Bonjour, Voilà j'ai un gros soucis j'ai chopé un virus en mettant ma clé USB sur les PC de mon lycée qui s'est propagé sur mon propre PC. J'ai essayé de télécharger USB FIX mais quand j'ouvre la page Avast me la bloque en la définissant comme une menace donc j'ai abandonner. J'ai télécharger MalwaresBytes Anti-malware qui me sort des tonnes de virus sur mon PC il en supprime et en place quelque uns en quarantaine. J'ai également fait un scan avec Avast qui détecte des fichiers infectés de types trz239.tmp, que je supprime mais en vain. Je demande alors l'aide d'une personne très calés dans le domaine pour venir a bout de ce virus. Ah oui j'ai vu sur d'autre forum qu'il fallait télécharger HiJackthis mais j'ai peur de le télécharger sur un mauvais site et de chopé un virus de plus :/ Donc si quelqu'un à un site fiable je suis preneuse. Merci d'avance n'hésitez pas a me demandé plus d'informations !! Merci ! Configuration: Windows 7 / Chrome 31.0.1650.63

Salut, &#x25B6 Télécharge USBFix (de El desaparecido et C_XX) sur ton Bureau &#x25B6 Désactives Avast ! &#x25B6 Branche tes sources de données externes à ton PC (clé USB, disque dur externe, lecteur mp3 etc...) sans les ouvrir &#x25B6 Fais un clic droit sur le programme USBFix et choisis 'Exécuter en tant qu'administrateur'. &#x25B6 Au menu principal, clique sur "Suppression" &#x25B6 Ton Bureau va disparaitre, puis l'ordinateur va redémarrer : c'est normal &#x25B6 Laisse travailler l'outil jusqu'au bout &#x25B6 A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse. Ensuite, utilise ce logiciel de diagnostique qui me permettra de t'aider : &#x25B6 Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau &#x25B6 Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur) &#x25B6 Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau). Il se lancera automatiquement à la fin de l'installation. &#x25B6 /!\ Suite à ces actions,l'outil a créé 2 raccourcis : ( ZHPFix, ZHPDiag ) &#x25B6 Pour exécuter une analyse complète, clique sur l'icône bureau "ZHPDiag" représentant un "parchemin". &#x25B6 Dans l'interface du logiciel, clique sur le bouton "Configurer" pour accéder aux réglages. &#x25B6 Clique ensuite sur bouton "Loupe +" en bas à gauche, pour lancer un Diagnostic Full options. &#x25B6 L'analyse s'effectue, patientez quelques minutes pendant le travail de l'outil indiqué par "Traitement en cours..." &#x25B6 A l'issue de l'analyse qui sera indiquée dans l'interface du programme, 100%, le rapport va s'ouvrir dans le bloc note. &#x25B6 Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum. Le rapport ZHPDiag.txt sera aussi sur ton bureau. En cas de nécessité, il est sauvegardé dans C:\ZHP\ZHPDiag.txt.

Utilises cet outil de désinfection spécifique aux logiciels publicitaires : &#x25B6 Télécharge AdwCleaner (de Xplode) sur ton Bureau. &#x25B6 Lance le, clique sur Analyse puis patiente le temps du scan et clique sur Suppression &#x25B6 Ensuite, le rapport s'ouvrira après un redémarrage : poste le dans ta prochaine réponse. Puis, utilises cet outil en complément à ADWCleaner : &#x25B6 Télécharge et lance Junkware Removal Tool de Thisisu En tant qu'administrateur &#x25B6 Lis les conditions d'utilisations puis veille à bien fermer tous les programmes actifs &#x25B6 Lance le en appuyant sur n'importe quelle touche &#x25B6 Ne fais plus rien et attends que le logiciel termine (il se ferme tout seul et affiche normalement un rapport enregistré sur le bureau) &#x25B6 Poste le rapport dans ta prochaine réponse Ensuite, refais un scan avec Malwarebyte's de cette manière : &#x25B6 Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme) &#x25B6 Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher" &#x25B6 Sélectionne tes disques durs puis clique sur "Lancer l'examen" &#x25B6 A la fin de l'analyse, clique sur Afficher les résultats &#x25B6 Coche tous les éléments détectés puis clique sur Supprimer la sélection &#x25B6 S'il t'est demandé de redémarrer l'ordinateur, accepte. &#x25B6 Poste dans ta prochaine réponse le rapport apparaissant après la suppression. Enfin, refais un scan avec ZHPDiag comme la première fois.

Virus trz.tmp gros soucis

Réponse 1 / 7

Faeris Messages postés 795 Statut Membre 155

Salut,
▶ Télécharge USBFix (de El desaparecido et C_XX) sur ton Bureau
▶ Désactives Avast !
▶ Branche tes sources de données externes à ton PC (clé USB, disque dur externe, lecteur mp3 etc...) sans les ouvrir
▶ Fais un clic droit sur le programme USBFix et choisis 'Exécuter en tant qu'administrateur'.
▶ Au menu principal, clique sur "Suppression"
▶ Ton Bureau va disparaitre, puis l'ordinateur va redémarrer : c'est normal
▶ Laisse travailler l'outil jusqu'au bout
▶ A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse.

Ensuite, utilise ce logiciel de diagnostique qui me permettra de t'aider :

▶ Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau
▶ Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
▶ Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau). Il se lancera automatiquement à la fin de l'installation.
▶ /!\ Suite à ces actions,l'outil a créé 2 raccourcis : ( ZHPFix, ZHPDiag )
▶ Pour exécuter une analyse complète, clique sur l'icône bureau "ZHPDiag" représentant un "parchemin".
▶ Dans l'interface du logiciel, clique sur le bouton "Configurer" pour accéder aux réglages.
▶ Clique ensuite sur bouton "Loupe +" en bas à gauche, pour lancer un Diagnostic Full options.
▶ L'analyse s'effectue, patientez quelques minutes pendant le travail de l'outil indiqué par "Traitement en cours..."
▶ A l'issue de l'analyse qui sera indiquée dans l'interface du programme, 100%, le rapport va s'ouvrir dans le bloc note.
▶ Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

Le rapport ZHPDiag.txt sera aussi sur ton bureau. En cas de nécessité, il est sauvegardé dans C:\ZHP\ZHPDiag.txt.

Sas20 Messages postés 12 Statut Membre

Donc voila je te poste le rapport pour USB FIX que j'ai fait en lancant mon ordi en mode sans échec parce qu'il beugé à partir de 80%, dis moi si j'ai mal fait je recommancerais.

############################## | UsbFix V 7.159 | [Suppression]

Utilisateur: Collégien (Administrateur) # HP-PROBOOK
Mis à jour le 06/01/2014 par El Desaparecido - Team SosVirus
Lancé à 20:54:42 | 09/01/2014

Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/

PC: Hewlett-Packard (3074)
CPU: Intel(R) Core(TM)2 Duo CPU T6570 @ 2.10GHz
RAM -> [Total : 2042 Mo| Free : 1183 Mo]
Bios: Hewlett-Packard
Boot: Fail-safe boot

OS: Microsoft Windows 7 Professionnel (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 31.0.1650.63

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [(!) Disabled]

C:\ (%systemdrive%) -> Disque fixe # 216 Go (72 Go libre(s) - 33%) [Local] # NTFS
D:\ -> Disque fixe # 15 Go (3 Go libre(s) - 22%) [HP_RECOVERY] # NTFS
E:\ -> Disque fixe # 2 Go (2 Go libre(s) - 96%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> Disque amovible # 7 Go (7 Go libre(s) - 100%) [USB SARAH] # FAT32

################## | Processus Stoppés |

Stoppé! C:\Windows\Explorer.EXE (ID: 1116 |ParentID: 1108)
Stoppé! C:\Windows\system32\ctfmon.exe (ID: 1172 |ParentID: 1116)
Stoppé! C:\Windows\system32\DllHost.exe (ID: 1436 |ParentID: 660)
Stoppé! C:\Windows\system32\DllHost.exe (ID: 1660 |ParentID: 660)

################## | Regedit Run |

04 - HKLM\..\Run : [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
04 - HKLM\..\Run : [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
04 - HKLM\..\Run : [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
04 - HKLM\..\Run : [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Pstart] c:\ordinateur-collegiens\lanceur\pstart.exe
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
04 - HKLM\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\COLLGI~1\AppData\Local\Temp\SURVIVAL.vbe"
04 - HKLM\..\Run : [RZN] C:\Users\Public\conhost.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\RunOnce : [NCPluginUpdater] "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
04 - HKLM\..\Policies\Explorer\run : [DOJ] C:\Users\Public\conhost.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2166575320-1284758574-954507884-1001\..\Run : [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
04 - HKU\S-1-5-21-2166575320-1284758574-954507884-1001\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-2166575320-1284758574-954507884-1001\..\Run : [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
04 - HKU\S-1-5-21-2166575320-1284758574-954507884-1001\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\COLLGI~1\AppData\Local\Temp\SURVIVAL.vbe"
04 - HKU\S-1-5-21-2166575320-1284758574-954507884-1001\..\Run : [APS] C:\Users\Public\conhost.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-2166575320-1284758574-954507884-1001\..\Policies\Explorer\run : [DOJ] C:\Users\Public\conhost.exe

################## | Recherche générique |

Supprimé! C:\Users\COLLGI~1\AppData\Local\Temp\Collégien7
Supprimé! G:\Powerpoint SG.lnk
Supprimé! G:\TD GanttProject.lnk
Supprimé! G:\FOUND.000.lnk
Supprimé! G:\oral-version3_management2010noire.lnk
Supprimé! G:\Dossier etudiant GESTION DE PROJET.lnk
Supprimé! G:\Projet.lnk
Supprimé! G:\TD MANAGEMENT.lnk
Supprimé! G:\relation client e4.lnk
Supprimé! G:\Cv-lettre motiv etc.lnk
Supprimé! G:\Chapitre 9 GRAND 1 LINDA SARAH.lnk
Supprimé! C:\Users\COLLGI~1\AppData\Local\Temp\5454tilqs_7OoXdBUc14ideje.pif
Supprimé! C:\Users\COLLGI~1\AppData\Local\Temp\fdfddtilqs_7OoXdBUc14ideje.pif

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKCU\Software\Holaa
Supprimé! HKLM\Software\SURVIVAL
Réparé ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
Réparé ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyGames -> 1
Supprimé! HKU\S-1-5-21-2166575320-1284758574-954507884-1001\Software\Microsoft\Windows\CurrentVersion\Run|APS
Supprimé! HKU\S-1-5-21-2166575320-1284758574-954507884-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|DOJ
Supprimé! HKU\S-1-5-21-2166575320-1284758574-954507884-1001\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|DOJ
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|RZN
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL

################## | UsbFix - Information |

UsbFix a détecté sur votre ordinateur, une infection qui dispose d'une fonction de Keylogger.
Après désinfection par UsbFix, veuillez modifier tous vos mots de passe.
Si vous avez effectué des achats sur internet,
veuillez contacter votre banque afin d'envisager une opposition sur votre carte bancaire.

