BountyKiller
-
Compteur de contenus
18 -
Inscription
-
Dernière visite
BountyKiller's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
[Résolu] Problème de défilement avec la molette de ma souris
BountyKiller a répondu à un(e) sujet de BountyKiller dans Hardware
bonjour, je vous remercie pour vos conseils. Après tous avoir vérifié hier, le pb persistai , mais aujourd'hui ça remarche normalement ! @ + sur le forum -
[Résolu] Problème de défilement avec la molette de ma souris
BountyKiller a posté un sujet dans Hardware
Bonjour à tous ! voici mon problème, j'ai une souris optique avec fil : Dexxa Optical M-SBC76, sous xp et donc quand je veux faire descendre une page avec la molette, la page descend mais par moment remonte toute seule ! Enfin elle remonte de 1 ou 2 ligne, mais c'est super gênant quand on regarde un document et que quand tu descend , ça remonte tout seul ! je remercie par avance ceux ou celle qui pourraient m'aider à trouver une solution. @ ++ -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Bon bah encore une fois merci Apollo pour la désinfection. Je vais maintenant parcourir le sous-forum Sécurisation et Prévention pour optimiser mon pc et éviter une nouvelle infection. ++ -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Re, Oui c'est vrai que l'analyse est assez rapide , mais il a mis au moins 2h pour "program dowload and update" et pour "database update". il n'a rien trouvé donc, cela voudrait dire que je suis enfin débarrassé de ce virus ? ++ -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Bonjour tout le monde ! Comme convenu voici le rapport du scan kaspersky de mon pc. -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Monday, May 24, 2010 Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Monday, May 24, 2010 03:19:17 Records in database: 4169101 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ Scan statistics: Objects scanned: 73057 Threats found: 0 Infected objects found: 0 Suspicious objects found: 0 Scan duration: 00:10:56 No threats found. Scanned area is clean. Selected area has been scanned. ++ -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Re, Oui ça à l'air, en tout cas plus de fenêtres intempestives pour l'instant. J'ai bien la version JAVA à jour et aucune autre. Pour le scan en ligne kaspersky je le ferait demain et je posterai les résultats. merci encore de ton aide Apollo et bonne nuit. + -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Re, ############################## | UsbFix V6.114 | User : carpentier (Administrateurs) # CAPENTIE-39EFA5 Update on 17/05/2010 by El Desaparecido , C_XX & Chimay8 Start at: 23:13:51 | 23/05/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : [email protected] Intel® Pentium® Dual CPU E2140 @ 1.60GHz Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Disabled AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] FW : Pare-feu Online Armor[ Enabled ]4.0.0.44 A:\ -> Lecteur de disquettes 3 ½ pouces C:\ -> Disque fixe local # 77,62 Go (13,33 Go free) # NTFS D:\ -> Disque fixe local # 155,25 Go (45,75 Go free) # NTFS E:\ -> Disque CD-ROM F:\ -> Disque CD-ROM G:\ -> Disque fixe local # 37,27 Go (37,25 Go free) [DSK2_VOL1] # NTFS ################## | Elements infectieux | ################## | Registre | [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" ################## | Mountpoints2 | ################## | Vaccin | # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). # D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). # G:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). ################## | ! Fin du rapport # UsbFix V6.114 ! | Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4134 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 23/05/2010 23:52:52 mbam-log-2010-05-23 (23-52-52).txt Type d'examen: Examen rapide Elément(s) analysé(s): 118782 Temps écoulé: 9 minute(s), 15 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Re, J'ai une question, il y a quelques temps sur mon pc j'avais un disque dur externe mais j'ai, sans faire exprès marcher dessus , depuis le pc ne le reconnait plus, mais il est toujours présent dans le gestionnaire des périphériques. Le virus peut-il venir de la ? (dsl si c'est une question con ) ############################## | UsbFix V6.114 | User : carpentier (Administrateurs) # CAPENTIE-39EFA5 Update on 17/05/2010 by El Desaparecido , C_XX & Chimay8 Start at: 22:24:09 | 23/05/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : [email protected] Intel® Pentium® Dual CPU E2140 @ 1.60GHz Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Disabled AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] FW : Pare-feu Online Armor[ Enabled ]4.0.0.44 A:\ -> Lecteur de disquettes 3 ½ pouces C:\ -> Disque fixe local # 77,62 Go (13,36 Go free) # NTFS D:\ -> Disque fixe local # 155,25 Go (45,75 Go free) # NTFS E:\ -> Disque CD-ROM F:\ -> Disque CD-ROM G:\ -> Disque fixe local # 