Aller au contenu

BILOU1

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    20

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par BILOU1

  1. BILOU1
    Bonjour, Déjà fait mais ça n'a rien changé. Je pense à un problème Windows. T'en dit quoi? A +
  2. BILOU1
    Bonsoir, me revoilou! Il y a du nouveau. J'ai flashé le BIOS. Ça n'a pas résolu le problème mais j'ai accès à la souris PS/2 (pas le clavier ) Grace à ça, j'ai pu aller dans "gestionnaire de périphériques" et là, sous Autres périphériques j'ai un point d'exclamation jaune devant "Contrôleur de bus USB" Clic droit dessus -> mettre à jour le pilote -> Rechercher automatiquement......... ---------> Windows n'a trouvé aucun pilote pour votre périphérique A+
  3. BILOU1
    Bonjour, Non pas de condo naze ( je connais bien, je me suis déjà remplacé des condo pour 3 écrans) J'ai un peu avancé. En bidouillant, j'ai amélioré le problème. Maintenant j'ai une alimentation du clavier et de la souris au début du démarrage, ce qui me laisse le temps d'accéder au BIOS. Tout le temps que je suis sur le BIOS, le clavier et la souris fonctionnent. Si je reboote et que je laisse le SSD démarrer et windows s'installer je n'ai plus accés! A+
  4. BILOU1
    Bonjour, J'ai l'impression que je peux me connecter avec mon pseudo maintenant. Bon, moi pas comprendre Pas grave. Hier soir j'ai interverti 2 alim : aucun changement donc ce n'était pas un défaut de l'alim. a+
  5. BILOU1
    Bonsoir, Infection finie. GRAND MERCI Au revoir.
  6. BILOU1
    Bonsoir, 15h. En fait je l'ai laissé tourner tout seul la nuit et la matinée et comme il s'était arrêté en demandant si j'étais d'accord pour mettre en quarantaine il a patienté gentiment jusqu'à ce que je lui dise "oui". Ci-joint le rapport. # DelFix v8.9 - Rapport créé le 17/08/2012 à 23:23:30 # Mis à jour le 27/07/12 par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Administrateur - BUREAU (Administrateur) # Exécuté depuis : C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\W4Y9GZRF\delfix[1].exe # Option [suppression] ~~~~~~ Dossiers(s) ~~~~~~ Supprimé : C:\ZHP Supprimé : C:\Documents and Settings\Administrateur\DoctorWeb Supprimé : C:\Documents and Settings\Administrateur\Bureau\RK_Quarantine Supprimé : C:\Program Files\ZHPDiag ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\AdwCleaner[R1].txt Supprimé : C:\AdwCleaner[s1].txt Supprimé : C:\ComboFix.txt Supprimé : C:\JavaRa.log Supprimé : C:\PhysicalDisk0_MBR.bin Supprimé : C:\TDSSKiller.2.7.48.0_12.08.2012_22.42.08_log.txt Supprimé : C:\Documents and Settings\Administrateur\Bureau\MBRCheck_08.11.12_22.20.57.txt Supprimé : C:\Documents and Settings\Administrateur\Bureau\RKreport[1].txt Supprimé : C:\Documents and Settings\Administrateur\Bureau\RKreport[2].txt Supprimé : C:\Documents and Settings\Administrateur\Bureau\RogueKiller.exe Supprimé : C:\Documents and Settings\Administrateur\Bureau\tdsskiller.exe Supprimé : C:\Documents and Settings\Administrateur\Bureau\ZHPDiag.txt Supprimé : C:\Documents and Settings\Administrateur\Bureau\ZHPFixReport.txt Supprimé : C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKCU\Software\IDAVLab Clé Supprimée : HKLM\SOFTWARE\AdwCleaner Clé Supprimée : HKLM\SOFTWARE\IDAVLab Clé Supprimée : HKLM\SOFTWARE\Swearware Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 ~~~~~~ Autres ~~~~~~ -> Prefetch Vidé ************************* DelFix[s1].txt - [2015 octets] - [17/08/2012 23:23:30] ########## EOF - C:\DelFix[s1].txt - [2139 octets] ########## Je pense que c'est bon. Au fait, tu conseillerais quoi en antivirus et en antimalware? @+
  7. BILOU1
    Bonsoir, Houlala! J'ai bien fait de ne pas me précipiter. Bon, malheureusement, je n'ai pas le CD de Windows. C'est un HP, j'ai donc un disque de réinstallation HP. Je vais voir si dessus, il y a la même option. Merci pour le tuyau. @+
  8. BILOU1
    Bonjour, Voici le rapport : ============================================================================= Statistiques totales de la session ============================================================================= Objets scannés: 1244439 Objets infectés: 0 Objets ayant été modifiés: 0 Objets suspects: 2 Adwares détectés: 3 Dialers détectés: 0 Canulars détectés: 0 Riskwares détectés: 3 Hacktools détectés: 3 Désinfecté: 0 Supprimé: 0 Renommé: 0 Déplacé en quarantaine: 8 Ignoré: 0 Vitesse du scan: 15 Kb/s Durée d'analyse: 15:34:56 ============================================================================= @+
  9. BILOU1
    Bonjour, En fait j'ai juste fait le scan, j'attendais ton feu vert pour nettoyer. @+
  10. BILOU1
    Bonsoir, Piste intéressante. Je vais creuser. Merci. @+
  11. BILOU1
    Bonsoir, J'ai récupéré ma corbeille. Me voici de retour. Ci-joint le rapport Cureit DrWeb. Download CureIt.log from Sendspace.com - send big files the easy way @+
  12. BILOU1
    Bonsoir, Suite à une contamination, mon Windows XP Pro est gravement atteint. Les données, sur une autre partition que C: ne semblent pas avoir subi de dommages. Il est devenu difficile de poursuivre la décontamination avec les symptômes suivants : 1°)Plus de corbeille (très gênant pour détruire certains fichiers) 2°)Invisibilité d'environ 60% des programmes par démarrer/Tous les programmes 3°)Les raccourcis du bureau ne lancent plus une bonne partie des programmes 4°)Outlook ne démarre plus -> message d'erreur et est impossible à réinstaller -> message d'erreur 5°)De nombreuses fonctionnalités ne marchent plus, par exemple: * Démarrer/tous les programmes/accessoires/outils système, indique "vide" * Démarrer/rechercher s’arrête là, (même pas un mot, rien) Etc... Etc... Pensez-vous qu'il soit possible de réparer ce {binz}? Cordialement. @+
  13. BILOU1
    Bonsoir Apollo, et merci pour ton aide jusqu'ici. Je vais suivre ton conseil et voir sur Software ce que je peux faire, puis je reviendrai si besoin. @++
  14. BILOU1
    Bonjour, J'ai un autre problème; après avoir désinstallé Combofix, j'ai voulu vider la corbeille mais ça fait une semaine qu'elle a disparu. J'ai cherché partout depuis une heure mais pas moyen de la trouver. Je passe à l'étape suivante quand même??? @+
  15. BILOU1
    Bonsoir, Ouf! ça a été très dur. Alors que je pensais avoir arrête bit-defender, ad-aware et avast, Combofix a, lui, trouvé qu'ils étaient encore actif. J'ai dû les désinstaller sans redémarrer car je savais pas si Combofix aurait aimé. Bon, il y a déjà du mieux mais tout n'est pas encore fonctionnel. Je te met le rapport. ComboFix 12-08-10.02 - Administrateur 13/08/2012 1:01.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1023.528 [GMT 2:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} AV: Lavasoft Ad-Watch Live! Antivirus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrateur\Application Data\SCPSP7.DLL c:\documents and settings\Administrateur\Application Data\SCPSS7.DLL c:\documents and settings\Administrateur\Local Settings\Application Data\assembly\tmp c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\All Users\Application Data\TEMP\2683706C.TMP c:\documents and settings\LocalService\Local Settings\Application Data\assembly\tmp C:\install.exe c:\program files\7z.exe c:\program files\Internet Explorer\minftnet.exe c:\program files\Internet Explorer\minftnet.ini c:\windows\EventSystem.log c:\windows\iun6002.exe c:\windows\system32\PowerToyReadme.htm c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\regtlib.exe G:\autorun.inf . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-07-12 au 2012-08-12 )))))))))))))))))))))))))))))))))))) . . 2012-08-11 22:25 . 2012-08-11 22:25 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2012-08-11 17:02 . 2012-08-12 18:46 -------- d-----w- C:\ZHP 2012-08-11 17:02 . 2012-08-12 18:36 -------- d-----w- c:\program files\ZHPDiag 2012-08-11 09:05 . 2011-07-06 18:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-08-10 18:46 . 2012-08-10 18:46 -------- d-----w- C:\Quarantine 2012-08-09 17:36 . 2012-08-09 17:36 -------- d--h--w- c:\windows\PIF 2012-08-09 13:08 . 2012-08-09 13:08 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\IObit 2012-08-09 12:05 . 2012-08-09 12:05 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit 2012-08-09 12:05 . 2012-08-09 12:05 -------- d-----w- c:\documents and settings\Administrateur\Application Data\IObit 2012-08-09 12:04 . 2012-08-09 12:04 -------- d-----w- c:\program files\IObit 2012-08-09 07:59 . 2012-08-09 08:00 1896 ---ha-w- C:\AutoRepair Scrap.tmp 2012-08-08 13:56 . 2012-08-12 23:00 -------- d-----w- c:\windows\system32\CatRoot2 2012-08-08 13:24 . 2012-08-08 13:25 918045 ---ha-w- C:\DH Temp.tmp 2012-08-08 10:05 . 2012-08-12 22:16 -------- d-----w- c:\program files\Dachshund Software 2012-08-07 12:07 . 2012-08-12 16:27 -------- d-----w- c:\program files\Windows Desktop Search 2012-08-07 11:50 . 2008-03-07 17:02 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll 2012-08-07 11:50 . 2008-03-07 17:02 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll 2012-08-07 11:50 . 2008-03-07 17:02 192000 ------w- c:\windows\system32\dllcache\offfilt.dll 2012-08-07 10:13 . 2012-08-12 21:41 81984 ----a-w- c:\windows\system32\bdod.bin 2012-08-07 10:02 . 2012-08-12 21:42 -------- d-----w- c:\program files\Fichiers communs\Softwin 2012-08-06 15:48 . 2012-08-06 15:51 -------- dc-h--w- c:\windows\ie8 2012-07-30 07:23 . 