Info : http://www.sosvirus.net/infection-dinihou-vous-explique-son-fonctionnement-t4852.html

################## | Listing |

[27/12/2012 - 13:58:06 | SHD] - C:\$RECYCLE.BIN
[08/01/2013 - 17:30:54 | D] - C:\24a7810edb5ecc6b95b462cbe9
[09/01/2014 - 13:25:14 | D] - C:\AdwCleaner
[27/07/2009 - 09:31:13 | SHD] - C:\boot
[14/07/2009 - 02:38:58 | RASH | 375 Ko] - C:\bootmgr
[14/07/2009 - 05:53:55 | SHD] - C:\Documents and Settings
[17/09/2009 - 04:44:27 | D] - C:\EFI
[09/01/2014 - 20:53:46 | ASH | 1568460 Ko] - C:\hiberfil.sys
[17/09/2009 - 05:15:04 | D] - C:\hp
[30/04/2013 - 21:12:38 | N | 0 Ko] - C:\IO.SYS
[30/04/2013 - 21:12:38 | N | 0 Ko] - C:\MSDOS.SYS
[29/11/2012 - 15:50:31 | D] - C:\Ordinateur-collegiens
[09/01/2014 - 20:53:50 | ASH | 2091280 Ko] - C:\pagefile.sys
[09/01/2014 - 13:37:39 | D] - C:\Program Files
[09/01/2014 - 20:38:48 | HD] - C:\ProgramData
[14/02/2013 - 19:45:12 | D] - C:\swsetup
[09/01/2014 - 20:16:37 | SHD] - C:\System Volume Information
[22/12/2009 - 10:25:48 | D] - C:\SYSTEM.SAV
[09/01/2014 - 20:54:44 | D] - C:\UsbFix
[09/01/2014 - 20:44:46 | N | 9 Ko | 36567707260EAD52B24CB66E7B3F4510] - C:\UsbFix [Clean 1] HP-PROBOOK.txt
[09/01/2014 - 20:54:57 | A | 7 Ko | A828986E99D197B787C2B7538AB8AAEB] - C:\UsbFix [Clean 2] HP-PROBOOK.txt
[09/01/2014 - 20:30:01 | N | 11 Ko | 8AD846D4B32BC8019B02A729E43A6AA0] - C:\UsbFix [Scan 1] HP-PROBOOK.txt
[18/02/2010 - 16:27:19 | D] - C:\Users
[22/12/2013 - 15:33:31 | D] - C:\Windows
[16/02/2010 - 12:34:20 | SHD] - D:\$RECYCLE.BIN
[27/10/2012 - 10:10:33 | D] - D:\360Downloads
[15/02/2010 - 18:01:08 | AD] - D:\boot
[14/07/2009 - 02:38:58 | ASH | 375 Ko] - D:\bootmgr
[22/05/2012 - 15:52:40 | D] - D:\FunshionMedia
[17/09/2009 - 05:15:20 | N | 0 Ko] - D:\HP_WINRE
[15/02/2010 - 18:12:33 | N | 0 Ko] - D:\HP_WSD.dat
[09/11/2012 - 18:30:35 | D] - D:\KuGou
[22/02/2012 - 18:54:55 | D] - D:\KuGouCache
[17/09/2009 - 06:36:35 | N | 524288 Ko] - D:\pagefile.sys
[20/03/2011 - 18:47:21 | D] - D:\Program Files
[28/10/2010 - 10:04:05 | D] - D:\QQPetBear.Cache
[15/02/2010 - 18:01:07 | D] - D:\Recovery
[17/02/2010 - 12:51:08 | D] - D:\sources
[17/09/2009 - 04:36:10 | SHD] - D:\System Volume Information
[17/09/2009 - 05:35:07 | D] - D:\system.sav
[12/07/2010 - 15:00:53 | D] - D:\XunleiImageCache
[16/09/2009 - 20:42:08 | SHD] - E:\$RECYCLE.BIN
[16/09/2009 - 21:11:14 | D] - E:\Hewlett-Packard
[15/02/2010 - 18:12:34 | N | 0 Ko] - E:\HP_WSD.dat
[16/09/2009 - 20:15:02 | N | 0 Ko] - E:\HP_Tools
[08/09/2013 - 19:07:44 | D] - G:\FOUND.000
[19/09/2013 - 09:06:52 | D] - G:\Dossier etudiant GESTION DE PROJET
[19/09/2013 - 22:14:38 | D] - G:\TD MANAGEMENT
[18/12/2013 - 20:34:40 | N | 1771 Ko] - G:\Powerpoint SG.ppt
[01/12/2013 - 20:43:04 | D] - G:\Projet
[16/12/2013 - 12:07:56 | N | 2396 Ko] - G:\TD GanttProject.doc
[01/12/2013 - 20:43:40 | D] - G:\relation client e4
[01/12/2013 - 20:44:04 | D] - G:\Cv-lettre motiv etc
[12/11/2010 - 01:57:38 | N | 187 Ko] - G:\oral-version3_management2010noire.doc
[07/01/2014 - 11:03:46 | N | 16 Ko] - G:\Chapitre 9 GRAND 1 LINDA SARAH.docx

################## | Vaccin |

D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |

Et je te poste le rapport de ZHP DIAG
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20140109_h88t7y7q11

Merci beaucoup pour ton aide en tout cas !

Réponse 2 / 7

guillaume27300 Messages postés 35 Statut Membre 2

fait un scan au démarrage avec avast règle les zone a scané la sensibilité du scan au maximum coche les 2 case et a la détection d'une menace mettre en quarantaine ou supprimer ensuite tu fait ok et tu redémarre l'ordi une fois l'ordi redémarré fait un scan complet avec malwarebytes et met tous se qui trouve en quarantaine puis si malwarebyte te demande de redémarrer fait le puis retourne dans la zone de quarantaine pour supprimer définitivement se qui si trouve

Réponse 3 / 7

Faeris Messages postés 795 Statut Membre 155

Utilises cet outil de désinfection spécifique aux logiciels publicitaires :

▶ Télécharge AdwCleaner (de Xplode) sur ton Bureau.
▶ Lance le, clique sur Analyse puis patiente le temps du scan et clique sur Suppression
▶ Ensuite, le rapport s'ouvrira après un redémarrage : poste le dans ta prochaine réponse.

Puis, utilises cet outil en complément à ADWCleaner :

▶ Télécharge et lance Junkware Removal Tool de Thisisu En tant qu'administrateur
▶ Lis les conditions d'utilisations puis veille à bien fermer tous les programmes actifs
▶ Lance le en appuyant sur n'importe quelle touche
▶ Ne fais plus rien et attends que le logiciel termine (il se ferme tout seul et affiche normalement un rapport enregistré sur le bureau)
▶ Poste le rapport dans ta prochaine réponse

Ensuite, refais un scan avec Malwarebyte's de cette manière :

▶ Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
▶ Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
▶ Sélectionne tes disques durs puis clique sur "Lancer l'examen"
▶ A la fin de l'analyse, clique sur Afficher les résultats
▶ Coche tous les éléments détectés puis clique sur Supprimer la sélection
▶ S'il t'est demandé de redémarrer l'ordinateur, accepte.
▶ Poste dans ta prochaine réponse le rapport apparaissant après la suppression.

Enfin, refais un scan avec ZHPDiag comme la première fois.

Sas20 Messages postés 12 Statut Membre

? Rapport AdwCleaner
# AdwCleaner v3.016 - Rapport créé le 09/01/2014 à 21:48:16
# Mis à jour le 23/12/2013 par Xplode
# Système d'exploitation : Windows 7 Professional Service Pack 1 (32 bits)
# Nom d'utilisateur : Collégien - HP-PROBOOK
# Exécuté depuis : C:\Users\Collégien\Downloads\adwcleaner-3.016.exe
# Option : Nettoyer

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

***** [ Raccourcis ] *****

***** [ Registre ] *****

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v31.0.1650.63

[ Fichier : C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R4].txt - [2333 octets] - [07/12/2013 18:59:59]
AdwCleaner[R5].txt - [1251 octets] - [09/01/2014 13:02:11]
AdwCleaner[R6].txt - [6819 octets] - [09/01/2014 13:23:24]
AdwCleaner[R7].txt - [1181 octets] - [09/01/2014 21:47:23]
AdwCleaner[S4].txt - [2071 octets] - [07/12/2013 19:01:08]
AdwCleaner[S5].txt - [1315 octets] - [09/01/2014 13:03:59]
AdwCleaner[S6].txt - [7059 octets] - [09/01/2014 13:25:01]
AdwCleaner[S7].txt - [1103 octets] - [09/01/2014 21:48:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1163 octets] ##########