37,27 Go (37,25 Go free) [DSK2_VOL1] # NTFS ################## | Elements infectieux | ################## | Registre | [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" ################## | Mountpoints2 | ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné ! ################## | ! Fin du rapport # UsbFix V6.114 ! | -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Concernant mon surf, depuis tout a l'heure je me suis rendu sur la redoute, spartoo, un forum de reggae dancehall américain, et sur U stream . J'ai aussi joué un peu a mon jeu vidéo. le virus peut venir d'un de ces sites ? Combofix a détecté une infection rootkit et m'a fait reboot le pc, puis je l'ai relancé, j'espère que je ne me suis pas trompé. ComboFix 10-05-23.01 - carpentier 23/05/2010 21:35:20.1.2 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.606 [GMT 2:00] Lancé depuis: c:\documents and settings\carpentier\Bureau\panpan.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FW: Pare-feu Online Armor *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\carpentier\Application Data\Microsoft\HTML Help\hh.dat c:\windows\system32\Data . ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-23 au 2010-05-23 )))))))))))))))))))))))))))))))))))) . 2010-05-22 18:25 . 2010-05-22 18:25 -------- d-----r- c:\documents and settings\LocalService\Favoris 2010-05-22 17:09 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-22 17:09 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-22 17:09 . 2010-05-22 17:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-22 16:38 . 2010-05-22 16:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spamihilator 2010-05-22 16:35 . 2010-05-23 19:27 -------- d-----w- c:\documents and settings\carpentier\Application Data\Spamihilator 2010-05-22 16:34 . 2010-05-22 16:34 -------- d-----w- c:\program files\Spamihilator 2010-05-22 16:23 . 2010-05-22 17:04 -------- d-----w- c:\documents and settings\All Users\Application Data\OnlineArmor 2010-05-22 16:23 . 2010-05-22 16:23 -------- d-----w- c:\documents and settings\carpentier\Application Data\OnlineArmor 2010-05-22 16:22 . 2010-04-20 02:13 24440 ----a-w- c:\windows\system32\drivers\OAmon.sys 2010-05-22 16:22 . 2010-04-20 02:13 29560 ----a-w- c:\windows\system32\drivers\OAnet.sys 2010-05-22 16:22 . 2010-04-20 02:13 228216 ----a-w- c:\windows\system32\drivers\OADriver.sys 2010-05-22 16:22 . 2010-05-22 16:22 -------- d-----w- c:\program files\Tall Emu 2010-05-22 16:11 . 2009-11-25 09:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-05-22 16:11 . 2009-03-30 07:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-05-22 16:11 . 2009-02-13 09:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-05-22 16:11 . 2009-02-13 09:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-05-22 16:11 . 2010-05-22 16:11 -------- d-----w- c:\program files\Avira 2010-05-22 16:11 . 2010-05-22 16:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-05-21 20:38 . 2010-05-21 20:39 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-05-21 19:37 . 2010-05-23 16:04 -------- d-----w- c:\program files\Trend Micro 2010-05-21 14:40 . 2010-05-21 14:40 -------- d-----w- c:\documents and settings\carpentier\Local Settings\Application Data\TouchStoneSoftware 2010-05-12 16:01 . 2010-05-06 22:39 701608 ----a-w- c:\documents and settings\carpentier\Application Data\Mozilla\Firefox\Profiles\hjj6gojc.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll 2010-05-12 16:01 . 2010-05-06 22:39 865896 ----a-w- c:\documents and settings\carpentier\Application Data\Mozilla\Firefox\Profiles\hjj6gojc.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll 2010-05-12 15:57 . 2010-05-21 20:23 411368 ----a-w- c:\windows\system32\deployJava1.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-23 19:31 . 2007-12-19 12:10 73552 ----a-w- c:\documents and settings\carpentier\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-05-23 16:40 . 2009-05-23 21:22 -------- d-----w- c:\program files\Steam 2010-05-23 16:06 . 2009-12-30 14:40 -------- d-----w- c:\documents and settings\carpentier\Application Data\QuickScan 2010-05-23 15:26 . 2008-03-15 15:59 -------- d-----w- c:\program files\Windows Live 2010-05-23 15:19 . 2008-10-31 14:35 -------- d-----w- c:\program files\ma-config.com 2010-05-22 16:31 . 2007-12-20 14:24 -------- d-----w- c:\documents and settings\carpentier\Application Data\SPAMfighter 2010-05-22 16:22 . 2004-08-05 12:00 46984 ----a-w- c:\windows\system32\perfc00C.dat 2010-05-22 16:22 . 2004-08-05 12:00 364314 ----a-w- c:\windows\system32\perfh00C.dat 2010-05-22 16:05 . 2008-07-25 09:02 -------- d-----w- c:\program files\AVG 2010-05-22 15:55 . 2008-10-30 19:52 -------- d-----w- c:\program files\Fichiers communs\Real 2010-05-22 15:51 . 2008-10-07 13:10 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard 2010-05-22 15:51 . 2009-12-30 16:22 -------- d-----w- c:\program files\SUPERAntiSpyware 2010-05-22 15:38 . 