.0316 5040 PcaSvc - ok
22:36:24.0330 5040 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
22:36:24.0332 5040 pci - ok
22:36:24.0338 5040 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
22:36:24.0338 5040 pciide - ok
22:36:24.0367 5040 PCLEPCI - ok
22:36:24.0389 5040 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
22:36:24.0390 5040 pcmcia - ok
22:36:24.0416 5040 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
22:36:24.0417 5040 pcw - ok
22:36:24.0429 5040 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
22:36:24.0434 5040 PEAUTH - ok
22:36:24.0491 5040 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
22:36:24.0492 5040 PerfHost - ok
22:36:24.0544 5040 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
22:36:24.0555 5040 pla - ok
22:36:24.0592 5040 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
22:36:24.0597 5040 PlugPlay - ok
22:36:24.0606 5040 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
22:36:24.0608 5040 PNRPAutoReg - ok
22:36:24.0624 5040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
22:36:24.0627 5040 PNRPsvc - ok
22:36:24.0654 5040 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
22:36:24.0658 5040 PolicyAgent - ok
22:36:24.0679 5040 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
22:36:24.0682 5040 Power - ok
22:36:24.0712 5040 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
22:36:24.0714 5040 PptpMiniport - ok
22:36:24.0730 5040 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
22:36:24.0731 5040 Processor - ok
22:36:24.0778 5040 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
22:36:24.0781 5040 ProfSvc - ok
22:36:24.0793 5040 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
22:36:24.0795 5040 ProtectedStorage - ok
22:36:24.0813 5040 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
22:36:24.0815 5040 Psched - ok
22:36:24.0852 5040 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
22:36:24.0863 5040 ql2300 - ok
22:36:24.0870 5040 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
22:36:24.0872 5040 ql40xx - ok
22:36:24.0902 5040 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
22:36:24.0905 5040 QWAVE - ok
22:36:24.0916 5040 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
22:36:24.0917 5040 QWAVEdrv - ok
22:36:24.0922 5040 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
22:36:24.0923 5040 RasAcd - ok
22:36:24.0953 5040 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
22:36:24.0954 5040 RasAgileVpn - ok
22:36:24.0969 5040 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
22:36:24.0972 5040 RasAuto - ok
22:36:24.0985 5040 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
22:36:24.0986 5040 Rasl2tp - ok
22:36:24.0999 5040 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
22:36:25.0002 5040 RasMan - ok
22:36:25.0016 5040 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
22:36:25.0017 5040 RasPppoe - ok
22:36:25.0026 5040 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
22:36:25.0027 5040 RasSstp - ok
22:36:25.0044 5040 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
22:36:25.0047 5040 rdbss - ok
22:36:25.0065 5040 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
22:36:25.0066 5040 rdpbus - ok
22:36:25.0086 5040 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
22:36:25.0087 5040 RDPCDD - ok
22:36:25.0098 5040 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
22:36:25.0099 5040 RDPENCDD - ok
22:36:25.0112 5040 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
22:36:25.0113 5040 RDPREFMP - ok
22:36:25.0158 5040 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
22:36:25.0160 5040 RDPWD - ok
22:36:25.0179 5040 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
22:36:25.0181 5040 rdyboost - ok
22:36:25.0203 5040 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
22:36:25.0205 5040 RemoteAccess - ok
22:36:25.0216 5040 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
22:36:25.0219 5040 RemoteRegistry - ok
22:36:25.0229 5040 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
22:36:25.0231 5040 RpcEptMapper - ok
22:36:25.0258 5040 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
22:36:25.0259 5040 RpcLocator - ok
22:36:25.0276 5040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
22:36:25.0281 5040 RpcSs - ok
22:36:25.0302 5040 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
22:36:25.0303 5040 rspndr - ok
22:36:25.0342 5040 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
22:36:25.0346 5040 RTL8167 - ok
22:36:25.0359 5040 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
22:36:25.0361 5040 SamSs - ok
22:36:25.0392 5040 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
22:36:25.0393 5040 sbp2port - ok
22:36:25.0429 5040 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
22:36:25.0432 5040 SCardSvr - ok
22:36:25.0445 5040 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
22:36:25.0445 5040 scfilter - ok
22:36:25.0483 5040 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
22:36:25.0492 5040 Schedule - ok
22:36:25.0518 5040 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