? Rapport Junkware Removal Tool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x86
Ran by Coll'gien on 09/01/2014 at 21:54:19,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2166575320-1284758574-954507884-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Coll'gien\appdata\local\software"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{009D6BC2-D8C3-429D-9D58-A4AF7703072A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{00A83E29-DBE5-44F1-B8C4-F7BC5EF04913}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{00CD54BB-4CD2-4A19-8D27-BE346F207155}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{00D73872-F0D6-4D61-B395-D020A1C5C21D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{0181C1FC-DB78-431B-B4DE-77A5F47CC0D5}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{01CB9F48-ABD0-460D-AC3F-3884F79DB66B}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{030AD3F5-90E3-4980-B79D-1CA558B987EC}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{03D0557E-F40C-4CD7-BDCD-98D131387BA6}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{04668E57-D822-4069-9033-6FA94019C60A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{06155AC5-86EE-4AC3-9E9C-DC19331AA66C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{06A71882-7259-4817-86BC-61918A53EA79}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{06FDEA2B-19C7-419A-920E-9BB6B10573C9}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{085140BB-1E00-4532-9A43-DF6CC78F2F6C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{08CA14AF-7B4A-4988-97E8-3BEC739AD749}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{08D1763D-DACC-45A9-993A-E7FC5CD6874D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{097C8374-2BDD-4320-9E7B-F9B4B403B119}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{0A0B4285-831D-46A1-AD90-27CEB7848CEF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{0C50BDE2-3635-4C78-A8E9-AD71EF11160D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{0C5540E6-413D-4D79-8933-D91CB195F266}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{0D0B6784-5E8D-4DB2-82B3-D2FC44CA3782}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{0EF56839-6550-4F40-8AD2-AE8213DB2003}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{0FFC9540-0F42-4DD8-AE2E-970864510D8A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{11BCF4B2-CE52-446A-871D-66A24050F6AD}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{148C21CD-E27C-4C1D-A382-C61759C3D31D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{15FAC658-418C-4EBB-8015-E8A6DBBDB32D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{16F0C180-AB64-4C57-A667-94E7B3EF909E}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{177D6323-868B-4FB6-B7E6-2F6595AA2B8C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1B2D13D2-7B7E-44D2-A7F7-653F45CE0A2E}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1B33B4D0-75C4-4F0F-80A0-8F8A80150AEB}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1B523FF6-D124-469B-9509-E6A60F7E9056}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1B950C47-6368-49F8-BDD1-94E9F4C127AF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1CB6742B-8CA1-4FA9-9398-C2281EDCD6D4}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1D106B49-295F-48E2-A91A-6A24BA2A4F0D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1D44EFF9-1454-4C76-8DF9-6982DBAAE53A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1E687983-F26D-4328-A662-AFA805A20BB8}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1ED06FEF-B8F5-4C38-ACAD-FC558628C6BF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1F090A9E-B178-4AE2-85F3-420180787E21}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1F09EDAF-5EE2-4695-B128-1AF077411B30}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{1F8360A4-0F83-481C-A9E4-6E50A5BE2538}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{21C947B0-F294-4999-9CD2-42217D46E081}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{237BB32F-EE0E-4CBD-B6BB-33CEC96C33C3}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{23F06882-493F-4653-B783-B15C799CA8D7}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{2509BDE3-9081-4870-B965-3376621EE7DF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{2520BDC6-7E87-437F-A26C-E87369A2D6ED}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{26FCA4CC-3048-46EA-9875-86946D7EFB0A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{29294D2C-93D9-4DEA-AFDA-7A9AC2CE0C5D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{2A6E4578-777F-48F1-B03E-8298BA4A703C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{2A81D5E2-9056-420A-8C5F-3E96D2DAEDDE}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{2DE5F1B0-ABC0-410E-94B2-6AA19A9EEE6F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{2E339EE5-8444-4401-A22C-6588A5960EFB}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{2FB330E4-2876-48F2-8FD3-EAB0AEF5A95B}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3280BA4A-7A65-4D96-A764-DDD278E01060}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{330B529C-9D84-47E0-8E72-65FCBCE69333}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{33DE3B76-4FB3-4B97-A004-8339296ED65C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{34943972-FF8A-40F4-AAE5-018D9B9B3218}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{34E27C85-68AC-475D-99B9-C99FFABD9C1C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{360FDA85-25ED-46E7-AD81-D550DE4EAD3A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{36136CE9-C54C-4AA1-8B2A-D65FE73F92D7}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{363805B9-6440-4EA0-BAAF-04552C6AAFC1}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{37C22046-1DFA-468C-943E-CE27CA6E5CD0}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3845AC3C-B174-446D-966D-3C2CD1A47C81}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3866718F-11A3-448E-AE72-86A51EBDF5E7}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3AA0D02C-C53F-42A6-B996-CFC48AC12A48}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3AB449E3-9449-4324-A261-E10A5FB3206A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3B12B8D8-E156-430A-AFAF-039A88D56B49}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3B4A9C07-BA24-48A7-B6CB-EC0DCB9CD86E}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3C3F5967-E217-4FF9-9B9A-9E2B12EEA65D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3E89726D-1A2F-4063-93AA-5C98DB57C6D3}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3FA1215B-08FE-4AB2-9122-F108868CF7A9}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{3FE6D181-5103-413D-961F-1E7369E598BF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{41A30609-EAF6-4519-B27F-18F7265144AE}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{42EC9DB2-00C8-425D-9210-091D44D0CB42}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{43395B32-F95E-4030-B34F-9C39159746DC}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{433F5357-56D2-4D0F-BA5F-963108A1368B}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{43A893DE-B617-4A6B-B8D0-250F0D0EDD95}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{441EE144-3FB8-4194-ACD8-9A116B172EF4}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{4487CF3C-8A44-4449-86B7-5B11C3FAF04C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{44ABB664-D225-41C3-BE04-7446CB3BAE5C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{44B8D03C-2413-4D4C-80F1-F7D932571393}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{45949FE2-1087-495D-954D-A6049D8E3B71}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{48634A35-DA20-4182-9B49-38D19828090B}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{48C6B610-FC31-4037-96E7-887CC6C016DE}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{493F5249-FCF2-4D73-ADBC-2028A7147FFF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{4A81B0C9-03AC-4E56-B782-399842B382B4}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{4E0E0A7C-E746-4609-82D8-CF956DA95397}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{4E6176CE-44C6-4A71-A5BE-D17D0DCA3E4D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{4E88B190-5B07-47C8-BAAD-FF7D061282C0}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{4EB502A3-8CEC-4B44-A456-A392B61DCFF5}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{507FD6F1-BC0C-439D-A306-B9DEAF2396F8}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{51477881-B583-4CA2-B464-2C92FCC18D55}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{52499D51-B741-42C5-A9C1-2373AD8A3511}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{54D2E892-AA39-42EA-BF3A-230A634857AB}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{5590E8FA-A7FE-4BBE-A239-D35C3C9A2CCD}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{579C3ED8-81E6-49AB-BC1B-D56CB24E6CB7}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{59CB375D-EF5F-4CD7-A422-52A35BA92012}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{5C0C89D1-DDF9-465B-A84D-6141F0C31F0F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{5C53C075-F75F-4B4D-9414-4992F2FA2A8F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{5CABFD17-319F-46B1-9823-631D61434470}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{5D5C055C-CB44-499A-98E6-EA1832E4D38D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{5D9503AA-B5EB-45F4-BC96-497CCB57AE22}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{5E54E597-DD79-4298-87E1-3994544A16BE}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{5E563F56-E39F-4B5F-ABBF-57BD2DDD5D9A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{5F2E0EF6-765A-4007-9034-0E361CFC908C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{63A9AB90-94B4-4F1F-8C88-E14627584025}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{6472074E-C6BD-4E38-8F74-E1B6FA0A4CFD}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{66F8256C-A9C1-44E5-B945-480D72BFD95C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{6784CAB1-6187-4914-8E10-15A3C121DA00}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{678A6812-D9C7-4D86-8C4C-20754463FC25}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{6898368E-09F7-48D7-A7F0-7260DC34937C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{69AA25F7-724C-49A7-B0F9-D74C3EFAA79F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{69BC09FB-5A04-405B-A648-EEDD3431D4E5}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{6C0E2B27-3689-4489-818E-FD8BC4992A13}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{6C5FBDC1-CFC2-405C-9B5C-F96DE704F3D2}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{6D275C1F-2B57-45F7-BA52-B7EB6F2E9DDC}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{6D3C3071-CE37-4329-A2CC-44F169D31510}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{6EFB0FE9-B9E5-4079-BAE6-362FAA6655E8}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{6F7E5A02-2112-401E-9149-4A0854D771E3}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{6F9B24C5-C33A-4A0C-8B92-B0838E288A24}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{71335468-0E0C-46CB-BB32-442558657DD7}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{71BC05A1-797F-421A-B55C-9E940D0690B6}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{729211FD-A19E-45CF-B62A-5FE1AFEC49B1}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{72ED7A6C-78E3-4A0A-AC29-136AD9FAF371}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{73EB29DF-3FF2-425B-BB4E-9AEC50590A6A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{7401B73C-2A75-45EF-BCE7-849657D3A2F3}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{750031C3-6655-4133-B77B-2D6B49906449}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{756AAC4F-9D58-4F28-8209-6C9EBD00CD11}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{7698968D-42E6-48DD-A3FC-857BA208A719}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{77EDC1C8-68A7-4E37-A040-C73AB9580F94}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{7861ACB4-E834-4A22-9E0F-C880C70090FD}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{7916CFE7-E697-4847-BD24-05E438D37E9F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{79F930DC-A2B3-46E4-8055-70BE3DC0139C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{7B0AA735-8EA6-435E-8C04-90ECB068636C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{7C4BB40D-3A53-4AF7-90B2-CAEE649F9F53}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{7D668AA4-14F1-4D7D-AFA6-926AD139F8AE}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{7DC167F3-B6CB-4AF6-BECE-8D267502DCF3}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{7F842140-8111-4151-8E48-58F2F02CB222}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{7F8B7F61-D739-49F8-B66D-3A15D0D627A2}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{8046F4BC-184E-4360-89B6-7B39396EDFFE}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{818A2C71-8C99-44F9-9473-87FDFE8794BB}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{83D82262-63D3-446C-B128-94074804BF4D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{84757303-E44C-4475-B58F-865618969029}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{85CDEB6F-6612-4F89-B114-95B1C39110AF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{8605B9FB-98D2-4B63-9AC9-502B2C330ACF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{890724AC-8216-44E8-B49E-B2860765D768}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{8B2C65D9-9FDA-407C-8A78-3E1540B56904}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{8F35136E-130D-4315-9E1A-0CABA8DBD607}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{911E2475-FD16-4BFA-A822-CEC7F333F3A6}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{914814B8-9958-4B23-87E9-5D703E59ED15}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{94041EDD-FEED-477E-9293-0BE9B59717BF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{952EF9CB-48D1-4C30-AC76-38476D331877}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{953853D8-BFD8-4DF8-9EC2-65CE2F4E9156}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{977F660F-1341-4B3D-B4CD-1F93A82C1966}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{984C10F8-FFD6-4FAA-8899-FBC77C65A9DA}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{99B9D1AF-6546-4BF4-BA12-3FB340E75A96}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{9C4F6414-D452-42D0-A9D3-568D4F925EBC}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{9CD31C24-73DB-498C-9487-40E6B9B41A6D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{9E02FA49-BEF2-4564-AB99-B7C39A98EADD}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{9E4A52AC-A479-4BB6-8736-3616A6884218}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{A05DEC47-E4F3-4E5E-ABD1-86E4E4BD90DE}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{A0976119-D412-4F1E-8F8C-55F43F2BAC96}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{A278C46A-517F-41E5-8453-3A460ED05D3F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{A2EBE7F6-CE2C-426A-9AB8-70E5D00C652A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{A2F8720F-7A5D-4D64-A1F3-AB394D32E822}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{A2F8BC97-42B5-4A5C-AA18-B10F30F79059}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{A59E8514-67C6-4D75-8261-109839292B98}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{A84D36AE-BC8A-4A60-BA88-73EA18E54290}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{A905A19E-26B3-4804-9091-FEBCBFEC1C4D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{AB0A11E0-176C-4746-9815-E3A2F73F969B}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{ADB89A71-F599-4A45-883C-B3E1543F1330}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{AF33BAF9-D984-4191-8A7F-946CBB20DC9A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{AF9AF728-C861-46C1-90D4-92D8A3364EF0}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{B044C628-C7FF-4C90-B93E-3F75CEA46D70}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{B35FA6FC-4D48-47DD-9A38-C4E373A1D763}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{B49102C8-2DE2-458F-9569-C6CB9D81D59B}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{B49AEC42-EAAB-4FE5-BC6C-0ADB90C4C5E4}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{B5709BC4-B0EA-4C1F-9FBE-92BB62574490}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{B7B6C7FA-AC66-4DC8-8A65-90C82B260CE2}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{B8D84072-85C6-4112-B192-5AEBA58387EB}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{B9D74C45-6F20-4DA5-A80E-46A5B728305C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{B9F14F2E-7226-4FA9-8905-4040B1B1AE9C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{BA62C824-DBBF-45C0-AE04-BC32E500BE83}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{BB47EF26-1F72-48F1-91E9-4F4FEEF9F11D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{BC153792-8372-4AF6-B9AB-0547D61C5BBA}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{BCCACBAD-0228-4C27-B793-EE60A9A3CF66}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{BDC45416-2035-4AAD-98CD-0E6AA16E1B13}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{BED4A985-E02A-45E5-8EBE-E00D55E9F5F5}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C03520DB-49A9-48E3-83F3-8EDEA1AB6389}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C05E6BB7-07C5-4C61-B65C-0C757DF19C44}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C085AB53-6EC7-4CB9-8865-FAAA3B63E2EB}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C0E94C54-462A-46B2-95F0-7659DDF03D02}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C1AF50A2-2073-421A-B8FA-5D8AFF5C5110}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C237B288-2494-4BC6-BC28-BE71F35CB60F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C582805A-2B41-4C52-9EBD-E800C1EAEA0D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C6317227-480C-4691-8E4D-605B77B06A3A}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C6721FFD-94BF-4382-B349-403C9C64AF5D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C7B9D8E0-3AE4-4483-A1D5-E7CA3A346348}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C7C3D375-76A3-42BD-A2B5-EBA8F28B0166}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C8F863BE-8E4E-453E-8BD7-5DC0354DCFFF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C95E4BF4-E085-4A24-8EE9-73B04FFCD54F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{C9CC9A66-EF8F-4950-B5AE-A9D61E6BB0F9}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{CA99B528-CF1E-4F54-B987-5C68242917F3}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{CB03F910-DCAB-4828-9672-271634061C34}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{CC8C6C53-C340-4365-B2EF-4D98C27170E2}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{CD6DB5DA-62F2-4CE8-B4DF-A909EB9522B4}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{CEC923F3-FD6E-4367-B6F4-757F3D7EFE4B}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{CEDA3253-8763-4E33-99F6-EE304677C82F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{CF3CAD31-4E67-4279-A1CB-76962800339C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{CF8705D4-CE42-4E40-A9C1-E72F92E8932C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{D03E1492-20E7-4A9F-B5E0-9AFB85080C3F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{D08A8DF3-BCBC-425B-942F-184694350A7F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{D1524234-8D1B-4B4D-A642-E5E1019A656D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{D2F847D4-81E4-46D6-8E3E-F14335E0360C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{D48C1FCE-D36F-4F9E-A53B-A37BDE6341F8}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{D54D9336-1102-4528-A625-C2BCD0EE1ACD}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{D7C0E86F-EC5A-4DE6-9AF3-54C2F29FB32C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{D8A8DB08-A6C5-42E3-8A7D-129BD1E62587}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DA503A79-E1DB-497F-BFD1-17345A0D2520}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DB758663-2D97-478D-BE7A-3CD03A9D5C09}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DBFCEC87-26BA-4C4C-A6CE-739E8A709E1F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DC128D77-264C-4670-8840-3B9ED59DEA89}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DC3EA88D-C775-454B-85F4-E2B21236DC2C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DCFE936D-5856-4A72-B554-5B0E97E67B83}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DD1832F2-1EBB-4139-B08C-102E6379B5A3}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DD275706-0616-4089-8C24-9E224E79DA9E}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DEE2A12E-0EB2-43B6-838E-0B3D2F94FB57}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DEFC4C90-EDAB-4BAC-AC9C-B1828A224BDA}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{DFA7DDC4-519C-4BD3-B16F-3429DB9FBBC3}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E0567577-393A-49FD-9109-C70D9EE1AB99}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E264618B-4E79-42C8-95F0-198B808810A9}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E3C6E7C5-C269-4E5D-9B5F-6818C34DF77D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E3FB37F2-262B-4E0F-91A1-573B133505A6}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E50E917C-37C3-46DF-8230-9D4B7281194C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E57ADA83-6BA5-4E55-B63C-52253C92BC5C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E5F008C5-1B81-4E02-85CE-4D1BC3E47427}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E806533C-C68D-46E1-9E52-41E2297ADE71}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E818DB37-6430-4FC0-AAD6-8D2AD520CBF8}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E8331C27-8648-47E4-A8CA-7CDBB1EBD0F0}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E9187497-E9E7-41EF-A4D4-E29114D70361}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E9411389-5A87-4681-B55A-D13C83476A47}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E9CFB3F2-F728-45AB-833B-9780471943AA}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E9DAF93E-FDE4-4964-90EA-04399B5CC7F2}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{E9E8098C-F15C-415E-917D-B7C659D2F41F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{EABA5FF0-C00A-4B98-A4F4-C32AB1B96051}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{EADBF329-1822-4B5C-82E0-DAA505FF4803}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{EB4347B7-23C7-4CB5-B15A-E0129CAA5FC5}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{EBFA1114-787F-4131-8F57-E4F24F8C0FAF}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{ECEA4867-9EB1-4B1C-B31F-160B881641AB}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{ED45B8E5-61BF-4836-AF18-89BA62DFCAB5}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{F013E3BD-B4F0-472D-BF35-9EBC68116D6D}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{F0C6A059-4C3A-46CF-AB1B-53AB0290681E}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{F26C5EF4-6290-467E-A383-BE11085E0FDB}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{F6A1E792-9451-4225-ADE7-38514F7A7609}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{F764479B-E341-4730-B901-A2D27A89594F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{F8F7CF5C-E99B-4C63-B928-A255968484E7}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{F9DA8188-E8D3-4CCD-8150-0BA834978F8C}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{FA546A1A-85AF-4DCD-BC71-39756B313A04}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{FACA56B7-9877-45B9-AA46-4F4B2811F9B5}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{FAE9AD10-8197-4D52-B673-FB3F598D6A00}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{FBAD7636-A056-4626-9A44-DD11BF6EC948}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{FD01C87C-88C7-44D4-9130-6039CDE0C20E}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{FDD4D6C1-27E4-4FED-9139-3067A06E7D6F}
Successfully deleted: [Empty Folder] C:\Users\Coll'gien\appdata\local\{FE0FDCD2-D852-49B0-B719-DC15F4321CC1}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/01/2014 at 21:58:40,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