2008-07-13 14:33 -------- d-----w- c:\program files\AVS4YOU 2010-05-22 15:38 . 2007-12-19 22:23 -------- d-----w- c:\program files\Fichiers communs\AVSMedia 2010-05-22 15:38 . 2007-12-19 22:23 -------- d-----w- c:\program files\AVSMedia 2010-05-22 13:45 . 2010-01-31 00:11 0 ----a-w- c:\documents and settings\carpentier\Local Settings\Application Data\prvlcl.dat 2010-05-21 20:26 . 2007-12-19 20:10 -------- d-----w- c:\program files\Java 2010-05-21 19:30 . 2007-12-19 12:56 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-05-15 13:29 . 2008-12-27 22:45 -------- d-----w- c:\documents and settings\carpentier\Application Data\dvdcss 2010-05-12 16:08 . 2007-12-19 14:02 -------- d-----w- c:\program files\Yahoo! 2010-05-12 16:07 . 2007-12-19 21:08 -------- d-----w- c:\program files\Common Files 2010-05-12 15:42 . 2009-02-02 13:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-04-12 14:49 . 2010-04-12 14:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia 2010-04-09 14:36 . 2007-12-19 20:10 -------- d-----w- c:\program files\Fichiers communs\Java 2010-04-09 14:35 . 2010-04-09 14:35 503808 ----a-w- c:\documents and settings\carpentier\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-37d3ea2b-n\msvcp71.dll 2010-04-09 14:35 . 2010-04-09 14:35 499712 ----a-w- c:\documents and settings\carpentier\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-37d3ea2b-n\jmc.dll 2010-04-09 14:35 . 2010-04-09 14:35 348160 ----a-w- c:\documents and settings\carpentier\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-37d3ea2b-n\msvcr71.dll 2010-04-09 14:35 . 2010-04-09 14:35 61440 ----a-w- c:\documents and settings\carpentier\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-43944592-n\decora-sse.dll 2010-04-09 14:35 . 2010-04-09 14:35 12800 ----a-w- c:\documents and settings\carpentier\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-43944592-n\decora-d3d.dll 2010-03-10 06:16 . 2004-08-05 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:17 . 2004-08-05 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2004-08-05 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdReg"="c:\windows\Updreg.exe" [2000-05-11 90112] "AudCtrl"="AudCtrl.dll" [2002-01-18 44544] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-25 13680640] "nwiz"="nwiz.exe" [2008-12-25 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-25 86016] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2010-04-20 6788600] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\carpentier\Menu D‚marrer\Programmes\D‚marrage\ Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2010-5-22 1512448] c:\documents and settings\carpentier\Menu D‚marrer\Programmes\D‚marrage\ Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2010-5-22 1512448] c:\documents and settings\carpentier\Menu D‚marrer\Programmes\D‚marrage\ Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2010-5-22 1512448] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ NETGEAR WPN111 Smart Wizard.lnk - c:\program files\NETGEAR\WPN111\wpn111.exe [2008-2-14 884838] PalTalk.lnk - c:\program files\Paltalk Messenger\paltalk.exe [2009-10-20 11550720] c:\documents and settings\carpentier\Menu D‚marrer\Programmes\D‚marrage\ Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2010-5-22 1512448] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2010-04-20 925688] [HKLM\~\startupfolder\C:^Documents and Settings^carpentier^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk] path=c:\documents and settings\carpentier\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 02:33 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 15:40 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2008-12-25 23:08 13680640 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2008-12-25 23:08 86016 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2008-12-25 23:08 1657376 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2006-09-12 08:58 16264192 ------r- c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Valve\\Steam\\SteamApps\\supadread\\counter-strike source\\hl2.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Steam\\steamapps\\supadread\\counter-strike source\\hl2.exe"= "c:\\Program Files\\Paltalk Messenger\\paltalk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Spamihilator\\spamihilator.exe"= "c:\\Program Files\\Spamihilator\\cdcc.exe"= "c:\\Program Files\\Spamihilator\\dccproc.