2012-07-30 07:23 -------- d-----w- c:\documents and settings\All Users\Application Data\santesocial . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-30 07:22 . 2012-03-31 08:43 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-30 07:22 . 2011-05-20 06:46 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-03 16:21 . 2010-06-30 06:04 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 11:46 . 2010-06-04 16:33 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-13 13:55 . 2004-08-05 02:00 1866240 ------w- c:\windows\system32\win32k.sys 2012-06-05 15:50 . 2008-04-14 02:33 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:50 . 2004-08-05 02:00 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2004-08-05 02:00 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2007-05-30 09:51 16408 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2004-08-05 02:00 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2004-08-05 02:00 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2004-08-05 02:00 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2005-05-26 02:16 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2004-08-05 02:00 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2004-08-05 02:00 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2004-08-05 02:00 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2007-05-30 09:51 19480 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2007-05-30 09:51 16408 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2004-08-05 02:00 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2007-05-30 09:51 25112 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2004-08-05 02:00 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:18 . 2007-05-31 06:13 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 13:18 . 2007-05-31 06:13 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2007-05-31 06:13 18672 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22 . 2004-08-05 02:00 606208 ----a-w- c:\windows\system32\crypt32.dll 2012-05-28 19:23 . 2011-12-23 12:23 16432 ----a-w- c:\windows\system32\lsdelete.exe 2012-05-24 21:18 . 2012-05-24 21:18 4472832 ----a-w- c:\windows\system32\GPhotos.scr 2012-05-16 15:06 . 2004-08-05 02:00 916992 ----a-w- c:\windows\system32\wininet.dll 2008-02-27 14:20 . 2008-02-27 14:20 1642496 ------w- c:\program files\locapharm.exe 2003-12-11 17:10 . 2007-11-06 14:24 114176 ------w- c:\program files\7-zipn.dll 2003-12-11 17:09 . 2007-11-06 14:24 121856 ------w- c:\program files\7-zip.dll 2003-12-11 17:09 . 2007-11-06 14:24 136704 ------w- c:\program files\7zgn.exe 2003-12-11 17:09 . 2007-11-06 14:24 147968 ------w- c:\program files\7zg.exe 2003-12-11 17:06 . 2007-11-06 14:24 224768 ------w- c:\program files\7zFMn.exe 2003-12-11 17:06 . 2007-11-06 14:24 237056 ------w- c:\program files\7zFM.exe 2003-12-09 19:18 . 2007-11-06 14:24 70144 -c----w- c:\program files\7zC.sfx 2003-12-09 19:18 . 2007-11-06 14:24 155136 -c----w- c:\program files\7z.sfx 2003-12-09 19:18 . 2007-11-06 14:24 90624 -c----w- c:\program files\7zSD.sfx 2003-12-09 19:18 . 2007-11-06 14:24 124928 -c----w- c:\program files\7zS.sfx 2003-12-09 19:17 . 2007-11-06 14:24 157696 -c----w- c:\program files\7zCon.sfx . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-26 68856] "TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2009\MemOptimizer.exe" [2009-11-16 163144] "MyTomTomSA.exe"="c:\program files\MyTomTom 3\MyTomTomSA.exe" [2012-05-18 434168] "G-Lock SpamCombat"="c:\program files\G-Lock Software\G-Lock SpamCombat\gsc.exe" [2010-05-31 2987520] "Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 288128] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-02-15 258512] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "OrangePlayer"="c:\program files\orange\media player\Media Player.exe" [2008-12-02 319488] . c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2006-6-27 5661696] . c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2006-6-27 5661696] . c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2006-6-27 5661696] . c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2006-6-27 5661696] . c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2006-6-27 5661696] . c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2006-6-27 5661696] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ctfmon.exe"=c:\windows\system32\ctfmon.exe "GBMLite8AgentLaCie"=c:\program files\LaCie\Genie Backup Assistant\GBMAgent.exe "gStart"=c:\garmin\gStart.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\Look@LAN\\LookAtHost.exe"= "c:\\Program Files\\Look@LAN\\LookAtLan.exe"= "c:\\Program Files\\D-Link\\AP Manager for DWL-2100AP\\APMGR7XXX.exe"= "c:\\WPHARMA\\TM\\Telemant.exe"= c:\\WPHARMA\\TM\\TELEMANT.EXE "c:\\WPHARMA\\TM\\UltraVnc\\winvnc.exe"= c:\\WPHARMA\\TM\\UltraVNC\\winvnc.exe "c:\\Program Files\\Hewlett-Packard\\hp business inkjet 1200 series\\Toolbox\\HPWNTBX.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WPHARMA\\WPHARMA.EXE"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\adslTV\\adsltv.exe"= "c:\\Program Files\\adslTV\\VLC\\vlc.exe"= "c:\\Program Files\\NetGear\\ProSafe Plus Utility\\NetGearServer.exe"= "c:\\Program Files\\NetGear\\ProSafe Plus Utility\\ProSafe Plus Utility.exe"= "c:\\Program Files\\NetGear\\ProSafe Plus Utility\\NsdpManager.exe"= "c:\\WINDOWS\\system32\\javaw.exe"= "c:\\Program Files\\UDVguard\\UDVguard.exe"= "c:\\Program Files\\Fichiers communs\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Documents and Settings\\Administrateur\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\TubeMaster++\\tm++.exe"= "c:\\Program Files\\OVH\\EcoFax\\EcoFax.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4899:TCP"= 4899:TCP:telemant "5900:TCP"= 5900:TCP:telemant . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\RemoteAdminSettings] "RemoteAddresses"= LocalSubNet "Enabled"= 1 (0x1) . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [23/12/2011 10:50 64512] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [03/04/2012 17:28 36000] R1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [02/10/2010 18:28 7936] R2 AntiVirSchedulerService;Avira Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [03/04/2012 17:28 86224] R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [25/01/2011 17:24 21992] R2 NetProbe;NetProbe Packet Driver;c:\windows\system32\drivers\NetProbe.sys [24/03/2009 10:13 5365] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25/06/2010 19:07 35088] R2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [08/04/2009 15:23 6016] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [03/09/2011 20:58 100368] R3 FNETTBOH;FNETTBOH;c:\windows\system32\drivers\FNETTBOH.SYS [02/10/2010 18:28 23680] R3 serusb;Xiring USB COMM Port;c:\windows\system32\drivers\serusb.sys [06/11/2006 11:11 24192] S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [09/08/2012 14:04 913792] S2 gupdate1ca80ae27835064;Service Google Update (gupdate1ca80ae27835064);c:\program files\Google\Update\GoogleUpdate.exe [19/12/2009 15:21 133104] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?] S2 Network Probe;Network Probe;c:\program files\Network Probe 3\probesvc.exe [24/03/2009 10:13 61440] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31/03/2012 10:43 250056] S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18/12/2009 11:58 11336] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [12/04/2012 20:22 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [12/04/2012 20:22 8456] S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [19/12/2009 15:21 133104] S3 libusb0;USB Kernel Driver;c:\windows\system32\drivers\libusb0.sys [03/12/2010 13:36 36456] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [11/08/2012 11:05 41272] S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [05/08/2004 04:00 14336] S3 OKI OPHJ DCS Loader;OKI OPHJ DCS Loader;c:\windows\system32\spool\drivers\w32x86\3\OPHJLDCS.EXE [08/06/2008 19:57 24576] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Tâches planifiées' . 2012-08-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 07:22] . 2012-07-28 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2012-07-05 c:\windows\Tasks\DriverTuner.job - c:\program files\DriverTuner\DriverTuner.exe [2012-07-05 13:37] . 2012-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 13:21] . 2012-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 13:21] . 2012-08-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-215591415-2412506341-2357404801-500Core.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-06-07 08:24] . 2012-08-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-215591415-2412506341-2357404801-500UA.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-06-07 08:24] . 2012-08-12 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 16:04] . 2012-08-12 c:\windows\Tasks\User_Feed_Synchronization-{D8115600-79F3-4A43-866F-21E061D60071}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.orange.fr/portail uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 Trusted Zone: ovh.com\www TCP: Interfaces\{1849E931-7C52-4A3D-942F-BABC4F737D52}: NameServer = 192.168.1.1 DPF: Garmin Communicator Plug-In DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} DPF: {7340F0E4-AEDA-47C6-8971-9DB314030BD7} DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} DPF: {F0AB7178-9D24-4693-8B14-404D5ED84945} . - - - - ORPHELINS SUPPRIMES - - - - . BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-13 01:12 Windows 5.1.2600 Service Pack 3 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-215591415-2412506341-2357404801-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,12,ea,59,2a,36,8c,17,49,ac,25,bc,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,12,ea,59,2a,36,8c,17,49,ac,25,bc,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,16,c8,f9,19,6b,fd,0b,4a,bb,74,0b,\ . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'winlogon.exe'(1152) c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll . - - - - - - - > 'Explorer.EXE'(1532) c:\windows\system32\webcheck.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll c:\program files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll c:\program files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll . Heure de fin: 2012-08-13 01:17:03 ComboFix-quarantined-files.txt 2012-08-12 23:17 . Avant-CF: 153 148 186 624 octets libres Après-CF: 153 857 159 168 octets libres . WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect . - - End Of File - - E014504A04D133ACABBE3E1559C4DDFC @+++demain euh! non, vu l'heure, on est déjà demain