? Rapport MBAM (J'ai supprimé les 4 fichiers qui ont été détéctés)
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2014.01.09.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
Collégien :: HP-PROBOOK [administrateur]

Protection: Activé

09/01/2014 22:00:51
MBAM-log-2014-01-09 (23-07-16).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 384830
Temps écoulé: 1 heure(s), 5 minute(s), 48 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 4
C:\AdwCleaner\Quarantine\C\Program Files\Wajam\IE\priam_bho.dll.vir (PUP.Optional.Wajam) -> Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files\Wajam\Updater\update.exe.vir (PUP.Optional.Wajam) -> Aucune action effectuée.
C:\Users\Collégien\Music\MEHDI\installer_nero_French.exe (PUP.Optional.VIT) -> Aucune action effectuée.
D:\Program Files\????\QQGame\QQGameDl.exe (Spyware.OnlineGames) -> Aucune action effectuée.

(fin)

? Rapport ZHPDiag
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20140109_y12r13b12e6f8

Faeris Messages postés 795 Statut Membre 155

Tu les as supprimé ou non ? Parce que sur le rapport c'est marqué qu'ils n'ont pas été supprimés.

Sas20 Messages postés 12 Statut Membre

Oui je les ai supprimés ensuite après le 1er rapport il y'avait un autre rapport avec marquer qu'ils avaientt bien été supprimés.

Réponse 4 / 7

Faeris Messages postés 795 Statut Membre 155

Pour MBAM, si pas supprimé, il va falloir relancer et supprimer.

La suite :

▶ Télécharge TDSSKiller (de Kaspersky Labs) sur ton Bureau.
▶ Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
▶ Clique sur Start Scan pour démarrer l'analyse.
▶ Si des éléments néfastes sont identifiés par l'outil, vérifie que Cure est bien coché. S'il indique "suspicious", laisse l'option Skip.
▶ Ensuite, clique sur Continue puis sur Reboot Now si nécessaire.
▶ Un rapport s'ouvrira au redémarrage de l'ordinateur.
▶ Copie/colle son contenu dans ta prochaine réponse (il se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt)

Sas20 Messages postés 12 Statut Membre

J'ai lancé un 1er scan où il n'avait rien détecté. Puis j'ai été dans les réglages et j'ai coché les additional je me souviens plus du nom de la catégorie mais je pense que c'était tout les périphériques type USB etc.. et la sa ma trouvé 3 menaces Suspicious object, medium risk. Par contre je ne vois pas pas l'outil Cure. J'ai laisser l'option Skip et j'ai cliquer sur continuer mais il n'y avait pas de case reboot now. Je redémarre mon PC manuellement ?

Merci encore de ton aide précieuse :)

Faeris Messages postés 795 Statut Membre 155

Ok. Oui, et envoies le rapport qui se trouve à la racine : C:\TDSSKIller.....txt
De rien ;)