22:36:25.0519 5040 SCPolicySvc - ok
22:36:25.0530 5040 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
22:36:25.0533 5040 SDRSVC - ok
22:36:25.0550 5040 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
22:36:25.0550 5040 secdrv - ok
22:36:25.0566 5040 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
22:36:25.0568 5040 seclogon - ok
22:36:25.0580 5040 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
22:36:25.0582 5040 SENS - ok
22:36:25.0588 5040 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
22:36:25.0590 5040 SensrSvc - ok
22:36:25.0617 5040 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
22:36:25.0617 5040 Serenum - ok
22:36:25.0631 5040 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
22:36:25.0633 5040 Serial - ok
22:36:25.0638 5040 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
22:36:25.0639 5040 sermouse - ok
22:36:25.0668 5040 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
22:36:25.0670 5040 SessionEnv - ok
22:36:25.0689 5040 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
22:36:25.0689 5040 sffdisk - ok
22:36:25.0695 5040 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
22:36:25.0695 5040 sffp_mmc - ok
22:36:25.0702 5040 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
22:36:25.0703 5040 sffp_sd - ok
22:36:25.0709 5040 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
22:36:25.0710 5040 sfloppy - ok
22:36:25.0781 5040 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
22:36:25.0786 5040 Sftfs - ok
22:36:25.0833 5040 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:36:25.0837 5040 sftlist - ok
22:36:25.0855 5040 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
22:36:25.0857 5040 Sftplay - ok
22:36:25.0873 5040 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
22:36:25.0874 5040 Sftredir - ok
22:36:25.0884 5040 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
22:36:25.0884 5040 Sftvol - ok
22:36:25.0895 5040 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:36:25.0897 5040 sftvsa - ok
22:36:25.0917 5040 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
22:36:25.0920 5040 SharedAccess - ok
22:36:25.0944 5040 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:36:25.0949 5040 ShellHWDetection - ok
22:36:25.0983 5040 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
22:36:25.0984 5040 SiSRaid2 - ok
22:36:26.0005 5040 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
22:36:26.0006 5040 SiSRaid4 - ok
22:36:26.0020 5040 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
22:36:26.0022 5040 Smb - ok
22:36:26.0052 5040 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
22:36:26.0054 5040 SNMPTRAP - ok
22:36:26.0060 5040 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
22:36:26.0061 5040 spldr - ok
22:36:26.0102 5040 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
22:36:26.0108 5040 Spooler - ok
22:36:26.0170 5040 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
22:36:26.0195 5040 sppsvc - ok
22:36:26.0211 5040 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
22:36:26.0213 5040 sppuinotify - ok
22:36:26.0236 5040 sptd - ok
22:36:26.0266 5040 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
22:36:26.0270 5040 srv - ok
22:36:26.0285 5040 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
22:36:26.0288 5040 srv2 - ok
22:36:26.0300 5040 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
22:36:26.0302 5040 srvnet - ok
22:36:26.0330 5040 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
22:36:26.0334 5040 SSDPSRV - ok
22:36:26.0342 5040 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
22:36:26.0345 5040 SstpSvc - ok
22:36:26.0368 5040 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
22:36:26.0368 5040 stexstor - ok
22:36:26.0410 5040 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
22:36:26.0416 5040 stisvc - ok
22:36:26.0429 5040 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
22:36:26.0429 5040 swenum - ok
22:36:26.0452 5040 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
22:36:26.0457 5040 swprv - ok
22:36:26.0492 5040 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
22:36:26.0506 5040 SysMain - ok
22:36:26.0535 5040 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
22:36:26.0538 5040 TabletInputService - ok
22:36:26.0568 5040 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
22:36:26.0571 5040 TapiSrv - ok
22:36:26.0582 5040 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
22:36:26.0585 5040 TBS - ok
22:36:26.0648 5040 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
22:36:26.0661 5040 Tcpip - ok
22:36:26.0707 5040 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
22:36:26.0720 5040 TCPIP6 - ok
22:36:26.0753 5040 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
22:36:26.0754 5040 tcpipreg - ok
22:36:26.0773 5040 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
22:36:26.0774 5040 TDPIPE - ok
22:36:26.0813 5040 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
22:36:26.0814 5040 TDTCP - ok
22:36:26.0832 5040 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
22:36:26.0834 5040 tdx - ok