  16. BILOU1
    Et voilà 22:42:08.0687 1792 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 22:42:08.0906 1792 ============================================================ 22:42:08.0906 1792 Current date / time: 2012/08/12 22:42:08.0906 22:42:08.0906 1792 SystemInfo: 22:42:08.0906 1792 22:42:08.0906 1792 OS Version: 5.1.2600 ServicePack: 3.0 22:42:08.0906 1792 Product type: Workstation 22:42:08.0906 1792 ComputerName: BUREAU 22:42:08.0906 1792 UserName: Administrateur 22:42:08.0906 1792 Windows directory: C:\WINDOWS 22:42:08.0906 1792 System windows directory: C:\WINDOWS 22:42:08.0906 1792 Processor architecture: Intel x86 22:42:08.0906 1792 Number of processors: 2 22:42:08.0906 1792 Page size: 0x1000 22:42:08.0906 1792 Boot type: Normal boot 22:42:08.0906 1792 ============================================================ 22:42:12.0265 1792 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 22:42:12.0265 1792 ============================================================ 22:42:12.0265 1792 \Device\Harddisk0\DR0: 22:42:12.0265 1792 MBR partitions: 22:42:12.0265 1792 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1900297E 22:42:12.0296 1792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x190029FC, BlocksNum 0x19B8BF2F 22:42:12.0312 1792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32B8E96A, BlocksNum 0x79685787 22:42:12.0312 1792 ============================================================ 22:42:12.0375 1792 C: <-> \Device\Harddisk0\DR0\Partition0 22:42:12.0390 1792 E: <-> \Device\Harddisk0\DR0\Partition1 22:42:12.0406 1792 F: <-> \Device\Harddisk0\DR0\Partition2 22:42:12.0406 1792 ============================================================ 22:42:12.0406 1792 Initialize success 22:42:12.0406 1792 ============================================================ 22:42:48.0203 2036 ============================================================ 22:42:48.0203 2036 Scan started 22:42:48.0203 2036 Mode: Manual; SigCheck; TDLFS; 22:42:48.0203 2036 ============================================================ 22:42:48.0781 2036 Aavmker4 (0b27ae82c113d3687024d18459440426) C:\WINDOWS\system32\drivers\Aavmker4.sys 22:42:48.0984 2036 Aavmker4 - ok 22:42:48.0984 2036 Abiosdsk - ok 22:42:49.0000 2036 abp480n5 - ok 22:42:49.0046 2036 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys 22:42:49.0765 2036 ac97intc - ok 22:42:49.0828 2036 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 22:42:50.0031 2036 ACPI - ok 22:42:50.0046 2036 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys 22:42:50.0187 2036 ACPIEC - ok 22:42:50.0234 2036 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 22:42:50.0265 2036 AdobeFlashPlayerUpdateSvc - ok 22:42:50.0281 2036 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 22:42:50.0437 2036 adpu160m - ok 22:42:50.0453 2036 adpu320 (0ea9b1f0c6c90a509c8603775366adb7) C:\WINDOWS\system32\DRIVERS\adpu320.sys 22:42:50.0468 2036 adpu320 ( UnsignedFile.Multi.Generic ) - warning 22:42:50.0468 2036 adpu320 - detected UnsignedFile.Multi.Generic (1) 22:42:50.0578 2036 AdvancedSystemCareService5 (96d6cdd0b32846e8cfbe592f4f32e608) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe 22:42:50.0687 2036 AdvancedSystemCareService5 - ok 22:42:50.0718 2036 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 22:42:50.0953 2036 aec - ok 22:42:50.0968 2036 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys 22:42:50.0984 2036 Afc ( UnsignedFile.Multi.Generic ) - warning 22:42:50.0984 2036 Afc - detected UnsignedFile.Multi.Generic (1) 22:42:51.0031 2036 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 22:42:51.0093 2036 AFD - ok 22:42:51.0093 2036 Aha154x - ok 22:42:51.0109 2036 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 22:42:51.0343 2036 aic78u2 - ok 22:42:51.0359 2036 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 22:42:51.0578 2036 aic78xx - ok 22:42:51.0593 2036 Alerter (758fdc60d41716ef889d849989b4b1cd) C:\WINDOWS\system32\alrsvc.dll 22:42:51.0765 2036 Alerter - ok 22:42:51.0812 2036 ALG (5e9a6658a2a69ae7eb195113b7a2e7a9) C:\WINDOWS\System32\alg.exe 22:42:51.0906 2036 ALG - ok 22:42:51.0906 2036 AliIde - ok 22:42:51.0921 2036 amsint - ok 22:42:51.0984 2036 AntiVirSchedulerService (27c9a4e1ef31c7a64de8fbc0aa568503) C:\Program Files\Avira\AntiVir Desktop\sched.exe 22:42:52.0000 2036 AntiVirSchedulerService - ok 22:42:52.0046 2036 AntiVirService (e491888d529410d7bd8fbbad825795c8) C:\Program Files\Avira\AntiVir Desktop\avguard.exe 22:42:52.0062 2036 AntiVirService - ok 22:42:52.0109 2036 AppMgmt (f36c9f78fc902c8dce4d3b576bb0435a) C:\WINDOWS\System32\appmgmts.dll 22:42:52.0203 2036 AppMgmt - ok 22:42:52.0203 2036 asc - ok 22:42:52.0218 2036 asc3350p - ok 22:42:52.0218 2036 asc3550 - ok 22:42:52.0312 2036 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 22:42:52.0343 2036 aspnet_state - ok 22:42:52.0359 2036 aswFsBlk (1c1f3d6dddc046c920c493a779649f66) C:\WINDOWS\system32\drivers\aswFsBlk.sys 22:42:52.0375 2036 aswFsBlk - ok 22:42:52.0421 2036 aswMon2 (9e912fe7b41650701ef2b227aca440f3) C:\WINDOWS\system32\drivers\aswMon2.sys 22:42:52.0453 2036 aswMon2 - ok 22:42:52.0468 2036 aswRdr (982e275d1c5801042fe94209fb0160fb) C:\WINDOWS\system32\drivers\aswRdr.sys 22:42:52.0500 2036 aswRdr - ok 22:42:52.0593 2036 aswSnx (73dbcf808e00580f2a47f93dd9b03876) C:\WINDOWS\system32\drivers\aswSnx.sys 22:42:52.0687 2036 aswSnx - ok 22:42:52.0718 2036 aswSP (6cbd7d3a33f498d09c831cdd732da2e0) C:\WINDOWS\system32\drivers\aswSP.sys 22:42:52.0750 2036 aswSP - ok 22:42:52.0765 2036 aswTdi (7109a9aa551f37cd168c02368465957e) C:\WINDOWS\system32\drivers\aswTdi.sys 22:42:52.0796 2036 aswTdi - ok 22:42:52.0843 2036 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 22:42:52.0984 2036 AsyncMac - ok 22:42:53.0000 2036 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 22:42:53.0140 2036 atapi - ok 22:42:53.0156 2036 Atdisk - ok 22:42:53.0218 2036 Ati HotKey Poller (809b0eb83c75061c9de2e528c65a1575) C:\WINDOWS\system32\Ati2evxx.exe 22:42:53.0296 2036 Ati HotKey Poller - ok 22:42:53.0609 2036 ati2mtag (032f23b133b680b06861329c5a176ee0) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 22:42:53.0875 2036 ati2mtag - ok 22:42:53.0968 2036 AtiHDAudioService (bd9ca8136738040d3257363ed12be693) C:\WINDOWS\system32\drivers\AtihdXP3.sys 22:42:53.0984 2036 AtiHDAudioService - ok 22:42:54.0015 2036 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 22:42:54.0156 2036 Atmarpc - ok 22:42:54.0203 2036 AudioSrv (b4005aef7873144634765b570dac466e) C:\WINDOWS\System32\audiosrv.dll 22:42:54.0359 2036 AudioSrv - ok 22:42:54.0359 2036 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 22:42:54.0515 2036 audstub - ok 22:42:54.0562 2036 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 22:42:54.0593 2036 avast! Antivirus - ok 22:42:54.0640 2036 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 22:42:54.0671 2036 avgntflt - ok 22:42:54.0687 2036 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\WINDOWS\system32\DRIVERS\avipbb.sys 22:42:54.0718 2036 avipbb - ok 22:42:54.0734 2036 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys 22:42:54.0765 2036 avkmgr - ok 22:42:54.0781 2036 b57w2k (f015919eb77f994b06e862c4d7ba0b75) C:\WINDOWS\system32\DRIVERS\b57xp32.sys 22:42:54.0812 2036 b57w2k - ok 22:42:54.0843 2036 bdfdll - ok 22:42:54.0843 2036 BDFsDrv - ok 22:42:54.0843 2036 BDRsDrv - ok 22:42:54.0906 2036 bdss (a20eb9a2772c8d2130ff10783e9b42ea) C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe 22:42:54.0921 2036 bdss ( UnsignedFile.Multi.Generic ) - warning 22:42:54.0921 2036 bdss - detected UnsignedFile.Multi.Generic (1) 22:42:54.0953 2036 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 22:42:55.0109 2036 Beep - ok 22:42:55.0140 2036 BITS (baa0b6e647c1ad593e9bae5cc31bcffb) C:\WINDOWS\system32\qmgr.dll 22:42:55.0328 2036 BITS - ok 22:42:55.0359 2036 Blfp (7f72473390feee312a66af045c8ef0f6) C:\WINDOWS\system32\DRIVERS\baspxp32.sys 22:42:55.0390 2036 Blfp - ok 22:42:55.0421 