Sas20 Messages postés 12 Statut Membre

16:07:17.0084 5696 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:07:36.0238 5696 ============================================================
16:07:36.0238 5696 Current date / time: 2014/01/10 16:07:36.0238
16:07:36.0238 5696 SystemInfo:
16:07:36.0238 5696
16:07:36.0238 5696 OS Version: 6.1.7601 ServicePack: 1.0
16:07:36.0238 5696 Product type: Workstation
16:07:36.0238 5696 ComputerName: HP-PROBOOK
16:07:36.0238 5696 UserName: Collégien
16:07:36.0239 5696 Windows directory: C:\Windows
16:07:36.0239 5696 System windows directory: C:\Windows
16:07:36.0239 5696 Processor architecture: Intel x86
16:07:36.0239 5696 Number of processors: 2
16:07:36.0239 5696 Page size: 0x1000
16:07:36.0239 5696 Boot type: Normal boot
16:07:36.0239 5696 ============================================================
16:07:37.0824 5696 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:07:37.0852 5696 Drive \Device\Harddisk1\DR1 - Size: 0x1DE000000 (7.47 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:07:37.0858 5696 ============================================================
16:07:37.0858 5696 \Device\Harddisk0\DR0:
16:07:37.0859 5696 MBR partitions:
16:07:37.0859 5696 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96800
16:07:37.0859 5696 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x97000, BlocksNum 0x1AF2F800
16:07:37.0859 5696 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1AFC6800, BlocksNum 0x1E00800
16:07:37.0859 5696 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1CDC7000, BlocksNum 0x3FE000
16:07:37.0859 5696 \Device\Harddisk1\DR1:
16:07:37.0860 5696 MBR partitions:
16:07:37.0860 5696 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x12, BlocksNum 0xEEFFEE
16:07:37.0860 5696 ============================================================
16:07:37.0915 5696 C: <-> \Device\Harddisk0\DR0\Partition2
16:07:37.0969 5696 D: <-> \Device\Harddisk0\DR0\Partition3
16:07:37.0977 5696 E: <-> \Device\Harddisk0\DR0\Partition4
16:07:37.0978 5696 ============================================================
16:07:37.0978 5696 Initialize success
16:07:37.0978 5696 ============================================================
16:08:06.0969 5972 ============================================================
16:08:06.0969 5972 Scan started
16:08:06.0969 5972 Mode: Manual;
16:08:06.0969 5972 ============================================================
16:08:08.0482 5972 ================ Scan system memory ========================
16:08:08.0482 5972 System memory - ok
16:08:08.0483 5972 ================ Scan services =============================
16:08:08.0702 5972 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:08:08.0709 5972 1394ohci - ok
16:08:08.0745 5972 [ 14D45D8386823A25FF1F381F63D9F555 ] 5U876UVC C:\Windows\system32\DRIVERS\5U876.sys
16:08:08.0749 5972 5U876UVC - ok
16:08:08.0785 5972 [ 4DF5E6215A102A192B2B6DBB61F2FBA5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:08:08.0787 5972 Accelerometer - ok
16:08:08.0808 5972 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:08:08.0815 5972 ACPI - ok
16:08:08.0826 5972 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:08:08.0830 5972 AcpiPmi - ok
16:08:08.0856 5972 ADIHdAudAddService - ok
16:08:08.0948 5972 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:08:08.0951 5972 AdobeARMservice - ok
16:08:09.0010 5972 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:08:09.0026 5972 adp94xx - ok
16:08:09.0050 5972 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:08:09.0057 5972 adpahci - ok
16:08:09.0073 5972 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:08:09.0078 5972 adpu320 - ok
16:08:09.0119 5972 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:08:09.0120 5972 AeLookupSvc - ok
16:08:09.0178 5972 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\Windows\system32\drivers\afd.sys
16:08:09.0184 5972 AFD - ok
16:08:09.0234 5972 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
16:08:09.0236 5972 AgereModemAudio - ok
16:08:09.0285 5972 [ FAA5A0B80E011464C7654851CE3D7FE7 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
16:08:09.0319 5972 AgereSoftModem - ok
16:08:09.0360 5972 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
16:08:09.0364 5972 agp440 - ok
16:08:09.0375 5972 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
16:08:09.0378 5972 aic78xx - ok
16:08:09.0412 5972 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
16:08:09.0415 5972 ALG - ok
16:08:09.0450 5972 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
16:08:09.0452 5972 aliide - ok
16:08:09.0479 5972 [ A236CEE2BF90381E981EBB870429FA9B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:08:09.0484 5972 AMD External Events Utility - ok
16:08:09.0495 5972 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:08:09.0497 5972 amdagp - ok
16:08:09.0509 5972 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
16:08:09.0512 5972 amdide - ok
16:08:09.0526 5972 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:08:09.0529 5972 AmdK8 - ok
16:08:09.0539 5972 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:08:09.0541 5972 AmdPPM - ok
16:08:09.0553 5972 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:08:09.0556 5972 amdsata - ok
16:08:09.0571 5972 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:08:09.0576 5972 amdsbs - ok
16:08:09.0587 5972 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:08:09.0589 5972 amdxata - ok
16:08:09.0618 5972 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
16:08:09.0621 5972 AppID - ok
16:08:09.0636 5972 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:08:09.0638 5972 AppIDSvc - ok
16:08:09.0664 5972 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
16:08:09.0667 5972 Appinfo - ok
16:08:09.0729 5972 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:08:09.0733 5972 Apple Mobile Device - ok
16:08:09.0753 5972 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
16:08:09.0760 5972 AppMgmt - ok
16:08:09.0773 5972 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:08:09.0776 5972 arc - ok
16:08:09.0789 5972 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:08:09.0792 5972 arcsas - ok
16:08:09.0853 5972 [ 4691B3FE3717F9D9C64A5282C8543D4D ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
16:08:09.0855 5972 aswKbd - ok
16:08:09.0903 5972 [ 6F1505608202BBD179095A6A150D103F ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:08:09.0906 5972 aswMonFlt - ok
16:08:09.0938 5972 [ 2206985EF126AB90F3D7F1A020589DC9 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
16:08:09.0942 5972 aswRdr - ok
16:08:09.0975 5972 [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
16:08:09.0978 5972 aswRvrt - ok
16:08:10.0048 5972 [ 0F639D0526820BA7872C963813E0EB8D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:08:10.0068 5972 aswSnx - ok
16:08:10.0126 5972 [ 7BA7543EA7936A7ADA615F6DE7C95494 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:08:10.0136 5972 aswSP - ok
16:08:10.0167 5972 [ 37A6A39C1792BA961EE6172A0F3CA236 ] aswStm C:\Windows\system32\drivers\aswStm.sys
16:08:10.0169 5972 aswStm - ok
16:08:10.0184 5972 [ 71B22453B4CE84A4A4B28833ECA7EB18 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:08:10.0187 5972 aswTdi - ok
16:08:10.0219 5972 [ 1B0662514A68C3A42E60D240C5ABEF28 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
16:08:10.0224 5972 aswVmm - ok
16:08:10.0262 5972 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:08:10.0265 5972 AsyncMac - ok
16:08:10.0306 5972 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
16:08:10.0309 5972 atapi - ok
16:08:10.0345 5972 [ E2398389648B5D44DC63CA43FDD5B3F8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
16:08:10.0348 5972 AtiHdmiService - ok
16:08:10.0459 5972 [ A4252328D2B1520571102992EF0B0E5C ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:08:10.0576 5972 atikmdag - ok
16:08:10.0629 5972 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:08:10.0640 5972 AudioEndpointBuilder - ok
16:08:10.0652 5972 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:08:10.0658 5972 Audiosrv - ok
16:08:10.0737 5972 [ D74884939D53612FD84AC82C59CCFE27 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:08:10.0739 5972 avast! Antivirus - ok
16:08:10.0786 5972 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:08:10.0789 5972 AxInstSV - ok
16:08:10.0831 5972 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
16:08:10.0849 5972 b06bdrv - ok
16:08:10.0897 5972 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:08:10.0904 5972 b57nd60x - ok
16:08:10.0958 5972 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
16:08:10.0963 5972 BDESVC - ok
16:08:10.0998 5972 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
16:08:11.0001 5972 Beep - ok
16:08:11.0052 5972 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
16:08:11.0061 5972 BFE - ok
16:08:11.0088 5972 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
16:08:11.0096 5972 BITS - ok
16:08:11.0111 5972 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:08:11.0113 5972 blbdrive - ok
16:08:11.0195 5972 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:08:11.0218 5972 Bonjour Service - ok
16:08:11.0255 5972 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:08:11.0258 5972 bowser - ok
16:08:11.0274 5972 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:08:11.0278 5972 BrFiltLo - ok
16:08:11.0287 5972 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:08:11.0290 5972 BrFiltUp - ok
16:08:11.0326 5972 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
16:08:11.0331 5972 Browser - ok
16:08:11.0354 5972 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:08:11.0363 5972 Brserid - ok
16:08:11.0375 5972 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:08:11.0379 5972 BrSerWdm - ok
16:08:11.0396 5972 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:08:11.0399 5972 BrUsbMdm - ok
16:08:11.0413 5972 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:08:11.0416 5972 BrUsbSer - ok
16:08:11.0447 5972 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:08:11.0451 5972 BthEnum - ok
16:08:11.0465 5972 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:08:11.0469 5972 BTHMODEM - ok
16:08:11.0482 5972 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:08:11.0486 5972 BthPan - ok
16:08:11.0521 5972 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:08:11.0529 5972 BTHPORT - ok
16:08:11.0582 5972 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
16:08:11.0585 5972 bthserv - ok
16:08:11.0613 5972 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:08:11.0617 5972 BTHUSB - ok
16:08:11.0676 5972 [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:08:11.0681 5972 btwaudio - ok
16:08:11.0707 5972 [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
16:08:11.0712 5972 btwavdt - ok
16:08:11.0789 5972 [ 7D2DD14E60CE4FF3308D66FDA7990546 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:08:11.0795 5972 btwdins - ok
16:08:11.0818 5972 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:08:11.0822 5972 btwl2cap - ok
16:08:11.0832 5972 [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:08:11.0836 5972 btwrchid - ok
16:08:11.0860 5972 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:08:11.0864 5972 cdfs - ok
16:08:11.0907 5972 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:08:11.0911 5972 cdrom - ok
16:08:11.0949 5972 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
16:08:11.0953 5972 CertPropSvc - ok
16:08:11.0989 5972 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:08:11.0993 5972 circlass - ok
16:08:12.0034 5972 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
16:08:12.0041 5972 CLFS - ok
16:08:12.0180 5972 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:08:12.0186 5972 clr_optimization_v2.0.50727_32 - ok
16:08:12.0285 5972 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:08:12.0326 5972 clr_optimization_v4.0.30319_32 - ok
16:08:12.0347 5972 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:08:12.0350 5972 CmBatt - ok
16:08:12.0362 5972 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:08:12.0365 5972 cmdide - ok
16:08:12.0396 5972 [ 85449EEBE8F8EBD6481EFBF0F352B4EB ] CNG C:\Windows\system32\Drivers\cng.sys
16:08:12.0404 5972 CNG - ok
16:08:12.0487 5972 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
16:08:12.0490 5972 Com4QLBEx - ok
16:08:12.0515 5972 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:08:12.0518 5972 Compbatt - ok
16:08:12.0555 5972 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:08:12.0559 5972 CompositeBus - ok
16:08:12.0575 5972 COMSysApp - ok
16:08:12.0594 5972 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:08:12.0598 5972 crcdisk - ok
16:08:12.0650 5972 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:08:12.0658 5972 CryptSvc - ok
16:08:12.0702 5972 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
16:08:12.0719 5972 CSC - ok
16:08:12.0765 5972 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
16:08:12.0782 5972 CscService - ok
16:08:12.0802 5972 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:08:12.0828 5972 DcomLaunch - ok
16:08:12.0868 5972 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
16:08:12.0877 5972 defragsvc - ok
16:08:12.0910 5972 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:08:12.0913 5972 DfsC - ok
16:08:12.0946 5972 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:08:12.0954 5972 Dhcp - ok
16:08:12.0971 5972 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
16:08:12.0972 5972 discache - ok
16:08:12.0998 5972 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:08:13.0000 5972 Disk - ok
16:08:13.0026 5972 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:08:13.0033 5972 Dnscache - ok
16:08:13.0058 5972 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
16:08:13.0064 5972 dot3svc - ok
16:08:13.0093 5972 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
16:08:13.0101 5972 DPS - ok
16:08:13.0147 5972 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:08:13.0149 5972 drmkaud - ok
16:08:13.0187 5972 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:08:13.0221 5972 DXGKrnl - ok
16:08:13.0263 5972 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
16:08:13.0267 5972 EapHost - ok
16:08:13.0341 5972 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
16:08:13.0433 5972 ebdrv - ok
16:08:13.0456 5972 [ 803B370865D907EA21DC0C2B6A8936B5 ] EFS C:\Windows\System32\lsass.exe
16:08:13.0461 5972 EFS - ok
16:08:13.0560 5972 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:08:13.0584 5972 ehRecvr - ok
16:08:13.0637 5972 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
16:08:13.0641 5972 ehSched - ok
16:08:13.0666 5972 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:08:13.0677 5972 elxstor - ok
16:08:13.0698 5972 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:08:13.0701 5972 ErrDev - ok
16:08:13.0762 5972 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