22:36:26.0865 5040 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
22:36:26.0866 5040 TermDD - ok
22:36:26.0901 5040 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
22:36:26.0907 5040 TermService - ok
22:36:26.0918 5040 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
22:36:26.0920 5040 Themes - ok
22:36:26.0933 5040 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
22:36:26.0935 5040 THREADORDER - ok
22:36:26.0948 5040 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
22:36:26.0951 5040 TrkWks - ok
22:36:26.0999 5040 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
22:36:27.0001 5040 TrustedInstaller - ok
22:36:27.0027 5040 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
22:36:27.0028 5040 tssecsrv - ok
22:36:27.0057 5040 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
22:36:27.0058 5040 TsUsbFlt - ok
22:36:27.0072 5040 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
22:36:27.0072 5040 TsUsbGD - ok
22:36:27.0096 5040 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
22:36:27.0097 5040 tunnel - ok
22:36:27.0104 5040 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
22:36:27.0105 5040 uagp35 - ok
22:36:27.0131 5040 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
22:36:27.0134 5040 udfs - ok
22:36:27.0161 5040 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
22:36:27.0163 5040 UI0Detect - ok
22:36:27.0180 5040 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
22:36:27.0181 5040 uliagpkx - ok
22:36:27.0203 5040 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
22:36:27.0204 5040 umbus - ok
22:36:27.0217 5040 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
22:36:27.0218 5040 UmPass - ok
22:36:27.0245 5040 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
22:36:27.0250 5040 upnphost - ok
22:36:27.0276 5040 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
22:36:27.0276 5040 USBAAPL64 - ok
22:36:27.0301 5040 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
22:36:27.0302 5040 usbccgp - ok
22:36:27.0325 5040 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
22:36:27.0326 5040 usbcir - ok
22:36:27.0476 5040 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
22:36:27.0477 5040 usbehci - ok
22:36:27.0582 5040 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
22:36:27.0585 5040 usbhub - ok
22:36:27.0602 5040 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
22:36:27.0602 5040 usbohci - ok
22:36:27.0628 5040 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
22:36:27.0629 5040 usbprint - ok
22:36:27.0671 5040 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
22:36:27.0672 5040 usbscan - ok
22:36:27.0687 5040 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
22:36:27.0689 5040 USBSTOR - ok
22:36:27.0703 5040 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
22:36:27.0704 5040 usbuhci - ok
22:36:27.0725 5040 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
22:36:27.0728 5040 UxSms - ok
22:36:27.0740 5040 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
22:36:27.0741 5040 VaultSvc - ok
22:36:27.0766 5040 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
22:36:27.0767 5040 vdrvroot - ok
22:36:27.0784 5040 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
22:36:27.0790 5040 vds - ok
22:36:27.0808 5040 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
22:36:27.0809 5040 vga - ok
22:36:27.0821 5040 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
22:36:27.0822 5040 VgaSave - ok
22:36:27.0830 5040 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
22:36:27.0832 5040 vhdmp - ok
22:36:27.0839 5040 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
22:36:27.0840 5040 viaide - ok
22:36:27.0855 5040 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
22:36:27.0857 5040 volmgr - ok
22:36:27.0872 5040 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
22:36:27.0875 5040 volmgrx - ok
22:36:27.0885 5040 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
22:36:27.0887 5040 volsnap - ok
22:36:27.0919 5040 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
22:36:27.0920 5040 vsmraid - ok
22:36:27.0963 5040 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
22:36:27.0976 5040 VSS - ok
22:36:27.0994 5040 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
22:36:27.0994 5040 vwifibus - ok
22:36:28.0020 5040 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
22:36:28.0022 5040 vwififlt - ok
22:36:28.0045 5040 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
22:36:28.0046 5040 vwifimp - ok
22:36:28.0074 5040 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
22:36:28.0078 5040 W32Time - ok
22:36:28.0094 5040 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
22:36:28.0095 5040 WacomPen - ok
22:36:28.0115 5
0
Utilisateur anonyme
10 oct. 2012 à 09:35
heberge-le il est trop long stp
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
10 oct. 2012 à 12:58
bonmatin , voici tel que demandé,
bonne journée.
https://pjjoint.malekal.com/files.php?id=20121010_i9t15f6u15l10
0
Utilisateur anonyme
10 oct. 2012 à 13:36
/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