2036 Browser (06b54a7b1ef7cb16bfd0e208d343fa71) C:\WINDOWS\System32\browser.dll 22:42:55.0593 2036 Browser - ok 22:42:55.0640 2036 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 22:42:55.0796 2036 cbidf2k - ok 22:42:55.0812 2036 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 22:42:55.0968 2036 CCDECODE - ok 22:42:55.0984 2036 cd20xrnt - ok 22:42:56.0000 2036 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 22:42:56.0140 2036 Cdaudio - ok 22:42:56.0156 2036 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 22:42:56.0312 2036 Cdfs - ok 22:42:56.0328 2036 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 22:42:56.0484 2036 Cdrom - ok 22:42:56.0484 2036 Changer - ok 22:42:56.0515 2036 CiSvc (793ef38a5fd086c3c8e48a8a861562ed) C:\WINDOWS\system32\cisvc.exe 22:42:56.0671 2036 CiSvc - ok 22:42:56.0687 2036 ClipSrv (8b30cbb0c07d49b2658fb190946b0e7e) C:\WINDOWS\system32\clipsrv.exe 22:42:57.0093 2036 ClipSrv - ok 22:42:57.0203 2036 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:42:57.0343 2036 clr_optimization_v2.0.50727_32 - ok 22:42:57.0375 2036 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 22:42:57.0421 2036 clr_optimization_v4.0.30319_32 - ok 22:42:57.0421 2036 CmdIde - ok 22:42:57.0437 2036 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 22:42:57.0593 2036 Compbatt - ok 22:42:57.0593 2036 COMSysApp - ok 22:42:57.0609 2036 Cpqarray - ok 22:42:57.0734 2036 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys 22:42:57.0765 2036 cpudrv - ok 22:42:57.0796 2036 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\WINDOWS\system32\drivers\cpuz135_x32.sys 22:42:57.0812 2036 cpuz135 - ok 22:42:57.0828 2036 CryptSvc (7a6d0b71035e123fdda2156a25578ad3) C:\WINDOWS\System32\cryptsvc.dll 22:42:57.0968 2036 CryptSvc - ok 22:42:57.0984 2036 dac2w2k - ok 22:42:57.0984 2036 dac960nt - ok 22:42:58.0062 2036 DcomLaunch (0203b1aad358f206cb0a3c1f93cce17a) C:\WINDOWS\system32\rpcss.dll 22:42:58.0140 2036 DcomLaunch - ok 22:42:58.0203 2036 Dhcp (318f535dc05551d96deeb90b6d6904de) C:\WINDOWS\System32\dhcpcsvc.dll 22:42:58.0343 2036 Dhcp - ok 22:42:58.0343 2036 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 22:42:58.0515 2036 Disk - ok 22:42:58.0515 2036 dmadmin - ok 22:42:58.0562 2036 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 22:42:58.0734 2036 dmboot - ok 22:42:58.0734 2036 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 22:42:58.0890 2036 dmio - ok 22:42:58.0906 2036 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 22:42:59.0062 2036 dmload - ok 22:42:59.0093 2036 dmserver (6797c23d6b79935482d7f0e8ca5e5b67) C:\WINDOWS\System32\dmserver.dll 22:42:59.0234 2036 dmserver - ok 22:42:59.0265 2036 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 22:42:59.0406 2036 DMusic - ok 22:42:59.0531 2036 Dnscache (1a1e59377fb6cacd711cc5073c4a7d79) C:\WINDOWS\System32\dnsrslvr.dll 22:42:59.0781 2036 Dnscache - ok 22:42:59.0812 2036 Dot3svc (3fcf86f03d0302443c21ce6e5bbf7a25) C:\WINDOWS\System32\dot3svc.dll 22:42:59.0968 2036 Dot3svc - ok 22:42:59.0984 2036 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 22:43:00.0140 2036 dpti2o - ok 22:43:00.0156 2036 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 22:43:00.0296 2036 drmkaud - ok 22:43:00.0328 2036 E100B (1961f8b618e3c20df54c146b294efd2a) C:\WINDOWS\system32\DRIVERS\e100b325.sys 22:43:00.0468 2036 E100B - ok 22:43:00.0500 2036 EapHost (8b5fc9087d2cab110bc2ed5cc5e7b8ac) C:\WINDOWS\System32\eapsvc.dll 22:43:00.0656 2036 EapHost - ok 22:43:00.0703 2036 epmntdrv (f07ba56b0235f15eff8f10dc6389c42e) C:\WINDOWS\system32\epmntdrv.sys 22:43:00.0750 2036 epmntdrv ( UnsignedFile.Multi.Generic ) - warning 22:43:00.0750 2036 epmntdrv - detected UnsignedFile.Multi.Generic (1) 22:43:00.0781 2036 EpsonBidirectionalService (cd64ce62be47df0e9a459fd9002221fe) C:\Program Files\EPSON\ESM2\eEBSVC.exe 22:43:00.0796 2036 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning 22:43:00.0796 2036 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1) 22:43:00.0796 2036 ERSvc (94f948cb12c4d35483f1e815deb16c7b) C:\WINDOWS\System32\ersvc.dll 22:43:00.0968 2036 ERSvc - ok 22:43:01.0000 2036 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\WINDOWS\system32\EuGdiDrv.sys 22:43:01.0015 2036 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning 22:43:01.0015 2036 EuGdiDrv - detected UnsignedFile.Multi.Generic (1) 22:43:01.0046 2036 Eventlog (c3fb1d70cb88722267949694ba51759e) C:\WINDOWS\system32\services.exe 22:43:01.0078 2036 Eventlog - ok 22:43:01.0125 2036 EventSystem (ec16ae9b37eacf871629227a3f3913fd) C:\WINDOWS\system32\es.dll 22:43:01.0171 2036 EventSystem - ok 22:43:01.0171 2036 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 22:43:01.0343 2036 Fastfat - ok 22:43:01.0375 2036 FastUserSwitchingCompatibility (1b8542f338cdd86929a084a455837158) C:\WINDOWS\System32\shsvcs.dll 22:43:01.0437 2036 FastUserSwitchingCompatibility - ok 22:43:01.0453 2036 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 22:43:01.0609 2036 Fdc - ok 22:43:01.0671 2036 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 22:43:01.0812 2036 Fips - ok 22:43:01.0859 2036 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 22:43:02.0000 2036 Flpydisk - ok 22:43:02.0046 2036 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 22:43:02.0203 2036 FltMgr - ok 22:43:02.0250 2036 FNETTBOH (a9e2df40ed6ec9e8885da72b6e1818f3) C:\WINDOWS\system32\drivers\FNETTBOH.SYS 22:43:02.0250 2036 FNETTBOH ( UnsignedFile.Multi.Generic ) - warning 22:43:02.0250 2036 FNETTBOH - detected UnsignedFile.Multi.Generic (1) 22:43:02.0265 2036 FNETURPX (784ffba7ee5c5f3a396407e4712f72f0) C:\WINDOWS\system32\drivers\FNETURPX.SYS 22:43:02.0281 2036 FNETURPX ( UnsignedFile.Multi.Generic ) - warning 22:43:02.0281 2036 FNETURPX - detected UnsignedFile.Multi.Generic (1) 22:43:02.0359 2036 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 22:43:02.0375 2036 FontCache3.0.0.0 - ok 22:43:02.0406 2036 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 22:43:02.0562 2036 Fs_Rec - ok 22:43:02.0562 2036 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 22:43:02.0718 2036 Ftdisk - ok 22:43:02.0765 2036 getPlus® Helper (35a1f815962f3552066c6be4c969d297) C:\Program Files\NOS\bin\getPlus_HelperSvc.exe 22:43:02.0781 2036 getPlus® Helper - ok 22:43:02.0796 2036 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 22:43:02.0953 2036 Gpc - ok 22:43:03.0000 2036 gupdate1ca80ae27835064 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 22:43:03.0015 2036 gupdate1ca80ae27835064 - ok 22:43:03.0031 2036 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 22:43:03.0046 2036 gupdatem - ok 22:43:03.0093 2036 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 22:43:03.0125 2036 gusvc - ok 22:43:03.0171 2036 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys 22:43:03.0203 2036 HdAudAddService - ok 22:43:03.0218 2036 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 22:43:03.0421 2036 HDAudBus - ok 22:43:03.0437 2036 helpsvc (1247f83b705af0e796330442f7967cf8) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 22:43:03.0593 2036 helpsvc - ok 22:43:03.0656 2036 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys 22:43:03.0796 2036 HidBatt - ok 22:43:03.0812 2036 HidServ - ok 22:43:03.0828 2036 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 22:43:03.0984 2036 HidUsb - ok 22:43:04.0015 2036 hkmsvc (17b3c3d40cdba40c2e331d28be4de27f) C:\WINDOWS\System32\kmsvc.dll 22:43:04.0187 2036 hkmsvc - ok 22:43:04.0187 2036 hpn - ok 22:43:04.0218 2036 hpqwmi (85dd9edbb1a035ba9b0e9fcc70624990) C:\Program Files\HPQ\Shared\hpqwmi.exe 22:43:04.0234 2036 hpqwmi ( UnsignedFile.Multi.Generic ) - warning 22:43:04.0234 2036 hpqwmi - detected UnsignedFile.Multi.Generic (1) 22:43:04.0281 2036 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 22:43:04.0328 2036 HTTP - ok 22:43:04.0328 2036 HTTPFilter (bd31cface38d1800abdb43f4260af0d5) C:\WINDOWS\System32\w3ssl.dll 22:43:04.0484 2036 HTTPFilter - ok 22:43:04.0500 2036 i2omgmt - ok 22:43:04.0500 2036 i2omp - ok 22:43:04.0515 2036 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 22:43:04.0656 2036 i8042prt - ok 22:43:04.0687 2036 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys 22:43:04.0828 2036 i81x - ok 22:43:04.0843 2036 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys 22:43:05.0000 2036 iAimFP0 - ok 22:43:05.0015 2036 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys 22:43:05.0156 2036 iAimFP1 - ok 22:43:05.0156 2036 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys 22:43:05.0312 2036 iAimFP2 - ok 22:43:05.0328 2036 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys 22:43:05.0468 2036 iAimFP3 - ok 22:43:05.0500 2036 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys 22:43:05.0640 2036 iAimFP4 - ok 22:43:05.0671 2036 iAimFP5 (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys 22:43:05.0828 2036 iAimFP5 - ok 22:43:05.0828 2036 iAimFP6 (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys 22:43:05.0984 2036 iAimFP6 - ok 22:43:06.0000 2036 iAimFP7 (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys 22:43:06.0140 2036 iAimFP7 - ok 22:43:06.0156 2036 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys 22:43:06.0312 2036 iAimTV0 - ok 22:43:06.0328 2036 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys 22:43:06.0453 2036 iAimTV1 - ok 22:43:06.0468 2036 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys 22:43:06.0625 2036 iAimTV3 - ok 22:43:06.0640 2036 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys 22:43:06.0796 2036 iAimTV4 - ok 22:43:06.0796 2036 iAimTV5 (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys 22:43:06.0937 2036 iAimTV5 - ok 22:43:06.0953 2036 iAimTV6 (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys 22:43:07.0093 2036 iAimTV6 - ok 22:43:07.0171 2036 ialm (da91f5385cfc8ba0f110f2fde112b563) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 22:43:07.0265 2036 ialm - ok 22:43:07.0375 2036 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe 22:43:07.0375 2036 IDriverT ( UnsignedFile.Multi.Generic ) - warning 22:43:07.0375 2036 IDriverT - detected UnsignedFile.Multi.Generic (1) 22:43:07.0500 2036 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 22:43:07.0578 2036 idsvc - ok 22:43:07.0625 2036 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 22:43:07.0781 2036 Imapi - ok 22:43:07.0828 2036 ImapiService (c4221678bbaa55239c23632875759961) C:\WINDOWS\system32\imapi.exe 22:43:07.0984 2036 ImapiService - ok 22:43:07.0984 2036 ini910u - ok 22:43:08.0218 2036 IntcAzAudAddService (723907cc600271bb216faaa0b6877678) C:\WINDOWS\system32\drivers\RtkHDAud.sys 22:43:08.0421 2036 IntcAzAudAddService - ok 22:43:08.0468 2036 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys 22:43:08.0609 2036 IntelIde - ok 22:43:08.0609 2036 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 22:43:08.0765 2036 intelppm - ok 22:43:08.0765 2036 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 22:43:08.0921 2036 Ip6Fw - ok 22:43:08.0921 2036 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:43:09.0062 2036 IpFilterDriver - ok 22:43:09.0062 2036 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 22:43:09.0203 2036 IpInIp - ok 22:43:09.0218 2036 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 22:43:09.0375 2036 IpNat - ok 22:43:09.0406 2036 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 22:43:09.0546 2036 IPSec - ok 22:43:09.0578 2036 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 22:43:09.0671 2036 IRENUM - ok 22:43:09.0718 2036 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 22:43:09.0859 2036 isapnp - ok 22:43:09.0890 2036 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe 22:43:09.0921 2036 JavaQuickStarterService - ok 22:43:09.0937 2036 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 22:43:10.0078 2036 Kbdclass - ok 22:43:10.0093 2036 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 22:43:10.0234 2036 kmixer - ok 22:43:10.0265 2036 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 22:43:10.0343 2036 KSecDD - ok 22:43:10.0390 2036 lanmanserver (1db8078a32e03ac8f5eb5e6dcac2aa34) C:\WINDOWS\System32\srvsvc.dll 22:43:10.0468 2036 lanmanserver - ok 22:43:10.0515 2036 lanmanworkstation (ad54ead46d92f413be189aabc1c59490) C:\WINDOWS\System32\wkssvc.dll 22:43:10.0593 2036 lanmanworkstation - ok 22:43:10.0765 2036 Lavasoft Ad-Aware Service (55afd4a9d5ed4ad40d5215ccdf4d65f3) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 22:43:10.0875 2036 Lavasoft Ad-Aware Service - ok 22:43:11.0046 2036 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys 22:43:11.0062 2036 Lbd - ok 22:43:11.0078 2036 lbrtfdc - ok 22:43:11.0156 2036 libusb0 (0ccda159181cd73a0ca13f8b112e8d18) C:\WINDOWS\system32\DRIVERS\libusb0.sys 22:43:11.0187 2036 libusb0 - ok 22:43:11.0312 2036 LIVESRV (4ebbc3d88ec7fd5ee60edc7ba3c9433e) C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe 22:43:11.0328 2036 LIVESRV ( UnsignedFile.Multi.Generic ) - warning 22:43:11.0328 2036 LIVESRV - detected UnsignedFile.Multi.Generic (1) 22:43:11.0468 2036 LiveUpdate (ff7075265691c741afd2f756559a10d5) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 22:43:11.0546 2036 LiveUpdate - ok 22:43:11.0671 2036 LmHosts (0f357c079ac529a844ab5b18e4eef881) C:\WINDOWS\System32\lmhsvc.dll 22:43:11.0812 2036 LmHosts - ok 22:43:11.0843 2036 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys 22:43:11.0875 2036 MBAMSwissArmy - ok 22:43:11.0890 2036 Messenger (e67a66a3781c1a483f0f8992664cbe0d) C:\WINDOWS\System32\msgsvc.dll 22:43:12.0046 2036 Messenger - ok 22:43:12.0078 2036 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 22:43:12.0234 2036 mnmdd - ok 22:43:12.0250 2036 mnmsrvc (d3a2870cd96cda7bcff3dc54f64087ad) C:\WINDOWS\system32\mnmsrvc.exe 22:43:12.0406 2036 mnmsrvc - ok 22:43:12.0421 2036 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 22:43:12.0562 2036 Modem - ok 22:43:12.0609 2036 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 22:43:12.0750 2036 Mouclass - ok 22:43:12.0781 2036 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 22:43:12.0937 2036 mouhid - ok 22:43:12.0937 2036 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 22:43:13.0093 2036 MountMgr - ok 22:43:13.0093 2036 mraid35x - ok 22:43:13.0109 2036 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 22:43:13.0265 2036 MRxDAV - ok 22:43:13.0296 2036 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 22:43:13.0359 2036 MRxSmb - ok 22:43:13.0406 2036 MSDTC (8648d670ae0d95c95e7bbb5b80661796) C:\WINDOWS\system32\msdtc.exe 22:43:13.0546 2036 MSDTC - ok 22:43:13.0562 2036 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 22:43:13.0703 2036 Msfs - ok 22:43:13.0703 2036 MSIServer - ok 22:43:13.0734 2036 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 22:43:13.0875 2036 MSKSSRV - ok 22:43:13.0875 2036 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 22:43:14.0015 2036 MSPCLOCK - ok 22:43:14.0031 2036 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 22:43:14.0171 2036 MSPQM - ok 22:43:14.0187 2036 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 22:43:14.0328 2036 mssmbios - ok 22:43:14.0359 2036 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 22:43:14.0500 2036 MSTEE - ok 22:43:14.0515 2036 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 22:43:14.0546 2036 Mup - ok 22:43:14.0609 2036 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 22:43:14.0765 2036 NABTSFEC - ok 22:43:14.0812 2036 napagent (69e4fbbabaeee1bff422e091da3171da) C:\WINDOWS\System32\qagentrt.dll 22:43:14.0984 2036 napagent - ok 22:43:15.0000 2036 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 22:43:15.0140 2036 NDIS - ok 22:43:15.0156 2036 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 22:43:15.0312 2036 NdisIP - ok 22:43:15.0328 2036 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 22:43:15.0359 2036 NdisTapi - ok 22:43:15.0375 2036 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 22:43:15.0515 2036 Ndisuio - ok 22:43:15.0531 2036 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:43:15.0671 2036 NdisWan - ok 22:43:15.0671 2036 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 22:43:15.0734 2036 NDProxy - ok 22:43:15.0765 2036 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 22:43:15.0906 2036 NetBIOS - ok 22:43:15.0921 2036 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 22:43:16.0062 2036 NetBT - ok 22:43:16.0093 2036 NetDDE (5c9b1d83755b36237b70f95df3d46a52) C:\WINDOWS\system32\netdde.exe 22:43:16.0234 2036 NetDDE - ok 22:43:16.0234 2036 NetDDEdsdm (5c9b1d83755b36237b70f95df3d46a52) C:\WINDOWS\system32\netdde.exe 22:43:16.0390 2036 NetDDEdsdm - ok 22:43:16.0406 2036 Netlogon (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe 22:43:16.0562 2036 Netlogon - ok 22:43:16.0593 2036 Netman (be0cb143fa427d93440ded18db8c918b) C:\WINDOWS\System32\netman.dll 22:43:16.0765 2036 Netman - ok 22:43:16.0781 2036 NetProbe (44831972666e9989b375c05f010944b2) C:\WINDOWS\system32\DRIVERS\netprobe.sys 22:43:16.0796 2036 NetProbe ( UnsignedFile.Multi.Generic ) - warning 22:43:16.0796 2036 NetProbe - detected UnsignedFile.Multi.Generic (1) 22:43:16.0890 2036 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 22:43:16.0921 2036 NetTcpPortSharing - ok 22:43:16.0984 2036 Network Probe (8be7647e40673f548c5e826298a71146) C:\Program Files\Network Probe 3\probesvc.exe 22:43:17.0000 2036 Network Probe ( UnsignedFile.Multi.Generic ) - warning 22:43:17.0000 2036 Network Probe - detected UnsignedFile.Multi.Generic (1) 22:43:17.0046 2036 Nla (6f5f546a92c7b6ae45db1d6910781eb0) C:\WINDOWS\System32\mswsock.dll 22:43:17.0109 2036 Nla - ok 22:43:17.0156 2036 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys 22:43:17.0296 2036 nm - ok 22:43:17.0343 2036 nosGetPlusHelper (25d6b2eb0a1fc4ab413afe7ec4793ec1) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll 22:43:17.0375 2036 nosGetPlusHelper - ok 22:43:17.0390 2036 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys 22:43:17.0421 2036 NPF - ok 22:43:17.0421 2036 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 22:43:17.0578 2036 Npfs - ok 22:43:17.0609 2036 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 22:43:17.0750 2036 Ntfs - ok 22:43:17.0765 2036 NtLmSsp (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe 22:43:17.0906 2036 NtLmSsp - ok 22:43:17.0953 2036 NtmsSvc (037d92b3a7853a183fcab77fb1d13d6c) C:\WINDOWS\system32\ntmssvc.dll 22:43:18.0125 2036 NtmsSvc - ok 22:43:18.0156 2036 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 22:43:18.0296 2036 Null - ok 22:43:18.0328 2036 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 