16:08:13.0772 5972 EventSystem - ok
16:08:13.0785 5972 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
16:08:13.0791 5972 exfat - ok
16:08:13.0809 5972 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:08:13.0815 5972 fastfat - ok
16:08:13.0848 5972 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
16:08:13.0873 5972 Fax - ok
16:08:13.0889 5972 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:08:13.0893 5972 fdc - ok
16:08:13.0908 5972 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
16:08:13.0913 5972 fdPHost - ok
16:08:13.0929 5972 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
16:08:13.0935 5972 FDResPub - ok
16:08:13.0949 5972 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:08:13.0953 5972 FileInfo - ok
16:08:13.0960 5972 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:08:13.0963 5972 Filetrace - ok
16:08:14.0014 5972 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:08:14.0017 5972 flpydisk - ok
16:08:14.0059 5972 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:08:14.0063 5972 FltMgr - ok
16:08:14.0155 5972 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
16:08:14.0182 5972 FontCache - ok
16:08:14.0250 5972 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:08:14.0255 5972 FontCache3.0.0.0 - ok
16:08:14.0268 5972 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:08:14.0272 5972 FsDepends - ok
16:08:14.0294 5972 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:08:14.0298 5972 Fs_Rec - ok
16:08:14.0333 5972 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:08:14.0339 5972 fvevol - ok
16:08:14.0358 5972 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:08:14.0362 5972 gagp30kx - ok
16:08:14.0383 5972 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:08:14.0386 5972 GEARAspiWDM - ok
16:08:14.0427 5972 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
16:08:14.0452 5972 gpsvc - ok
16:08:14.0493 5972 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:08:14.0495 5972 gupdate - ok
16:08:14.0510 5972 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:08:14.0511 5972 gupdatem - ok
16:08:14.0526 5972 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:08:14.0530 5972 hcw85cir - ok
16:08:14.0573 5972 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:08:14.0581 5972 HdAudAddService - ok
16:08:14.0598 5972 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:08:14.0603 5972 HDAudBus - ok
16:08:14.0613 5972 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:08:14.0616 5972 HidBatt - ok
16:08:14.0635 5972 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:08:14.0638 5972 HidBth - ok
16:08:14.0660 5972 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:08:14.0663 5972 HidIr - ok
16:08:14.0697 5972 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
16:08:14.0701 5972 hidserv - ok
16:08:14.0731 5972 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:08:14.0734 5972 HidUsb - ok
16:08:14.0756 5972 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:08:14.0761 5972 hkmsvc - ok
16:08:14.0775 5972 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:08:14.0782 5972 HomeGroupListener - ok
16:08:14.0806 5972 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:08:14.0814 5972 HomeGroupProvider - ok
16:08:14.0867 5972 [ 0141816A095A3F5A83FFA5B4A47B8023 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
16:08:14.0869 5972 HP Health Check Service - ok
16:08:14.0891 5972 [ E1D82F0C8456ABB03B7DF5D623CA47D1 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:08:14.0895 5972 hpdskflt - ok
16:08:14.0921 5972 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:08:14.0924 5972 HpqKbFiltr - ok
16:08:14.0982 5972 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
16:08:14.0989 5972 hpqwmiex - ok
16:08:15.0030 5972 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:08:15.0034 5972 HpSAMD - ok
16:08:15.0049 5972 [ D1F817E61D52816996B8F1EBA9A38276 ] hpsrv C:\Windows\system32\Hpservice.exe
16:08:15.0054 5972 hpsrv - ok
16:08:15.0095 5972 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:08:15.0106 5972 HTTP - ok
16:08:15.0120 5972 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:08:15.0121 5972 hwpolicy - ok
16:08:15.0151 5972 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:08:15.0154 5972 i8042prt - ok
16:08:15.0196 5972 [ F54B3DB096ABD6E9BBBD052FD3878A48 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:08:15.0204 5972 IAANTMON - ok
16:08:15.0241 5972 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:08:15.0243 5972 iaStor - ok
16:08:15.0276 5972 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:08:15.0283 5972 iaStorV - ok
16:08:15.0327 5972 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:08:15.0352 5972 idsvc - ok
16:08:15.0376 5972 IEEtwCollectorService - ok
16:08:15.0498 5972 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
16:08:15.0620 5972 igfx - ok
16:08:15.0657 5972 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:08:15.0660 5972 iirsp - ok
16:08:15.0687 5972 [ B9C54120F46392100478F58F374E5709 ] IKEEXT C:\Windows\System32\ikeext.dll
16:08:15.0705 5972 IKEEXT - ok
16:08:15.0729 5972 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
16:08:15.0732 5972 intelide - ok
16:08:15.0743 5972 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:08:15.0745 5972 intelppm - ok
16:08:15.0785 5972 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:08:15.0790 5972 IPBusEnum - ok
16:08:15.0800 5972 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:08:15.0805 5972 IpFilterDriver - ok
16:08:15.0843 5972 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:08:15.0861 5972 iphlpsvc - ok
16:08:15.0885 5972 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:08:15.0888 5972 IPMIDRV - ok
16:08:15.0900 5972 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:08:15.0903 5972 IPNAT - ok
16:08:15.0977 5972 [ 066F2BBE2EEC9A42B065B552BF356B4E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:08:15.0994 5972 iPod Service - ok
16:08:16.0017 5972 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:08:16.0020 5972 IRENUM - ok
16:08:16.0039 5972 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:08:16.0042 5972 isapnp - ok
16:08:16.0072 5972 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:08:16.0077 5972 iScsiPrt - ok
16:08:16.0097 5972 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:08:16.0099 5972 kbdclass - ok
16:08:16.0111 5972 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:08:16.0114 5972 kbdhid - ok
16:08:16.0130 5972 [ 803B370865D907EA21DC0C2B6A8936B5 ] KeyIso C:\Windows\system32\lsass.exe
16:08:16.0133 5972 KeyIso - ok
16:08:16.0150 5972 [ F286830298323272260332D6ABC905C1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:08:16.0152 5972 KSecDD - ok
16:08:16.0171 5972 [ D7C760D57B1656DD748B9E4AB6CB5A51 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:08:16.0175 5972 KSecPkg - ok
16:08:16.0218 5972 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
16:08:16.0241 5972 KtmRm - ok
16:08:16.0268 5972 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
16:08:16.0285 5972 LanmanServer - ok
16:08:16.0298 5972 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:08:16.0309 5972 LanmanWorkstation - ok
16:08:16.0367 5972 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:08:16.0370 5972 lltdio - ok
16:08:16.0397 5972 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:08:16.0406 5972 lltdsvc - ok
16:08:16.0424 5972 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
16:08:16.0429 5972 lmhosts - ok
16:08:16.0460 5972 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:08:16.0464 5972 LSI_FC - ok
16:08:16.0478 5972 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:08:16.0481 5972 LSI_SAS - ok
16:08:16.0497 5972 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:08:16.0500 5972 LSI_SAS2 - ok
16:08:16.0510 5972 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:08:16.0513 5972 LSI_SCSI - ok
16:08:16.0525 5972 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
16:08:16.0528 5972 luafv - ok
16:08:16.0584 5972 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:08:16.0587 5972 MBAMProtector - ok
16:08:16.0650 5972 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:08:16.0667 5972 MBAMScheduler - ok
16:08:16.0695 5972 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:08:16.0718 5972 MBAMService - ok
16:08:16.0748 5972 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:08:16.0756 5972 Mcx2Svc - ok
16:08:16.0774 5972 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:08:16.0778 5972 megasas - ok
16:08:16.0798 5972 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:08:16.0806 5972 MegaSR - ok
16:08:16.0828 5972 [ 64B96DE8C492BD435372D9130A535F1D ] MfeAVFK C:\Windows\system32\drivers\MfeAVFK.sys
16:08:16.0832 5972 MfeAVFK - ok
16:08:16.0844 5972 [ 078E87A89D36CC3516F19D5FB518BDDC ] MfeBOPK C:\Windows\system32\drivers\MfeBOPK.sys
16:08:16.0847 5972 MfeBOPK - ok
16:08:16.0869 5972 [ 168C565101FD5B9DB694EFDEC91FAFA9 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
16:08:16.0875 5972 mfehidk - ok
16:08:16.0891 5972 [ E0842F67DC9BC4D21D1E319610EBE9E5 ] MfeRKDK C:\Windows\system32\drivers\MfeRKDK.sys
16:08:16.0895 5972 MfeRKDK - ok
16:08:16.0912 5972 [ 43A7ACBBD70ECD62F0B63486C72089A3 ] mfetdik C:\Windows\system32\drivers\mfetdik.sys
16:08:16.0916 5972 mfetdik - ok
16:08:16.0961 5972 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
16:08:16.0969 5972 MMCSS - ok
16:08:17.0025 5972 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
16:08:17.0028 5972 Modem - ok
16:08:17.0060 5972 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:08:17.0061 5972 monitor - ok
16:08:17.0081 5972 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
16:08:17.0084 5972 mouclass - ok
16:08:17.0095 5972 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:08:17.0098 5972 mouhid - ok
16:08:17.0126 5972 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:08:17.0128 5972 mountmgr - ok
16:08:17.0150 5972 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
16:08:17.0154 5972 mpio - ok
16:08:17.0163 5972 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:08:17.0165 5972 mpsdrv - ok
16:08:17.0201 5972 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:08:17.0228 5972 MpsSvc - ok
16:08:17.0252 5972 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:08:17.0256 5972 MRxDAV - ok
16:08:17.0288 5972 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:08:17.0292 5972 mrxsmb - ok
16:08:17.0311 5972 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:08:17.0318 5972 mrxsmb10 - ok
16:08:17.0336 5972 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:08:17.0339 5972 mrxsmb20 - ok
16:08:17.0363 5972 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
16:08:17.0366 5972 msahci - ok
16:08:17.0381 5972 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:08:17.0385 5972 msdsm - ok
16:08:17.0419 5972 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
16:08:17.0425 5972 MSDTC - ok
16:08:17.0444 5972 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:08:17.0447 5972 Msfs - ok
16:08:17.0457 5972 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:08:17.0459 5972 mshidkmdf - ok
16:08:17.0488 5972 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:08:17.0491 5972 msisadrv - ok
16:08:17.0539 5972 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:08:17.0547 5972 MSiSCSI - ok
16:08:17.0554 5972 msiserver - ok
16:08:17.0613 5972 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:08:17.0617 5972 MSKSSRV - ok
16:08:17.0645 5972 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:08:17.0648 5972 MSPCLOCK - ok
16:08:17.0657 5972 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:08:17.0660 5972 MSPQM - ok
16:08:17.0680 5972 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:08:17.0686 5972 MsRPC - ok
16:08:17.0705 5972 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:08:17.0706 5972 mssmbios - ok
16:08:17.0721 5972 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:08:17.0724 5972 MSTEE - ok
16:08:17.0742 5972 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:08:17.0745 5972 MTConfig - ok
16:08:17.0762 5972 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
16:08:17.0765 5972 Mup - ok
16:08:17.0796 5972 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
16:08:17.0813 5972 napagent - ok
16:08:17.0841 5972 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:08:17.0847 5972 NativeWifiP - ok
16:08:17.0923 5972 [ E59AFB64C2F6E0C99350E1C944C75088 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
16:08:17.0931 5972 NAUpdate - ok
16:08:17.0979 5972 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:08:17.0993 5972 NDIS - ok
16:08:18.0035 5972 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:08:18.0039 5972 NdisCap - ok
16:08:18.0061 5972 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:08:18.0064 5972 NdisTapi - ok
16:08:18.0089 5972 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:08:18.0091 5972 Ndisuio - ok
16:08:18.0106 5972 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:08:18.0110 5972 NdisWan - ok
16:08:18.0158 5972 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:08:18.0163 5972 NDProxy - ok
16:08:18.0200 5972 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:08:18.0203 5972 NetBIOS - ok
16:08:18.0281 5972 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:08:18.0286 5972 NetBT - ok
16:08:18.0300 5972 [ 803B370865D907EA21DC0C2B6A8936B5 ] Netlogon C:\Windows\system32\lsass.exe
16:08:18.0305 5972 Netlogon - ok
16:08:18.0397 5972 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
16:08:18.0402 5972 Netman - ok
16:08:18.0421 5972 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
16:08:18.0427 5972 netprofm - ok
16:08:18.0454 5972 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:08:18.0459 5972 NetTcpPortSharing - ok
16:08:18.0596 5972 [ D1F531B61CB35422D691E545DE60554C ] NETw1v32 C:\Windows\system32\DRIVERS\NETw1v32.sys
16:08:18.0744 5972 NETw1v32 - ok
16:08:18.0946 5972 [ 5B2DFA9C5C02DDF2A113CC0F551B59DF ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
16:08:19.0111 5972 NETw5s32 - ok
16:08:19.0193 5972 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
16:08:19.0308 5972 netw5v32 - ok
16:08:19.0333 5972 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:08:19.0335 5972 nfrd960 - ok
16:08:19.0363 5972 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:08:19.0371 5972 NlaSvc - ok
16:08:19.0383 5972 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:08:19.0385 5972 Npfs - ok
16:08:19.0422 5972 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
16:08:19.0431 5972 nsi - ok
16:08:19.0446 5972 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:08:19.0448 5972 nsiproxy - ok
16:08:19.0498 5972 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:08:19.0526 5972 Ntfs - ok
16:08:19.0539 5972 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
16:08:19.0541 5972 Null - ok