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "12594:TCP"= 12594:TCP:NortonAV "18068:TCP"= 18068:TCP:NortonAV "17080:TCP"= 17080:TCP:NortonAV "13146:TCP"= 13146:TCP:NortonAV "17243:TCP"= 17243:TCP:NortonAV "12875:TCP"= 12875:TCP:NortonAV "17416:TCP"= 17416:TCP:NortonAV "13678:TCP"= 13678:TCP:NortonAV "18207:TCP"= 18207:TCP:NortonAV R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [22/05/2010 18:22 228216] R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [22/05/2010 18:22 24440] R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [22/05/2010 18:22 29560] R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [22/05/2010 18:11 108289] R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [22/05/2010 18:22 1284600] R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [03/05/2008 19:00 33792] R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [14/02/2008 15:29 17149] R3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\drivers\WPN111.sys [14/02/2008 15:29 362944] S0 kodritt;kodritt; [x] S0 nvbzeh;nvbzeh; [x] S0 rodautra;rodautra; [x] S2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [22/05/2010 18:22 3506680] S3 sbext;Sound Blaster Extigy Audio Driver;c:\windows\system32\drivers\sbext.sys [25/12/2007 22:48 1131830] S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [11/02/2008 17:43 402432] S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys --> c:\windows\system32\DRIVERS\sis163u.sys [?] . Contenu du dossier 'Tâches planifiées' 2010-05-23 c:\windows\Tasks\User_Feed_Synchronization-{C6A09BB2-03F8-458E-B73B-EFFD111486D1}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uStart Page = hxxp://www.google.fr/ mStart Page = hxxp://www.google.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB FF - ProfilePath - c:\documents and settings\carpentier\Application Data\Mozilla\Firefox\Profiles\hjj6gojc.default\ FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); . - - - - ORPHELINS SUPPRIMES - - - - Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\qttask.exe MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.6.0_03\bin\jusched.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-23 21:40 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2010-05-23 21:43:13 ComboFix-quarantined-files.txt 2010-05-23 19:43 Avant-CF: 14 373 150 720 octets libres Après-CF: 14 342 578 176 octets libres - - End Of File - - 367BA5DDF6B005078F8ADE1410BD074F -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Bonsoir, A l'instant je surfais normalement, et une fenêtre viens d'apparaitre: Security Threat Analysis Warning! Your computer is at risk of malware attacks. We recommend you to check your system immediately. Press OK to start the process now Que dois-je faire ? HELP !!!!!! -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Mille merci Apollo pour ta disponibilité, tes compétences et ta rapidité. @+ BountyKiller -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Dsl pour le delay mon wifi est capricieux. Pour la page d'accueil c'est bon, google est revenu. Voici le new log HIJT. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:51:37, on 23/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Tall Emu\Online Armor\OAcat.exe C:\Program Files\Tall Emu\Online Armor\oasrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Tall Emu\Online Armor\oaui.exe C:\Program Files\NETGEAR\WPN111\wpn111.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Tall Emu\Online Armor\OAhlp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dailymotion.com/fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [AudCtrl] RunDll32 AudCtrl.dll,RCMonitor O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe (User 'Default user') O4 - Startup: Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ? O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/mygarmin/m/GarminAxControl.CAB O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_3_4.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\OAcat.exe O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- End of file - 8991 bytes -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Re Apollo, Encore merci de ton aide Apollo. -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Re Apollo, 17:30:07:562 0108 TDSS rootkit removing tool 2.3.0.0 May 12 2010 18:11:17 17:30:07:562 0108 ================================================================================ 17:30:07:562 0108 SystemInfo: 17:30:07:562 0108 OS Version: 5.1.2600 ServicePack: 3.0 17:30:07:562 0108 Product type: Workstation 17:30:07:562 0108 ComputerName: CAPENTIE-39EFA5 17:30:07:562 0108 UserName: carpentier 17:30:07:562 0108 Windows directory: C:\WINDOWS 17:30:07:562 0108 Processor architecture: Intel x86 17:30:07:562 0108 Number of processors: 2 17:30:07:562 0108 Page size: 0x1000 17:30:07:562 0108 Boot type: Normal boot 17:30:07:562 0108 ================================================================================ 17:30:07:578 0108 UnloadDriverW: NtUnloadDriver error 2 17:30:07:578 0108 ForceUnloadDriverW: UnloadDriverW(klmd23) error 2 17:30:07:843 0108 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system 17:30:07:875 0108 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 17:30:07:875 0108 wfopen_ex: Trying to KLMD file open 17:30:07:890 0108 wfopen_ex: File opened ok (Flags 2) 17:30:07:890 0108 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software 17:30:08:312 0108 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 17:30:08:312 0108 wfopen_ex: Trying to KLMD file open 17:30:08:312 0108 wfopen_ex: File opened ok (Flags 2) 17:30:08:312 0108 KLAVA engine initialized 17:30:09:015 0108 Initialize success 17:30:09:015 0108 17:30:09:015 0108 Scanning Services ... 