22:43:18.0468 2036 NwlnkFlt - ok 22:43:18.0500 2036 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 22:43:18.0671 2036 NwlnkFwd - ok 22:43:18.0765 2036 OKI OPHJ DCS Loader (7e5d50b74bcce7376981579f659baf97) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHJLDCS.EXE 22:43:18.0796 2036 OKI OPHJ DCS Loader ( UnsignedFile.Multi.Generic ) - warning 22:43:18.0796 2036 OKI OPHJ DCS Loader - detected UnsignedFile.Multi.Generic (1) 22:43:18.0875 2036 P3 (cecb679633523ac5eb7eb85f92dcd806) C:\WINDOWS\system32\DRIVERS\p3.sys 22:43:19.0015 2036 P3 - ok 22:43:19.0046 2036 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys 22:43:19.0187 2036 Parport - ok 22:43:19.0203 2036 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 22:43:19.0343 2036 PartMgr - ok 22:43:19.0359 2036 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 22:43:19.0500 2036 ParVdm - ok 22:43:19.0515 2036 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 22:43:19.0671 2036 PCI - ok 22:43:19.0671 2036 PCIDump - ok 22:43:19.0687 2036 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 22:43:19.0828 2036 PCIIde - ok 22:43:19.0843 2036 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 22:43:19.0968 2036 Pcmcia - ok 22:43:19.0984 2036 PDCOMP - ok 22:43:19.0984 2036 PDFRAME - ok 22:43:20.0000 2036 PDRELI - ok 22:43:20.0000 2036 PDRFRAME - ok 22:43:20.0015 2036 perc2 - ok 22:43:20.0015 2036 perc2hib - ok 22:43:20.0078 2036 PlugPlay (c3fb1d70cb88722267949694ba51759e) C:\WINDOWS\system32\services.exe 22:43:20.0109 2036 PlugPlay - ok 22:43:20.0125 2036 PolicyAgent (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe 22:43:20.0265 2036 PolicyAgent - ok 22:43:20.0265 2036 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 22:43:20.0421 2036 PptpMiniport - ok 22:43:20.0437 2036 ProtectedStorage (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe 22:43:20.0578 2036 ProtectedStorage - ok 22:43:20.0593 2036 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 22:43:20.0718 2036 PSched - ok 22:43:20.0734 2036 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 22:43:20.0875 2036 Ptilink - ok 22:43:20.0921 2036 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys 22:43:20.0937 2036 PxHelp20 - ok 22:43:20.0937 2036 ql1080 - ok 22:43:20.0953 2036 Ql10wnt - ok 22:43:20.0968 2036 ql12160 - ok 22:43:20.0968 2036 ql1240 - ok 22:43:20.0984 2036 ql1280 - ok 22:43:21.0000 2036 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 22:43:21.0140 2036 RasAcd - ok 22:43:21.0171 2036 RasAuto (78da9ccdac683ef5aa87d1c919f6d221) C:\WINDOWS\System32\rasauto.dll 22:43:21.0328 2036 RasAuto - ok 22:43:21.0328 2036 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 22:43:21.0484 2036 Rasl2tp - ok 22:43:21.0515 2036 RasMan (0a48df90b4784f9b90a2671af992c914) C:\WINDOWS\System32\rasmans.dll 22:43:21.0703 2036 RasMan - ok 22:43:21.0703 2036 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 22:43:21.0843 2036 RasPppoe - ok 22:43:21.0859 2036 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 22:43:21.0984 2036 Raspti - ok 22:43:22.0000 2036 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 22:43:22.0140 2036 Rdbss - ok 22:43:22.0156 2036 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 22:43:22.0296 2036 RDPCDD - ok 22:43:22.0312 2036 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 22:43:22.0453 2036 rdpdr - ok 22:43:22.0515 2036 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys 22:43:22.0578 2036 RDPWD - ok 22:43:22.0625 2036 RDSessMgr (9f63d9c5b238ed1c375d417eff3d5be7) C:\WINDOWS\system32\sessmgr.exe 22:43:22.0828 2036 RDSessMgr - ok 22:43:22.0843 2036 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 22:43:22.0984 2036 redbook - ok 22:43:23.0031 2036 RemoteAccess (7da370c31673c99497bd07068ee6e354) C:\WINDOWS\System32\mprdim.dll 22:43:23.0187 2036 RemoteAccess - ok 22:43:23.0296 2036 RemoteRegistry (e598d81197e2e0ec42a0c55772bb00e8) C:\WINDOWS\system32\regsvc.dll 22:43:23.0515 2036 RemoteRegistry - ok 22:43:23.0671 2036 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe 22:43:23.0687 2036 rpcapd - ok 22:43:23.0750 2036 RpcLocator (499c59a2584f6d4ea41e944da571d993) C:\WINDOWS\system32\locator.exe 22:43:23.0890 2036 RpcLocator - ok 22:43:23.0953 2036 RpcSs (0203b1aad358f206cb0a3c1f93cce17a) C:\WINDOWS\system32\rpcss.dll 22:43:24.0000 2036 RpcSs - ok 22:43:24.0031 2036 RSVP (414964844f4793acb868d057e8ed997e) C:\WINDOWS\system32\rsvp.exe 22:43:24.0171 2036 RSVP - ok 22:43:24.0218 2036 SamSs (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe 22:43:24.0359 2036 SamSs - ok 22:43:24.0390 2036 SCardSvr (67949cc8a865296c1333c96a4e1a2d66) C:\WINDOWS\System32\SCardSvr.exe 22:43:24.0531 2036 SCardSvr - ok 22:43:24.0562 2036 Schedule (55f5c5c1be1a78e285033e432ba01597) C:\WINDOWS\system32\schedsvc.dll 22:43:24.0703 2036 Schedule - ok 22:43:24.0796 2036 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 22:43:24.0875 2036 Secdrv - ok 22:43:24.0890 2036 seclogon (5ac311c0af2af5ec221670bb8dc479d3) C:\WINDOWS\System32\seclogon.dll 22:43:25.0046 2036 seclogon - ok 22:43:25.0093 2036 SENS (3531366f38f453d08fe72e7b32dfe786) C:\WINDOWS\system32\sens.dll 22:43:25.0234 2036 SENS - ok 22:43:25.0265 2036 Ser2pl (6ce397c482bede91a38e56a8c4a0dc6d) C:\WINDOWS\system32\DRIVERS\ser2pl.sys 22:43:25.0312 2036 Ser2pl - ok 22:43:25.0328 2036 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 22:43:25.0453 2036 serenum - ok 22:43:25.0468 2036 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys 22:43:25.0609 2036 Serial - ok 22:43:25.0703 2036 serusb (569ecf031c32ae099f2dc0cc3d3eb334) C:\WINDOWS\system32\DRIVERS\serusb.sys 22:43:25.0718 2036 serusb ( UnsignedFile.Multi.Generic ) - warning 22:43:25.0718 2036 serusb - detected UnsignedFile.Multi.Generic (1) 22:43:25.0765 2036 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 22:43:25.0890 2036 Sfloppy - ok 22:43:25.0921 2036 SharedAccess (f4ce708a7d17a625de6c0fd746d50e88) C:\WINDOWS\System32\ipnathlp.dll 22:43:26.0093 2036 SharedAccess - ok 22:43:26.0125 2036 ShellHWDetection (1b8542f338cdd86929a084a455837158) C:\WINDOWS\System32\shsvcs.dll 22:43:26.0187 2036 ShellHWDetection - ok 22:43:26.0187 2036 Simbad - ok 22:43:26.0203 2036 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 22:43:26.0343 2036 SLIP - ok 22:43:26.0390 2036 snapman (56716d5f74fa7a52a000d8a89173e403) C:\WINDOWS\system32\DRIVERS\snapman.sys 22:43:26.0406 2036 snapman ( UnsignedFile.Multi.Generic ) - warning 22:43:26.0406 2036 snapman - detected UnsignedFile.Multi.Generic (1) 22:43:26.0437 2036 snpstd (7452187a8f1ac46ce4f21be616e8d5f3) C:\WINDOWS\system32\DRIVERS\snpstd.sys 22:43:26.0484 2036 snpstd - ok 22:43:26.0484 2036 Sparrow - ok 22:43:26.0500 2036 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 22:43:26.0656 2036 splitter - ok 22:43:26.0718 2036 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 22:43:26.0750 2036 Spooler - ok 22:43:26.0765 2036 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 22:43:26.0859 2036 sr - ok 22:43:26.0906 2036 srservice (6ed29124a1c83bd0cf6b26bd01ca6f6f) C:\WINDOWS\system32\srsvc.dll 22:43:27.0015 2036 srservice - ok 22:43:27.0046 2036 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 22:43:27.0109 2036 Srv - ok 22:43:27.0140 2036 SSDPSRV (ea9e0db8684cef2fd3badd671df5a112) C:\WINDOWS\System32\ssdpsrv.dll 22:43:27.0250 2036 SSDPSRV - ok 22:43:27.0281 2036 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 22:43:27.0312 2036 ssmdrv - ok 22:43:27.0328 2036 ssm_bus (df5c19f053eff7f8ba25d73aea899656) C:\WINDOWS\system32\DRIVERS\ssm_bus.sys 22:43:27.0359 2036 ssm_bus - ok 22:43:27.0375 2036 ssm_mdfl (5347169fa449eabc4d0728ae39fab926) C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys 22:43:27.0453 2036 ssm_mdfl - ok 22:43:27.0468 2036 ssm_mdm (7aae23dd105eed15c4f45fc269fa42a9) C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys 22:43:27.0500 2036 ssm_mdm - ok 22:43:27.0500 2036 StarOpen - ok 22:43:27.0531 2036 stisvc (d76b0e8a4ecad1adcc75fd14a7acc54c) C:\WINDOWS\system32\wiaservc.dll 22:43:27.0703 2036 stisvc - ok 22:43:27.0718 2036 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 22:43:27.0859 2036 streamip - ok 22:43:27.0859 2036 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 22:43:28.0000 2036 swenum - ok 22:43:28.0015 2036 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 22:43:28.0156 2036 swmidi - ok 22:43:28.0156 2036 SwPrv - ok 22:43:28.0187 2036 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 22:43:28.0328 2036 symc810 - ok 22:43:28.0343 2036 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 22:43:28.0468 2036 symc8xx - ok 22:43:28.0484 2036 Symmpi (f2b7e8416f508368ac6730e2ae1c614f) C:\WINDOWS\system32\DRIVERS\symmpi.sys 22:43:28.0500 2036 Symmpi ( UnsignedFile.Multi.Generic ) - warning 22:43:28.0500 2036 Symmpi - detected UnsignedFile.Multi.Generic (1) 22:43:28.0515 2036 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 22:43:28.0671 2036 sym_hi - ok 22:43:28.0687 2036 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 22:43:28.0828 2036 sym_u3 - ok 22:43:28.0875 2036 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 22:43:29.0000 2036 sysaudio - ok 22:43:29.0031 2036 SysmonLog (0899061318a6b1d9596aabfc77f45e44) C:\WINDOWS\system32\smlogsvc.exe 22:43:29.0187 2036 SysmonLog - ok 22:43:29.0218 2036 TapiSrv (8e5231171ad6595ff002e848cc54fcd7) C:\WINDOWS\System32\tapisrv.dll 22:43:29.0390 2036 TapiSrv - ok 22:43:29.0453 2036 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 22:43:29.0484 2036 Tcpip - ok 22:43:29.0515 2036 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 22:43:29.0656 2036 TDPIPE - ok 22:43:29.0687 2036 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 22:43:29.0828 2036 TDTCP - ok 22:43:29.0828 2036 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 22:43:29.0968 2036 TermDD - ok 22:43:30.0000 2036 TermService (710bc85a8c22626ee094439e3ea0d38c) C:\WINDOWS\System32\termsrv.dll 22:43:30.0171 2036 TermService - ok 22:43:30.0203 2036 Themes (1b8542f338cdd86929a084a455837158) C:\WINDOWS\System32\shsvcs.dll 22:43:30.0250 2036 Themes - ok 22:43:30.0265 2036 TlntSvr (d859a9d2f026ce5804485068ffd6eaf2) C:\WINDOWS\system32\tlntsvr.exe 22:43:30.0375 2036 TlntSvr - ok 22:43:30.0375 2036 TosIde - ok 22:43:30.0406 2036 TrkWks (e1a84a5067627407a53c2c4f8d8a1d2e) C:\WINDOWS\system32\trkwks.dll 22:43:30.0546 2036 TrkWks - ok 22:43:30.0609 2036 TuneUp.Defrag (6a29cd69d1128bdf49a705befc614a5b) C:\WINDOWS\System32\TuneUpDefragService.exe 22:43:30.0671 2036 TuneUp.Defrag - ok 22:43:30.0734 2036 TuneUp.ProgramStatisticsSvc (51ee2913ed525de18fda96dccbc5386a) C:\WINDOWS\System32\TUProgSt.exe 22:43:30.0781 2036 TuneUp.ProgramStatisticsSvc - ok 22:43:30.0796 2036 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 22:43:30.0937 2036 Udfs - ok 22:43:30.0953 2036 ultra - ok 22:43:30.0968 2036 upnphost (bd8166a495b02308f364b36249475f22) C:\WINDOWS\System32\upnphost.dll 22:43:31.0093 2036 upnphost - ok 22:43:31.0109 2036 UPS (1edc93d7bd731b5ca6248ae245099b60) C:\WINDOWS\System32\ups.exe 22:43:31.0265 2036 UPS - ok 22:43:31.0312 2036 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 22:43:31.0453 2036 usbehci - ok 22:43:31.0468 2036 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 22:43:31.0625 2036 usbhub - ok 22:43:31.0640 2036 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 22:43:31.0765 2036 usbprint - ok 22:43:31.0812 2036 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 22:43:31.0953 2036 usbscan - ok 22:43:31.0968 2036 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 22:43:32.0125 2036 USBSTOR - ok 22:43:32.0140 2036 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 22:43:32.0281 2036 usbuhci - ok 22:43:32.0312 2036 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys 22:43:32.0437 2036 usb_rndisx - ok 22:43:32.0453 2036 UxTuneUp (2e2e93041c8058bc7de6f0d743c4a0c6) C:\WINDOWS\System32\uxtuneup.dll 22:43:32.0484 2036 UxTuneUp - ok 22:43:32.0500 2036 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 22:43:32.0656 2036 VgaSave - ok 22:43:32.0703 2036 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 22:43:32.0843 2036 ViaIde - ok 22:43:32.0859 2036 vnccom (b67632451f760797bb183e1fb99f4b39) C:\WINDOWS\system32\Drivers\vnccom.SYS 22:43:32.0875 2036 vnccom ( UnsignedFile.Multi.Generic ) - warning 22:43:32.0875 2036 vnccom - detected UnsignedFile.Multi.Generic (1) 22:43:32.0906 2036 vncdrv (4ec979b157d1aa075330362acb5424e5) C:\WINDOWS\system32\DRIVERS\vncdrv.sys 22:43:32.0921 2036 vncdrv ( UnsignedFile.Multi.Generic ) - warning 22:43:32.0921 2036 vncdrv - detected UnsignedFile.Multi.Generic (1) 22:43:32.0984 2036 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 22:43:33.0125 2036 VolSnap - ok 22:43:33.0156 2036 VSS (5a4da252b2c0550ab83d129c02cf6c19) C:\WINDOWS\System32\vssvc.exe 22:43:33.0281 2036 VSS - ok 22:43:33.0375 2036 VSSERV (411a48d09f0fa6c51fad1499aa918b42) C:\Program Files\Softwin\BitDefender10\vsserv.exe 22:43:33.0390 2036 VSSERV ( UnsignedFile.Multi.Generic ) - warning 22:43:33.0390 2036 VSSERV - detected UnsignedFile.Multi.Generic (1) 22:43:33.0468 2036 W32Time (c1f726ee0b043b074a68992bc4aef8fd) C:\WINDOWS\system32\w32time.dll 22:43:33.0640 2036 W32Time - ok 22:43:33.0656 2036 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 22:43:33.0796 2036 Wanarp - ok 22:43:33.0796 2036 WDICA - ok 22:43:33.0828 2036 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 22:43:33.0968 2036 wdmaud - ok 22:43:33.0984 2036 WebClient (714670e64fbe6d28d99871ed9a52a334) C:\WINDOWS\System32\webclnt.dll 22:43:34.0140 2036 WebClient - ok 22:43:34.0156 2036 wfxsvc (f97456e4db2025cf817702197a907916) C:\WINDOWS\system32\WFXSVC.EXE 22:43:34.0187 2036 wfxsvc ( UnsignedFile.Multi.Generic ) - warning 22:43:34.0187 2036 wfxsvc - detected UnsignedFile.Multi.Generic (1) 22:43:34.0265 2036 winmgmt (5e9deae9980ff34bcd6dde2e9e2bf911) C:\WINDOWS\system32\wbem\WMIsvc.dll 22:43:34.0406 2036 winmgmt - ok 22:43:34.0437 2036 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 22:43:34.0531 2036 WmdmPmSN - ok 22:43:34.0593 2036 Wmi (31c1fd0bbdc5b81c21edba4331edae55) C:\WINDOWS\System32\advapi32.dll 22:43:34.0703 2036 Wmi - ok 22:43:34.0734 2036 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 22:43:34.0875 2036 WmiAcpi - ok 22:43:34.0890 2036 WmiApSrv (4e8e8a58f56b25d0795f484e5eb7f898) C:\WINDOWS\system32\wbem\wmiapsrv.exe 22:43:35.0031 2036 WmiApSrv - ok 22:43:35.0109 2036 WMPNetworkSvc (c9bea742ce225cc993c9465fddae4656) C:\Program Files\Windows Media Player\WMPNetwk.exe 22:43:35.0171 2036 WMPNetworkSvc - ok 22:43:35.0296 2036 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 22:43:35.0343 2036 WPFFontCache_v0400 - ok 22:43:35.0406 2036 wscsvc (c1fd85db4a80a98d60ecb7a828e77fe0) C:\WINDOWS\system32\wscsvc.dll 22:43:35.0562 2036 wscsvc - ok 22:43:35.0578 2036 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 22:43:35.0734 2036 WSTCODEC - ok 22:43:35.0750 2036 wuauserv (75d6c5c3d2c93b1f9931e5dfb693ae2a) C:\WINDOWS\system32\wuauserv.dll 22:43:35.0890 2036 wuauserv - ok 22:43:35.0921 2036 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 22:43:35.0953 2036 WudfPf - ok 22:43:35.0968 2036 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 22:43:35.0984 2036 WudfRd - ok 22:43:36.0015 2036 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll 22:43:36.0046 2036 WudfSvc - ok 22:43:36.0093 2036 WZCSVC (c336e54ee0c291a02f004667db1e66cb) C:\WINDOWS\System32\wzcsvc.dll 22:43:36.0281 2036 WZCSVC - ok 22:43:36.0375 2036 XCOMM (5dc7b7f1dd7b9ed4066a6b065f0ce329) C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe 22:43:36.0390 2036 XCOMM ( UnsignedFile.Multi.Generic ) - warning 22:43:36.0390 2036 XCOMM - detected UnsignedFile.Multi.Generic (1) 22:43:36.0406 2036 xmlprov (f92a87fdda0c11c8604fbc2b864fa726) C:\WINDOWS\System32\xmlprov.dll 22:43:36.0578 2036 xmlprov - ok 22:43:36.0640 2036 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk0\DR0 22:43:37.0125 2036 \Device\Harddisk0\DR0 - ok 22:43:37.0125 2036 Boot (0x1200) (c0855a55d17391869b62d925e2c3964e) \Device\Harddisk0\DR0\Partition0 22:43:37.0125 2036 \Device\Harddisk0\DR0\Partition0 - ok 22:43:37.0140 2036 Boot (0x1200) (4f0d73000fe911c21e4b1f34784f1fd8) \Device\Harddisk0\DR0\Partition1 22:43:37.0140 2036 \Device\Harddisk0\DR0\Partition1 - ok 22:43:37.0156 2036 Boot (0x1200) (fd1619f437d41b23e42e7d7c50b2c305) \Device\Harddisk0\DR0\Partition2 22:43:37.0156 2036 \Device\Harddisk0\DR0\Partition2 - ok 22:43:37.0171 2036 ============================================================ 22:43:37.0171 2036 Scan finished 22:43:37.0171 2036 ============================================================ 22:43:37.0281 3840 Detected object count: 22 22:43:37.0281 3840 Actual detected object count: 22 22:46:27.0140 3840 adpu320 ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0140 3840 adpu320 ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0156 3840 Afc ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0156 3840 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0156 3840 bdss ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0156 3840 bdss ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0156 3840 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0156 3840 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0156 3840 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0156 3840 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0156 3840 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0156 3840 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0156 3840 FNETTBOH ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0156 3840 FNETTBOH ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0156 3840 FNETURPX ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0156 3840 FNETURPX ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0171 3840 hpqwmi ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0171 3840 hpqwmi ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0171 3840 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0171 3840 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0171 3840 LIVESRV ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0171 3840 LIVESRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0171 3840 NetProbe ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0171 3840 NetProbe ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0171 3840 Network Probe ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0171 3840 Network Probe ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0171 3840 OKI OPHJ DCS Loader ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0171 3840 OKI OPHJ DCS Loader ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0187 3840 serusb ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0187 3840 serusb ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0187 3840 snapman ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0187 3840 snapman ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0187 3840 Symmpi ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0187 3840 Symmpi ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0203 3840 vnccom ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0203 3840 vnccom ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0203 3840 vncdrv ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0203 3840 vncdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0203 3840 VSSERV ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0203 3840 VSSERV ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0203 3840 wfxsvc ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0203 3840 wfxsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:46:27.0203 3840 XCOMM ( UnsignedFile.Multi.Generic ) - skipped by user 22:46:27.0203 3840 XCOMM ( UnsignedFile.Multi.Generic ) - User select action: Skip @+