__________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>[u]Ne pas utiliser en dehors de ce cas de figure : dangereux<<<<<<<<
=====================================================


Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur

Telecharge ici : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Combofix

Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n'est pas suffisante.
Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\

_________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>>Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage
de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°


si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur combofix renommé

!!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!


n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
10 oct. 2012 à 14:31
ComboFix 12-10-09.01 - Sylvain 2012-10-10 8:02.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.2.1036.18.3578.1957 [GMT -4:00]
Lancé depuis: c:\users\Sylvain\Desktop\sylvain.exe
AV: Kaspersky PURE 2.0 *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky PURE 2.0 *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky PURE 2.0 *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Sylvain\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-09-10 au 2012-10-10 ))))))))))))))))))))))))))))))))))))
.
.
2012-10-10 12:15 . 2012-10-10 12:15 -------- d-----w- c:\users\Naya\AppData\Local\temp
2012-10-10 12:15 . 2012-10-10 12:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-06 16:32 . 2012-10-09 00:14 -------- d-----w- C:\Pre_Scan
2012-10-05 21:28 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8E2FDF38-2102-4F94-9D55-AF4FC9F1DDBA}\mpengine.dll
2012-10-03 13:00 . 2012-10-03 13:00 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-09-30 23:41 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-09-30 23:41 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-09-30 15:04 . 2012-09-30 15:04 -------- d-----w- c:\users\Naya\AppData\Roaming\Atari
2012-09-30 00:42 . 2012-09-30 00:42 -------- d-----w- c:\windows\SysWow64\1017
2012-09-29 18:32 . 2005-04-04 03:00 184320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-09-29 18:32 . 2005-04-04 03:00 63488 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2012-09-29 18:32 . 2005-04-04 03:02 753664 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-09-29 18:32 . 2005-04-04 03:02 69714 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-09-29 18:32 . 2005-04-04 03:01 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-09-29 18:32 . 2005-04-04 02:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-09-29 18:32 . 2012-09-29 18:32 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-09-29 18:32 . 2012-09-29 18:32 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2012-09-29 01:24 . 2012-09-29 01:24 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-09-28 04:12 . 2012-09-28 04:12 -------- d-----w- c:\users\Sylvain\AppData\Local\MPlayer
2012-09-28 02:52 . 2012-09-28 02:52 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-09-28 02:51 . 2012-09-28 02:51 -------- d-----w- c:\users\Sylvain\AppData\Local\Microsoft Help
2012-09-28 02:51 . 2012-10-01 01:06 -------- d-----w- c:\programdata\Microsoft Help
2012-09-25 22:59 . 2012-09-25 22:59 0 ----a-w- c:\windows\SysWow64\sho65A5.tmp
2012-09-25 22:57 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-25 02:44 . 2012-09-25 02:44 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-09-24 02:02 . 2012-09-24 02:02 68096 ----a-w- c:\windows\ScUnin.exe
2012-09-24 02:01 . 2012-09-24 12:17 -------- d-----w- C:\Starcraft
2012-09-24 01:13 . 2003-04-21 20:11 82432 ------w- c:\windows\SysWow64\msxml4r.dll
2012-09-24 01:13 . 2009-07-14 01:14 70144 ----a-w- c:\windows\SysWow64\ATLbb65.rra
2012-09-24 01:12 . 2004-07-02 21:28 89088 ----a-w- c:\windows\SysWow64\atl71.dll
2012-09-24 01:12 . 2004-07-02 21:28 84992 ----a-w- c:\windows\SysWow64\ATL70.DLL
2012-09-24 01:10 . 2012-09-29 11:22 -------- d-----w- c:\programdata\SmartSound Software Inc
2012-09-24 01:08 . 2003-03-16 03:15 90112 ----a-w- c:\windows\unvise32.exe
2012-09-24 01:08 . 1998-06-17 22:07 57344 ----a-w- c:\windows\SysWow64\Mfc42loc.dll
2012-09-24 01:06 . 2004-03-10 20:26 26624 ----a-w- c:\windows\SysWow64\PSDrvCheck.FR
2012-09-24 01:06 . 2004-03-10 20:26 406016 ----a-w- c:\windows\SysWow64\PSDrvCheck.exe
2012-09-24 01:01 . 2012-09-24 01:21 -------- d-----w- c:\programdata\Pinnacle
2012-09-24 00:58 . 2002-03-19 14:29 14165 ------w- c:\windows\SysWow64\drivers\Pclepci.sys