16:08:19.0555 5972 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:08:19.0558 5972 nvraid - ok
16:08:19.0589 5972 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:08:19.0594 5972 nvstor - ok
16:08:19.0609 5972 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:08:19.0613 5972 nv_agp - ok
16:08:19.0634 5972 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:08:19.0637 5972 ohci1394 - ok
16:08:19.0651 5972 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:08:19.0660 5972 p2pimsvc - ok
16:08:19.0673 5972 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
16:08:19.0683 5972 p2psvc - ok
16:08:19.0703 5972 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:08:19.0706 5972 Parport - ok
16:08:19.0726 5972 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:08:19.0730 5972 partmgr - ok
16:08:19.0742 5972 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
16:08:19.0745 5972 Parvdm - ok
16:08:19.0759 5972 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:08:19.0764 5972 PcaSvc - ok
16:08:19.0778 5972 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
16:08:19.0781 5972 pci - ok
16:08:19.0806 5972 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
16:08:19.0808 5972 pciide - ok
16:08:19.0822 5972 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:08:19.0827 5972 pcmcia - ok
16:08:19.0837 5972 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
16:08:19.0839 5972 pcw - ok
16:08:19.0880 5972 pdfcDispatcher - ok
16:08:19.0905 5972 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:08:19.0922 5972 PEAUTH - ok
16:08:19.0949 5972 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:08:19.0975 5972 PeerDistSvc - ok
16:08:20.0034 5972 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
16:08:20.0122 5972 pla - ok
16:08:20.0175 5972 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:08:20.0200 5972 PlugPlay - ok
16:08:20.0212 5972 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:08:20.0222 5972 PNRPAutoReg - ok
16:08:20.0237 5972 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:08:20.0242 5972 PNRPsvc - ok
16:08:20.0265 5972 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:08:20.0273 5972 PolicyAgent - ok
16:08:20.0301 5972 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
16:08:20.0309 5972 Power - ok
16:08:20.0349 5972 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:08:20.0351 5972 PptpMiniport - ok
16:08:20.0389 5972 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:08:20.0392 5972 Processor - ok
16:08:20.0427 5972 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
16:08:20.0434 5972 ProfSvc - ok
16:08:20.0445 5972 [ 803B370865D907EA21DC0C2B6A8936B5 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:08:20.0448 5972 ProtectedStorage - ok
16:08:20.0472 5972 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:08:20.0475 5972 Psched - ok
16:08:20.0506 5972 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:08:20.0535 5972 ql2300 - ok
16:08:20.0547 5972 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:08:20.0550 5972 ql40xx - ok
16:08:20.0594 5972 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
16:08:20.0616 5972 QWAVE - ok
16:08:20.0630 5972 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:08:20.0633 5972 QWAVEdrv - ok
16:08:20.0643 5972 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:08:20.0646 5972 RasAcd - ok
16:08:20.0683 5972 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:08:20.0686 5972 RasAgileVpn - ok
16:08:20.0702 5972 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
16:08:20.0719 5972 RasAuto - ok
16:08:20.0726 5972 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:08:20.0729 5972 Rasl2tp - ok
16:08:20.0763 5972 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
16:08:20.0784 5972 RasMan - ok
16:08:20.0796 5972 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:08:20.0799 5972 RasPppoe - ok
16:08:20.0812 5972 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:08:20.0815 5972 RasSstp - ok
16:08:20.0830 5972 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:08:20.0835 5972 rdbss - ok
16:08:20.0849 5972 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:08:20.0851 5972 rdpbus - ok
16:08:20.0871 5972 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:08:20.0873 5972 RDPCDD - ok
16:08:20.0888 5972 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:08:20.0894 5972 RDPDR - ok
16:08:20.0911 5972 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:08:20.0912 5972 RDPENCDD - ok
16:08:20.0919 5972 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:08:20.0921 5972 RDPREFMP - ok
16:08:20.0943 5972 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:08:20.0949 5972 RDPWD - ok
16:08:20.0974 5972 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:08:20.0978 5972 rdyboost - ok
16:08:21.0017 5972 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
16:08:21.0022 5972 RemoteAccess - ok
16:08:21.0094 5972 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:08:21.0111 5972 RemoteRegistry - ok
16:08:21.0130 5972 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:08:21.0136 5972 RFCOMM - ok
16:08:21.0158 5972 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:08:21.0168 5972 RpcEptMapper - ok
16:08:21.0183 5972 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
16:08:21.0190 5972 RpcLocator - ok
16:08:21.0210 5972 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
16:08:21.0221 5972 RpcSs - ok
16:08:21.0232 5972 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:08:21.0235 5972 rspndr - ok
16:08:21.0261 5972 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:08:21.0264 5972 s3cap - ok
16:08:21.0278 5972 [ 803B370865D907EA21DC0C2B6A8936B5 ] SamSs C:\Windows\system32\lsass.exe
16:08:21.0281 5972 SamSs - ok
16:08:21.0315 5972 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:08:21.0318 5972 sbp2port - ok
16:08:21.0330 5972 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:08:21.0338 5972 SCardSvr - ok
16:08:21.0352 5972 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:08:21.0355 5972 scfilter - ok
16:08:21.0391 5972 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
16:08:21.0417 5972 Schedule - ok
16:08:21.0429 5972 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:08:21.0430 5972 SCPolicySvc - ok
16:08:21.0461 5972 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:08:21.0468 5972 SDRSVC - ok
16:08:21.0493 5972 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:08:21.0495 5972 secdrv - ok
16:08:21.0509 5972 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
16:08:21.0515 5972 seclogon - ok
16:08:21.0526 5972 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
16:08:21.0533 5972 SENS - ok
16:08:21.0542 5972 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:08:21.0548 5972 SensrSvc - ok
16:08:21.0564 5972 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:08:21.0567 5972 Serenum - ok
16:08:21.0579 5972 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:08:21.0582 5972 Serial - ok
16:08:21.0596 5972 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:08:21.0599 5972 sermouse - ok
16:08:21.0632 5972 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
16:08:21.0639 5972 SessionEnv - ok
16:08:21.0663 5972 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:08:21.0666 5972 sffdisk - ok
16:08:21.0674 5972 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:08:21.0677 5972 sffp_mmc - ok
16:08:21.0690 5972 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:08:21.0693 5972 sffp_sd - ok
16:08:21.0704 5972 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:08:21.0708 5972 sfloppy - ok
16:08:21.0750 5972 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:08:21.0758 5972 SharedAccess - ok
16:08:21.0774 5972 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:08:21.0784 5972 ShellHWDetection - ok
16:08:21.0799 5972 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:08:21.0803 5972 sisagp - ok
16:08:21.0823 5972 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:08:21.0826 5972 SiSRaid2 - ok
16:08:21.0842 5972 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:08:21.0845 5972 SiSRaid4 - ok
16:08:21.0860 5972 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:08:21.0863 5972 Smb - ok
16:08:21.0916 5972 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:08:21.0922 5972 SNMPTRAP - ok
16:08:21.0935 5972 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
16:08:21.0937 5972 spldr - ok
16:08:21.0973 5972 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
16:08:21.0989 5972 Spooler - ok
16:08:22.0084 5972 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
16:08:22.0109 5972 sppsvc - ok
16:08:22.0137 5972 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:08:22.0143 5972 sppuinotify - ok
16:08:22.0170 5972 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:08:22.0176 5972 srv - ok
16:08:22.0189 5972 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:08:22.0195 5972 srv2 - ok
16:08:22.0213 5972 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:08:22.0217 5972 srvnet - ok
16:08:22.0235 5972 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:08:22.0241 5972 SSDPSRV - ok
16:08:22.0255 5972 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:08:22.0263 5972 SstpSvc - ok
16:08:22.0295 5972 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:08:22.0298 5972 stexstor - ok
16:08:22.0336 5972 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
16:08:22.0360 5972 StiSvc - ok
16:08:22.0375 5972 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:08:22.0378 5972 storflt - ok
16:08:22.0390 5972 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
16:08:22.0397 5972 StorSvc - ok
16:08:22.0418 5972 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:08:22.0420 5972 storvsc - ok
16:08:22.0434 5972 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
16:08:22.0437 5972 swenum - ok
16:08:22.0452 5972 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
16:08:22.0469 5972 swprv - ok
16:08:22.0513 5972 [ 596573E770D7743CE66C54390857F697 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:08:22.0518 5972 SynTP - ok
16:08:22.0554 5972 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
16:08:22.0591 5972 SysMain - ok
16:08:22.0617 5972 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:08:22.0625 5972 TabletInputService - ok
16:08:22.0669 5972 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
16:08:22.0686 5972 TapiSrv - ok
16:08:22.0700 5972 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
16:08:22.0717 5972 TBS - ok
16:08:22.0765 5972 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:08:22.0800 5972 Tcpip - ok
16:08:22.0848 5972 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:08:22.0861 5972 TCPIP6 - ok
16:08:22.0891 5972 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:08:22.0894 5972 tcpipreg - ok
16:08:22.0920 5972 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:08:22.0923 5972 TDPIPE - ok
16:08:22.0934 5972 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:08:22.0937 5972 TDTCP - ok
16:08:22.0966 5972 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:08:22.0969 5972 tdx - ok
16:08:22.0995 5972 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:08:22.0997 5972 TermDD - ok
16:08:23.0038 5972 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
16:08:23.0063 5972 TermService - ok
16:08:23.0074 5972 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
16:08:23.0080 5972 Themes - ok
16:08:23.0091 5972 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
16:08:23.0095 5972 THREADORDER - ok
16:08:23.0143 5972 [ 0DABAA63799B0BF20F95C73CE5D9CA87 ] TICalc C:\Windows\system32\drivers\TICalc.sys
16:08:23.0146 5972 TICalc - ok
16:08:23.0175 5972 [ A1124EBC672AA3AE1B327096C1DCC346 ] TIEHDUSB C:\Windows\system32\drivers\tiehdusb.sys
16:08:23.0180 5972 TIEHDUSB - ok
16:08:23.0228 5972 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
16:08:23.0232 5972 TPM - ok
16:08:23.0294 5972 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
16:08:23.0328 5972 TrkWks - ok
16:08:23.0377 5972 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:08:23.0383 5972 TrustedInstaller - ok
16:08:23.0417 5972 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:08:23.0422 5972 tssecsrv - ok
16:08:23.0473 5972 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:08:23.0478 5972 TsUsbFlt - ok
16:08:23.0538 5972 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:08:23.0542 5972 tunnel - ok
16:08:23.0556 5972 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:08:23.0560 5972 uagp35 - ok
16:08:23.0578 5972 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:08:23.0586 5972 udfs - ok
16:08:23.0624 5972 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:08:23.0636 5972 UI0Detect - ok
16:08:23.0646 5972 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:08:23.0650 5972 uliagpkx - ok
16:08:23.0689 5972 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
16:08:23.0692 5972 umbus - ok
16:08:23.0708 5972 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:08:23.0711 5972 UmPass - ok
16:08:23.0741 5972 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
16:08:23.0750 5972 UmRdpService - ok
16:08:23.0767 5972 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
16:08:23.0774 5972 upnphost - ok
16:08:23.0806 5972 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
16:08:23.0809 5972 USBAAPL - ok
16:08:23.0836 5972 [ 71D97F1A3CC47A56728F7A400A3F8295 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:08:23.0839 5972 usbccgp - ok
16:08:23.0851 5972 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:08:23.0854 5972 usbcir - ok
16:08:23.0867 5972 [ C4FB8E7ADEA9B5CEEA885A1B504B7E40 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:08:23.0870 5972 usbehci - ok
16:08:23.0884 5972 [ 86AA95ACB611001E26CD2C0145F2225A ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:08:23.0890 5972 usbhub - ok
16:08:23.0898 5972 [ DCDF9855145A14DFCA0AB32308871961 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:08:23.0901 5972 usbohci - ok
16:08:23.0923 5972 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:08:23.0926 5972 usbprint - ok
16:08:23.0941 5972 [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:08:23.0944 5972 usbscan - ok
16:08:23.0956 5972 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:08:23.0959 5972 USBSTOR - ok
16:08:23.0969 5972 [ 8E51D04175BAA14C4F79AA5F6D248770 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:08:23.0972 5972 usbuhci - ok
16:08:24.0007 5972 [ DE014425522610BEDCA3821BB8C0F1D5 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:08:24.0011 5972 usbvideo - ok
16:08:24.0021 5972 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
16:08:24.0028 5972 UxSms - ok
16:08:24.0042 5972 [ 803B370865D907EA21DC0C2B6A8936B5 ] VaultSvc C:\Windows\system32\lsass.exe
16:08:24.0046 5972 VaultSvc - ok
16:08:24.0062 5972 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system3