17:30:09:765 0108 Raw services enum returned 316 services 17:30:09:812 0108 17:30:09:812 0108 Scanning Drivers ... 17:30:10:187 0108 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 17:30:10:390 0108 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys 17:30:10:531 0108 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 17:30:10:625 0108 AegisP (2c5c22990156a1063e19ad162191dc1d) C:\WINDOWS\system32\DRIVERS\AegisP.sys 17:30:11:046 0108 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 17:30:11:296 0108 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 17:30:11:562 0108 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 17:30:11:703 0108 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 17:30:11:843 0108 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 17:30:12:250 0108 AvgLdx86 (9c0a7e6d3cb9a8a7ad4e4575d9a42e94) C:\WINDOWS\System32\Drivers\avgldx86.sys 17:30:12:531 0108 AvgMfx86 (f9caeec3ff1545991f490264429724c5) C:\WINDOWS\System32\Drivers\avgmfx86.sys 17:30:12:718 0108 AvgTdiX (cf9ac576490bb6c547cd16ef0b782358) C:\WINDOWS\System32\Drivers\avgtdix.sys 17:30:12:875 0108 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 17:30:13:015 0108 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS 17:30:13:187 0108 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 17:30:13:343 0108 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 17:30:13:406 0108 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 17:30:13:500 0108 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 17:30:13:609 0108 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys 17:30:13:718 0108 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 17:30:13:796 0108 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 17:30:13:984 0108 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 17:30:14:046 0108 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 17:30:14:125 0108 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 17:30:14:218 0108 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS 17:30:14:312 0108 driverhardwarev2 (984627ee71a73a38c3d8719facf302a8) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys 17:30:14:343 0108 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 17:30:14:421 0108 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 17:30:14:531 0108 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 17:30:14:593 0108 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 17:30:14:656 0108 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 17:30:14:718 0108 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 17:30:14:781 0108 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 17:30:14:828 0108 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 17:30:14:890 0108 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 17:30:15:046 0108 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 17:30:15:109 0108 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 17:30:15:203 0108 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 17:30:15:296 0108 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 17:30:15:390 0108 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 17:30:15:718 0108 IntcAzAudAddService (a5d5b8c427f4b67580fb2b511291a89d) C:\WINDOWS\system32\drivers\RtkHDAud.sys 17:30:16:046 0108 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 17:30:16:140 0108 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 17:30:16:234 0108 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 17:30:16:296 0108 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 17:30:16:390 0108 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 17:30:16:484 0108 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 17:30:16:515 0108 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys 17:30:16:593 0108 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 17:30:16:687 0108 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys 17:30:16:750 0108 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 17:30:16:859 0108 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 17:30:16:921 0108 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 17:30:17:046 0108 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 17:30:17:093 0108 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 17:30:17:203 0108 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 17:30:17:375 0108 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 17:30:17:546 0108 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 17:30:17:812 0108 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 17:30:17:890 0108 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 17:30:18:000 0108 