2012-09-23 22:47 . 2002-12-05 18:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-09-23 22:47 . 2002-12-05 18:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-09-23 22:47 . 2002-12-02 19:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-09-23 22:47 . 2002-12-02 17:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-09-23 22:47 . 2002-12-02 17:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-09-23 22:47 . 2012-09-23 22:47 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-09-23 22:47 . 2012-09-23 22:47 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-09-22 21:48 . 2012-09-22 22:08 -------- d-----w- c:\users\Mcx1-FS662-PC
2012-09-22 20:12 . 2012-09-22 20:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-09-22 20:12 . 2012-09-22 20:12 573776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-19 11:25 . 2012-09-19 11:25 -------- d-----w- c:\users\Sylvain\AppData\Local\Windows Live Writer
2012-09-19 11:25 . 2012-09-19 11:25 -------- d-----w- c:\users\Sylvain\AppData\Roaming\Windows Live Writer
2012-09-17 21:50 . 2012-09-17 21:50 -------- d-----w- c:\users\Naya\AppData\Local\Diagnostics
2012-09-16 23:02 . 2012-09-16 23:02 -------- d-----w- c:\program files (x86)\Microsoft Games
2012-09-14 23:05 . 2012-09-14 23:05 -------- d-----w- c:\program files (x86)\PlayerPlus
2012-09-12 10:58 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 10:58 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 10:57 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 10:57 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 10:57 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 10:57 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 10:57 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 01:47 . 2012-08-02 19:32 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 01:47 . 2012-08-02 19:32 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-12 11:16 . 2012-08-04 20:29 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-03 00:05 . 2012-09-03 00:05 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-09-02 23:00 . 2012-09-02 23:00 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-08-29 00:24 . 2012-08-02 19:33 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-08-29 00:24 . 2012-08-02 19:33 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-02 20:13 . 2012-08-02 20:13 639280 ----a-w- c:\windows\system32\drivers\klif.sys
2012-08-02 17:38 . 2010-06-24 19:33 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-18 18:15 . 2012-08-15 13:19 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{491C440D-305E-0124-0099-0F3E390C7E87}]
2009-07-14 01:15 73728 ----a-w- c:\windows\SysWOW64\catssrvps.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-08-02 20:19 496016 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-01-06 39408]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-08-19 343168]
"jmekey"="c:\windows\jmesoft\hotkey.exe" [2011-06-08 118784]
"jmesoft"="c:\windows\jmesoft\ServiceLoader.exe" [2011-03-16 28672]
"CLMLServer"="c:\program files (x86)\Lenovo\Power2Go\CLMLSvc.exe" [2009-12-05 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-14 222504]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe" [2011-12-24 202296]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
c:\users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
RollerCoaster Tycoon 3 Registration.lnk - c:\users\Sylvain\AppData\Local\Temp\{E2F19A55-F80A-4490-9217-94082E21E2A0}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2012-8-2 1207312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-06 136176]
R2 JME Keyboard;JME Keyboard Driver;c:\windows\jmesoft\Service.exe [2011-03-16 32768]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-06 136176]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-02 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys [2009-12-14 85048]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2009-12-14 66104]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-02 283200]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-10-20 13616]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-08-10 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-08-19 361984]
S2 CSObjectsSrv;Service de gestion du système CryproStorage;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-01-11 168448]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-01-11 131072]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-06-09 555392]