  17. BILOU1
    ReRe, Ci-joint le nouveau rapport : RogueKiller V7.6.6 [10/08/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/57) Blog: tigzy-RK Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: Administrateur [Droits d'admin] Mode: Suppression -- Date: 12/08/2012 22:23:56 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [CHARGE] ¤¤¤ SSDT[25] : NtClose @ 0x805BC538 -> HOOKED (Unknown @ 0xF7B6267C) SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (Unknown @ 0xF7B62636) SSDT[50] : NtCreateSection @ 0x805AB3D0 -> HOOKED (Unknown @ 0xF7B62686) SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0xF7B6262C) SSDT[63] : NtDeleteKey @ 0x80624472 -> HOOKED (Unknown @ 0xF7B6263B) SSDT[65] : NtDeleteValueKey @ 0x80624642 -> HOOKED (Unknown @ 0xF7B62645) SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0xF7B62677) SSDT[98] : NtLoadKey @ 0x806261FA -> HOOKED (Unknown @ 0xF7B6264A) SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0xF7B62618) SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0xF7B6261D) SSDT[177] : NtQueryValueKey @ 0x806221FA -> HOOKED (Unknown @ 0xF7B6269F) SSDT[193] : NtReplaceKey @ 0x806260AA -> HOOKED (Unknown @ 0xF7B62654) SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D7E -> HOOKED (Unknown @ 0xF7B62690) SSDT[204] : NtRestoreKey @ 0x806259B6 -> HOOKED (Unknown @ 0xF7B6264F) SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0xF7B6268B) SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0xF7B62695) SSDT[247] : NtSetValueKey @ 0x80622548 -> HOOKED (Unknown @ 0xF7B62640) SSDT[255] : NtSystemDebugControl @ 0x80617FAA -> HOOKED (Unknown @ 0xF7B6269A) SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0xF7B62627) S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7B626AE) S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7B626B3) ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: WDC WD15EARS-00MVWB0 +++++ --- User --- [MBR] ff7941c14df7eb78e72ff820c8d75197 [bSP] 9a3fe1ede989f2f774a1e0e7e05d637c : Standard MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 204805 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 419441085 | Size: 1205282 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt @+
  18. BILOU1
    Bonsoir, Merci pour le lien, ça m'a permis de me debrouiller. Voici le premier rapport: Rapport de ZHPFix 1.2.07 par Nicolas Coolman, Update du 20/07/2012 Fichier d'export Registre : Run by Administrateur at 12/08/2012 20:46:13 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com ========== Processus mémoire ========== SUPPRIME Memory Process: C:\Program Files\7za.exe ========== Clé(s) du Registre ========== SUPPRIME CLSID MPSK: {fdbca1c2-0e94-11dc-8d7c-0017a4185cda} SUPPRIME Key*: SearchScopes :{f3d17138-0225-4a82-8b31-4d0c3cc1608a} SUPPRIME Key*: HKLM\Software\Classes\.bk1 SUPPRIME Key*: HKLM\Software\Classes\.bk2 SUPPRIME Key*: HKLM\Software\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} ========== Valeur(s) du Registre ========== SUPPRIME FirewallRaz (SP) : %windir%\system32\sessmgr.exe SUPPRIME FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe SUPPRIME FirewallRaz (DP) : %windir%\system32\sessmgr.exe SUPPRIME FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe SUPPRIME FirewallRaz (DP) : C:\Program Files\Radmin\r_server.exe SUPPRIME FirewallRaz (DP) : C:\Program Files\Photocopier Expert\photocopierexpert.exe SUPPRIME FirewallRaz (DP) : C:\Program Files\Eaton\IntelligentPowerProtector\mc2.exe Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Dossier(s) ========== SUPPRIME Temporaires Windows: SUPPRIME Flash Cookies: ========== Fichier(s) ========== SUPPRIME File: c:\program files\7za.exe SUPPRIME Temporaires Windows: SUPPRIME Flash Cookies: ========== Récapitulatif ========== 1 : Processus mémoire 5 : Clé(s) du Registre 8 : Valeur(s) du Registre 2 : Dossier(s) 3 : Fichier(s) End of clean in 01mn 00s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 12/08/2012 20:46:13 [1859] Puis le deuxième : RogueKiller V7.6.6 [10/08/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/57) Blog: tigzy-RK Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: Administrateur [Droits d'admin] Mode: Recherche -- Date: 12/08/2012 21:48:44 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [CHARGE] ¤¤¤ SSDT[25] : NtClose @ 0x805BC538 -> HOOKED (Unknown @ 0xF7B6267C) SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (Unknown @ 0xF7B62636) SSDT[50] : NtCreateSection @ 0x805AB3D0 -> HOOKED (Unknown @ 0xF7B62686) SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0xF7B6262C) SSDT[63] : NtDeleteKey @ 0x80624472 -> HOOKED (Unknown @ 0xF7B6263B) SSDT[65] : NtDeleteValueKey @ 0x80624642 -> HOOKED (Unknown @ 0xF7B62645) SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0xF7B62677) SSDT[98] : NtLoadKey @ 0x806261FA -> HOOKED (Unknown @ 0xF7B6264A) SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0xF7B62618) SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0xF7B6261D) SSDT[177] : NtQueryValueKey @ 0x806221FA -> HOOKED (Unknown @ 0xF7B6269F) SSDT[193] : NtReplaceKey @ 0x806260AA -> HOOKED (Unknown @ 0xF7B62654) SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D7E -> HOOKED (Unknown @ 0xF7B62690) SSDT[204] : NtRestoreKey @ 0x806259B6 -> HOOKED (Unknown @ 0xF7B6264F) SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0xF7B6268B) SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0xF7B62695) SSDT[247] : NtSetValueKey @ 0x80622548 -> HOOKED (Unknown @ 0xF7B62640) SSDT[255] : NtSystemDebugControl @ 0x80617FAA -> HOOKED (Unknown @ 0xF7B6269A) SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0xF7B62627) S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7B626AE) S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7B626B3) ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: WDC WD15EARS-00MVWB0 +++++ --- User --- [MBR] ff7941c14df7eb78e72ff820c8d75197 [bSP] 9a3fe1ede989f2f774a1e0e7e05d637c : Standard MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 204805 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 419441085 | Size: 1205282 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[1].txt >> RKreport[1].txt @+
  19. BILOU1
    Bonjour, Il y a des problèmes. 1°)"Résident" était déjà décoché et je le voyais toujours. Je l'ai fait disparaître en cliquant droit et "quitter". Tu crois que c'est bon quand même? Dévaccination accomplie 2°)Spybot n’apparaît pas dans demarrer/parametres/panneau de configuration/Ajout-suppression de programmes. As-tu une autre façon de désinstaller? @+
  20. BILOU1
    Bonjour, Je suis un peu confus de demander de l'aide car moi qui suis un peu parano sur la sécurité je pensais être bien protégé. Je vais devoir revoir ma stratégie. Voilà mon problème. Cela fait déjà quelques temps que j'avais un écran bleu mais pas souvent. Vendredi 3 août au soir, alors que j'allais arrêter l'ordi, arrivent pendant une minute, une multitude de fenêtres en cascade à la vitesse de 10 à la seconde environ, puis tout se bloque: Impossible de faire démarrer/arrêter, ctrl/alt/sup sans effet, Echap non plus. Bon, j'ai laissé le doigt appuyé sur le bouton 20 secondes et il s'est éteint. Le lendemain, impossible de démarrer, écran bleu sur écran bleu. J'ai pensé à un problème de mémoire par le message affiché (désolé je ne me rappelle plus ce qu'il disait)et en effet il a redémarré quand j'ai eu enlevé 3 barrettes sur les 4 et n'a toujours pas planté depuis. Mais voilà: CATASTROPHE plein de programmes plus visibles ou non fonctionnels. J'ai réussi à réinstaller Internet Explorer mais pas Outlook (impossible) et je ne peux plus envoyer de mail. Je ne peux plus faire "rechercher" ni "restaurer" etc. Cela fait une semaine que je lance programme de désinfection après un autre sans résultat et même que maintenant avant le démarrage j'ai une fenêtre carrée blanche sur fond bleue clair de 10 cm sur 10 totalement vide avec quelques lettres bizarres en haut à gauche. Pour poursuivre le démarrage je dois cliquer sur le bouton OK de cette fenêtre vide????? Pour gagner du temps, voici le rapport ZHPDiag et le rapport ADWCleaner Bon Dimanche
×
×
  • Créer...