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 17:30:18:187 0108 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 17:30:18:250 0108 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 17:30:18:296 0108 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 17:30:18:375 0108 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 17:30:18:468 0108 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 17:30:18:562 0108 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 17:30:18:625 0108 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 17:30:18:656 0108 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 17:30:18:812 0108 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 17:30:18:875 0108 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 17:30:18:921 0108 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 17:30:18:968 0108 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 17:30:19:062 0108 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 17:30:19:187 0108 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 17:30:19:250 0108 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 17:30:19:312 0108 Nsynas32 (4b4a21e158c039ee0888741bfe1d24e0) C:\WINDOWS\system32\drivers\Nsynas32.sys 17:30:19:375 0108 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 17:30:19:437 0108 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 17:30:19:968 0108 nv (ce34061a298bfb4ebd1a0bb8592dc977) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 17:30:20:359 0108 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 17:30:20:453 0108 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 17:30:20:546 0108 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys 17:30:20:593 0108 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 17:30:20:671 0108 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 17:30:20:750 0108 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 17:30:20:828 0108 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 17:30:20:921 0108 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 17:30:21:125 0108 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\system32\PfModNT.sys 17:30:21:187 0108 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 17:30:21:265 0108 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 17:30:21:343 0108 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 17:30:21:453 0108 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 17:30:21:500 0108 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys 17:30:21:562 0108 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 17:30:21:593 0108 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 17:30:21:625 0108 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 17:30:21:953 0108 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 17:30:22:125 0108 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 17:30:22:359 0108 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 17:30:22:750 0108 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 17:30:23:171 0108 RTLE8023xp (25be98c05808c57e4d8d26477dc12d39) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 17:30:23:609 0108 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 17:30:23:718 0108 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS 17:30:23:968 0108 SASKUTIL (4fd72291a89793049104ca0a7e353cd4) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys 17:30:24:296 0108 sbext (b4495cad15771b15f09e2e304b24fe58) C:\WINDOWS\system32\DRIVERS\sbext.sys 17:30:24:468 0108 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 17:30:24:640 0108 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 17:30:24:734 0108 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys 17:30:24:828 0108 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 17:30:25:218 0108 SG762_XP (478b4415dfb3a45b6fe61ec781e07d7b) C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys 17:30:25:484 0108 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 17:30:25:562 0108 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 17:30:25:687 0108 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys 17:30:25:843 0108 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 17:30:25:953 0108 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 17:30:26:140 0108 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 17:30:26:312 0108 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 17:30:26:375 0108 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 17:30:26:468 0108 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 17:30:26:578 0108 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 17:30:26:687 0108 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 17:30:26:812 0108 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 17:30:26:921 0108 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 17:30:27:015 0108 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 17:30:27:078 0108 