S2 MDXAnalyticsService;Service d'analyse Microsoft Digital Experience;c:\program files (x86)\Microsoft Digital Experience\Microsoft.MDX.AnalyticsService.exe [2011-08-11 27136]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 AE3000;Pilote Linksys AE3000;c:\windows\system32\DRIVERS\AE3000w764.sys [2012-03-02 1717824]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-08-10 10201600]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-08-10 310784]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys [2011-05-18 58368]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-03 22544]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2009-06-17 74256]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2009-06-17 13328]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-10-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-02 01:47]
.
2012-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-06 03:27]
.
2012-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-06 03:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-08-02 20:22 565648 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\shellex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-18 11785832]
"UMonit"="c:\windows\SysWOW64\UMonit.exe" [2011-05-25 49152]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\System32\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com/ie
IE: &Envoyer à OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
SafeBoot-dmboot.sys
SafeBoot-dmio.sys
SafeBoot-dmload.sys
SafeBoot-dmadmin
SafeBoot-dmserver
SafeBoot-SRService
Toolbar-Locked - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,cb,f1,15,30,0f,
50,db,a2,c8,28,51,af,b0,29,a3,98,6c,09,96,5a,1b,26,a4,1c,e2,63,26,f1,3f,c8,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,30,f7,40,e1,26,
42,ba,cf,71,3b,04,66,8b,46,0d,96,88,2c,20,7b,65,ff,3e,9f,6a,9c,d6,61,af,45,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,25,bb,77,6c,f5,
b4,69,22,25,da,ec,7e,55,20,c9,26,f0,5b,d0,5d,2b,5e,2d,f4,ff,7c,85,e0,43,d4,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,f5,af,54,7b,81,
4c,e1,b1,3e,1e,9e,e0,57,5a,93,61,74,c1,c9,28,5e,23,d4,9b,86,8c,21,01,be,91,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,a3,59,10,2a,76,
79,38,fb,cd,44,cd,b9,a6,33,6c,cd,c6,4c,eb,c6,a2,b3,ab,30,f5,1d,4d,73,a8,13,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,9f,22,29,b1,a3,
6b,a1,1f,b0,18,ed,a7,3f,8d,37,a4,68,83,7e,4e,25,46,13,9b,df,20,58,62,78,6b,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,7a,94,87,23,f4,
01,b1,55,31,77,e1,ba,b1,f8,68,02,a7,9a,58,21,5b,67,a7,10,fb,a7,78,e6,12,2f,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,03,ea,9f,7c,b8,
1c,47,13,83,6c,56,8b,a0,85,96,ab,7d,5d,8e,5b,81,8c,db,ca,01,3a,48,fc,e8,04,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,15,7b,93,14,54,
bb,cc,95,51,fa,6e,91,28,9e,14,cc,7a,d1,70,45,72,ae,af,e6,f6,0f,4e,58,98,5b,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,76,d8,9a,cd,16,
e7,eb,0f,b1,cd,45,5a,a8,c4,f8,b9,06,cd,e4,26,4e,4d,e2,6a,3d,ce,ea,26,2d,45,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,9b,eb,f6,7c,66,
02,40,0d,e3,0e,66,d5,eb,bc,2f,6b,c5,5d,0c,a2,c5,ab,5c,ab,2a,b7,cc,b5,b9,7f,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\windows\\SysWow64\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,6a,47,c2,d1,04,
c9,a6,bb,fa,ea,66,7f,d4,3b,6b,70,1f,17,89,51,64,b3,bc,ea,6c,43,2d,1e,aa,22,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-10-10 08:17:36
ComboFix-quarantined-files.txt 2012-10-10 12:17
.
Avant-CF: 362 712 047 616 octets libres
Après-CF: 363 432 288 256 octets libres
.
- - End Of File - - 740A281C12446AD4124B923D99C91B0E

Voila!
0
Utilisateur anonyme
10 oct. 2012 à 14:43
Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

c:\windows\SysWOW64\catssrvps.dll


* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.

==============


__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------


Toujours avec toutes les protections désactivées, fais ceci :

▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
KillAll::

ClearJavaCache::

File::
c:\windows\SysWow64\sho65A5.tmp
c:\windows\SysWow64\ATLbb65.rra

Folder::
c:\windows\SysWow64\1017

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"=-
"QuickTime Task"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]


------------------------------------------------------------------

▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes

▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix comme sur cette : illustration

▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt



0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
10 oct. 2012 à 15:07
0
Utilisateur anonyme
10 oct. 2012 à 15:13
poubelle la DLL
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
10 oct. 2012 à 17:08
que veutt dire par poubelle la dll?
0
Utilisateur anonyme
10 oct. 2012 à 17:10
bah tu supprimes le fichier ^^
0
themighty65 Messages postés 21 Date d'inscription samedi 6 octobre 2012 Statut Membre Dernière intervention 26 octobre 2012
12 oct. 2012 à 03:48
et quel fichier??
0