Réponse 5 / 7

Faeris Messages postés 795 Statut Membre 155

Ok, il n'a rien détecté. ;)

/!\Ce qui suit est exclusivement réservé à l'auteur de ce topic, son utilisation sur un autre ordinateur risque d'endommager le système /!\

Ce script va cibler certains éléments à supprimer :

▶ Ouvre ce lien, sélectionne le script en entier et copie le (Edition --> Copier)
▶ Fais un clic-droit sur le raccourci de ZHPFix et choisis "Exécuter en temps qu'administrateur"
▶ Clique sur IMPORTER
▶ Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
▶ Clique sur le bouton « GO » pour lancer le nettoyage,
▶ Copie/colle la totalité du rapport dans ta prochaine réponse

Ensuite, dis moi si tu constates encore des problèmes.

Sas20 Messages postés 12 Statut Membre

Rapport de ZHPFix 2013.12.14.5 par Nicolas Coolman, Update du 06/12/2013
Fichier d'export Registre :
Run by Collégien at 10/01/2014 18:07:28
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)

Corbeille vidée (00mn 16s)
Réparation des raccourcis navigateur

========== Logiciels ==========
ABSENT Uninstall Process: c:\usbfix\un-usbfix.exe
SUPPRIMÉ O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix

========== Processus mémoire ==========
SUPPRIMÉ: Memory Process: C:\Users\Collégien\AppData\Local\Temp\BoxoreInstaller.exe
SUPPRIMÉ: Memory Process: C:\Users\Collégien\AppData\Local\Temp\Extract.exe
SUPPRIMÉ: Memory Process: C:\Users\Collégien\AppData\Local\Temp\BackupSetup.exe
SUPPRIMÉ: Memory Process: C:\Users\Collégien\AppData\Local\Temp\Quarantine.exe
SUPPRIMÉ: Memory Process: C:\Users\Collégien\AppData\Local\Temp\wlsetupc.exe

========== Clés du Registre ==========
SUPPRIMÉ: CLSID ASIC: \SOFTWARE\Microsoft\Active Setup\Installed Components\{LD5BC301-7F16-1V42-F3VP-8K4PC23067A5}
SUPPRIMÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Usbfix]

========== Valeurs du Registre ==========
SUPPRIMÉ: TCP Query User{66C7D480-9E40-4340-929A-C6DE0D08091A}C:\users\collégien\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIMÉ: UDP Query User{7F77AD0B-B328-4D87-8810-0E5B839D69F0}C:\users\collégien\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIMÉ: {8B6E1E80-F7C0-4923-9CFB-78BEDB7B1822}
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value

========== Dossiers ==========
SUPPRIMÉ: C:\UsbFix
SUPPRIMÉS Flash Cookies (0)
SUPPRIMÉS Temporaires Windows (327)

========== Fichiers ==========
SUPPRIMÉ: c:\windows\prefetch\wajam_2207-6c14163c.exe-e9938b41.pf
SUPPRIMÉ: c:\windows\prefetch\obboxore_0912-99e29667.exe-9d85b498.pf
SUPPRIMÉ: c:\windows\prefetch\boxoreinstaller.exe-ac10d33f.pf
SUPPRIMÉ: c:\windows\prefetch\lollipopinstaller_14657.exe-d441c35a.pf
SUPPRIMÉ: c:\windows\prefetch\lollipop.exe-b135f3af.pf
SUPPRIMÉ: c:\windows\prefetch\wajamupdaterv3.exe-5c58bd99.pf
SUPPRIMÉ: c:\windows\prefetch\duuqucrashhandler.exe-2c9640e0.pf
SUPPRIMÉ: c:\windows\system32\doerrors.log
SUPPRIMÉ: c:\windows\prefetch\fdfddt~1.pif-c7b861fe.pf
SUPPRIMÉ: c:\windows\prefetch\5454ti~1.pif-aa3b26dd.pf
SUPPRIMÉ: c:\windows\prefetch\data.exe-d4d69660.pf
SUPPRIMÉ: c:\windows\prefetch\ins8752.exe-8589e837.pf
SUPPRIMÉ: c:\windows\prefetch\framefox_1909-357c9206.exe-6cd8ad51.pf
SUPPRIMÉ: c:\windows\prefetch\ie_approveext.exe-bce065b7.pf
SUPPRIMÉ: c:\windows\prefetch\go.exe-0a7de786.pf
SUPPRIMÉ: c:\windows\prefetch\instup.exe-52ac782a.pf
SUPPRIMÉ: c:\windows\prefetch\qlbpresov.exe-895f97f3.pf
SUPPRIMÉ: C:\Users\Collégien\AppData\Local\Temp\chart_data.dat
SUPPRIMÉ: C:\Users\Collégien\AppData\Local\Temp\uninstall.bat
SUPPRIMÉ: c:\windows\prefetch\framefox.exe-63aa1ed8.pf
SUPPRIMÉS Flash Cookies (0) (0 octets)
SUPPRIMÉS Temporaires Windows (2736) (4 242 337 872 octets)

========== Fichier HOSTS ==========
Le fichier Hosts n'est pas réparé, veuillez désactiver votre antivirus.

========== Tache planifiée ==========
SUPPRIMÉ: {1BD4E997-15A2-48C4-9546-F52897AEC232}
SUPPRIMÉ: {C3277125-8DAF-4AEE-B1AA-9A6B99F61359}

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Autre ==========
NON TRAITÉ Warning: possible TDL3 rootkit infection !

========== Récapitulatif ==========
5 : Processus mémoire
2 : Clés du Registre
9 : Valeurs du Registre
3 : Dossiers
22 : Fichiers
2 : Logiciels
1 : Fichier HOSTS
2 : Tache planifiée
1 : Restauration Système
1 : Autre

End of clean in 01mn 39s

========== Chemin de fichier rapport ==========
C:\Users\Collégien\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/01/2014 18:07:45 [3925]

Sas20 Messages postés 12 Statut Membre

J'ai refait un scan comme tu m'as dit mais cette fois l'antivirus désactiver

Rapport de ZHPFix 2013.12.14.5 par Nicolas Coolman, Update du 06/12/2013
Fichier d'export Registre :
Run by Collégien at 10/01/2014 18:18:57
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)

Corbeille vidée (00mn 09s)
Réparation des raccourcis navigateur

========== Valeurs du Registre ==========
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value

========== Dossiers ==========
SUPPRIMÉS Flash Cookies (0)
SUPPRIMÉS Temporaires Windows (2)

========== Fichiers ==========
SUPPRIMÉS Flash Cookies (0) (0 octets)
SUPPRIMÉS Temporaires Windows (1) (0 octets)

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Autre ==========
NON TRAITÉ Warning: possible TDL3 rootkit infection !

========== Récapitulatif ==========
6 : Valeurs du Registre
2 : Dossiers
2 : Fichiers
1 : Restauration Système
1 : Autre

End of clean in 00mn 21s

========== Chemin de fichier rapport ==========
C:\Users\Collégien\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/01/2014 18:07:45 [4009]
C:\Users\Collégien\AppData\Roaming\ZHP\ZHPFix[R2].txt - 10/01/2014 18:19:07 [1249]

Réponse 6 / 7

Faeris Messages postés 795 Statut Membre 155

Ok. Evite quand même de passer plusieurs fois de suite un même script ZHPFIX. Est-ce qu'il y a encore des problèmes ?

Sas20 Messages postés 12 Statut Membre

Ah d'accord. Non tout à l'ai d'être rentré dans l'ordre, du moins je l'espère :)
J'aurais juste une dernière chose à te demander à ton avis quel antivirus je devrais télécharger pour être mieux protégée ? Parce que Avast! ne m'as pas l'air très efficace. :S

Merci beaucoup d'avoir résolus mon problème :) Comme quoi il existe encore de bonne personne !

Réponse 7 / 7

Faeris Messages postés 795 Statut Membre 155

Haha, il en existe bien plus qu'on ne le pense. :) C'est gentil.
Pour l'antivirus, je ne suis pas non plus un fan d'Avast, surtout de la version 2014.
Tu peux télécharger :

==> AVG Free antivirus 2014

Ou

==> Avira Free Antivirus (Anciennement Antivir)

▶ Télécharge Delfix de Xplode et lance le.
▶ Coche toutes les cases sauf la dernière et clique sur exécuter
▶ Poste le rapport dans ta prochaine réponse

Dorénavant :

- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme O1net modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.
- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.

▶ N'oublie pas de garder Windows à jour via Windows Update (accessible via le menu démarrer, dans la liste des programmes). L'idéal est de laisser activées les mises à jour automatiques.

▶ Garde aussi tes logiciels à jour, c'est très important d'avoir les dernières versions pour combler les failles de sécurité. Des logiciels comme FileHippo Update Checker t'aident à maintenir ton système à jour.

▶ Pour naviguer sur internet plus en sécurité et à l'abri des publicités, je te conseille vivement d'installer ces deux extensions disponibles sur la plupart des navigateurs : Ad-block plus et WOT

▶ Ne pas avoir un comportement à risque (installer tout et n'importe quoi sans réfléchir, télécharger des cracks...) Consulte ceci pour comprendre comment les infections actuelles se propagent et savoir les éviter : Prévention et sécurité sur internet.

Quelques liens utiles :

▶ Les dangers du peer-to-peer
▶ La sécurité de son ordinateur
▶ Sécuriser son ordinateur
▶ Pourquoi maintenir son navigateur à jour ?
▶ Les barres d'outils-toolbars
▶ Entretenir son ordinateurs - Performances
▶ Entretenir son ordinateurs - Matériel
▶ L'extension de navigateur WOT

Sas20 Messages postés 12 Statut Membre

Merci pour ton aide et tes conseils :)
Mais ce virus je l'ai attrapé sur les PC de mon lycée on a été prévenu seulement après qu'il y'avait un virus et qu'il se propagé par le biais des clés USB .. Super --'.

Voilà le rapport :
# DelFix v10.6 - Rapport créé le 10/01/2014 à 20:50:28
# Mis à jour le 11/11/2013 par Xplode
# Nom d'utilisateur : Collégien - HP-PROBOOK
# Système d'exploitation : Windows 7 Professional Service Pack 1 (32 bits)

~ Activation de l'UAC ... OK

~ Suppression des outils de désinfection ...

Supprimé : C:\AdwCleaner
Supprimé : C:\Users\Collégien\AppData\Roaming\ZHP
Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
Supprimé : C:\Program Files\ZHPDiag
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\TDSSKiller.2.8.16.0_10.01.2014_16.07.17_log.txt
Supprimé : C:\UsbFix [Clean 1] HP-PROBOOK.txt
Supprimé : C:\UsbFix [Clean 2] HP-PROBOOK.txt
Supprimé : C:\UsbFix [Scan 1] HP-PROBOOK.txt
Supprimé : C:\UsbFix [Scan 2] HP-PROBOOK.txt
Supprimé : C:\Users\Collégien\Desktop\tdsskiller.exe
Supprimé : C:\Users\Collégien\Desktop\UsbFix.lnk
Supprimé : C:\Users\Collégien\Desktop\ZHPDiag.lnk
Supprimé : C:\Users\Collégien\Desktop\ZHPFix.lnk
Supprimé : C:\Users\Collégien\Downloads\adwcleaner-3.016.exe
Supprimé : C:\Users\Collégien\Downloads\JRT.exe
Supprimé : C:\Users\Collégien\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.msi
Supprimé : C:\Users\Collégien\Downloads\UsbFix.exe
Supprimé : C:\Users\Collégien\Downloads\ZHPDiag2.exe
Supprimée : HKCU\Software\USBFix
Supprimée : HKLM\SOFTWARE\AdwCleaner
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

~ Sauvegarde de la base de registre ... OK

~ Purge de la restauration système ...

Supprimé : RP #204 [Windows Update | 12/20/2013 18:22:26]
Supprimé : RP #206 [avast! antivirus system restore point | 12/22/2013 14:28:13]
Supprimé : RP #207 [Windows Update | 12/24/2013 13:16:48]
Supprimé : RP #208 [Windows Update | 12/31/2013 12:05:41]
Supprimé : RP #209 [Windows Update | 01/03/2014 14:58:22]
Supprimé : RP #210 [Windows Update | 01/07/2014 19:40:08]
Supprimé : RP #211 [Removed Java(TM) 6 Update 39 | 01/09/2014 19:14:24]
Supprimé : RP #212 [Installed Java 7 Update 45 | 01/09/2014 19:16:19]
Supprimé : RP #214 [ZHPFix Restore System Point | 01/10/2014 17:06:50]
Supprimé : RP #216 [ZHPFix Restore System Point | 01/10/2014 17:18:49]

Nouveau point de restauration créé !

########## - EOF - ##########

Faeris Messages postés 795 Statut Membre 155

Ok nickel, bonne continuation. Sans malware de préférence ;)

Sas20 Messages postés 12 Statut Membre

Oui de préférence. Merci beaucoup encore t'es un génie :)

Faeris Messages postés 795 Statut Membre 155

N'exagérons rien.. ;)

Virus trz.tmp gros soucis

7 réponses

Votre réponse

Discussions similaires

Newsletters