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 17:30:27:171 0108 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 17:30:27:265 0108 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 17:30:27:406 0108 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 17:30:27:734 0108 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 17:30:27:828 0108 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 17:30:27:937 0108 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 17:30:28:062 0108 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 17:30:28:218 0108 WPN111 (75a833b635e093c728f5027b01f8cbb7) C:\WINDOWS\system32\DRIVERS\WPN111.sys 17:30:28:328 0108 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 17:30:28:421 0108 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 17:30:28:515 0108 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 17:30:28:656 0108 17:30:28:656 0108 Completed 17:30:28:656 0108 17:30:28:656 0108 Results: 17:30:28:656 0108 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 17:30:28:656 0108 File objects infected / cured / cured on reboot: 0 / 0 / 0 17:30:28:656 0108 17:30:28:656 0108 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system 17:30:28:656 0108 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software 17:30:28:671 0108 KLMD(ARK) unloaded successfully 19:00:07:984 2288 TDSS rootkit removing tool 2.3.0.0 May 12 2010 18:11:17 19:00:07:984 2288 ================================================================================ 19:00:07:984 2288 SystemInfo: 19:00:07:984 2288 OS Version: 5.1.2600 ServicePack: 3.0 19:00:07:984 2288 Product type: Workstation 19:00:07:984 2288 ComputerName: CAPENTIE-39EFA5 19:00:07:984 2288 UserName: carpentier 19:00:07:984 2288 Windows directory: C:\WINDOWS 19:00:07:984 2288 Processor architecture: Intel x86 19:00:07:984 2288 Number of processors: 2 19:00:07:984 2288 Page size: 0x1000 19:00:07:984 2288 Boot type: Normal boot 19:00:07:984 2288 ================================================================================ 19:00:08:000 2288 UnloadDriverW: NtUnloadDriver error 2 19:00:08:000 2288 ForceUnloadDriverW: UnloadDriverW(klmd23) error 2 19:00:08:015 2288 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system 19:00:08:015 2288 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 19:00:08:015 2288 wfopen_ex: Trying to KLMD file open 19:00:08:015 2288 wfopen_ex: File opened ok (Flags 2) 19:00:08:015 2288 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software 19:00:08:015 2288 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 19:00:08:015 2288 wfopen_ex: Trying to KLMD file open 19:00:08:015 2288 wfopen_ex: File opened ok (Flags 2) 19:00:08:015 2288 KLAVA engine initialized 19:00:08:234 2288 Initialize success 19:00:08:234 2288 19:00:08:234 2288 Scanning Services ... 19:00:08:578 2288 Raw services enum returned 317 services 19:00:08:593 2288 19:00:08:593 2288 Scanning Drivers ... 19:00:08:718 2288 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 19:00:08:750 2288 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys 19:00:08:781 2288 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 19:00:08:812 2288 AegisP (2c5c22990156a1063e19ad162191dc1d) C:\WINDOWS\system32\DRIVERS\AegisP.sys 19:00:08:843 2288 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 19:00:08:906 2288 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 19:00:08:921 2288 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 19:00:08:953 2288 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 19:00:08:968 2288 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 19:00:09:078 2288 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 19:00:09:125 2288 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 19:00:09:171 2288 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\WINDOWS\system32\DRIVERS\avipbb.sys 19:00:09:187 2288 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 19:00:09:218 2288 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS 19:00:09:234 2288 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 19:00:09:250 2288 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 19:00:09:265 2288 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 19:00:09:281 2288 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 19:00:09:312 2288 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys 19:00:09:343 2288 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 19:00:09:390 2288 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 19:00:09:421 2288 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 19:00:09:437 2288 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 19:00:09:453 2288 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 19:00:09:484 2288 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS 19:00:09:531 2288 driverhardwarev2 (984627ee71a73a38c3d8719facf302a8) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys 19:00:09:546 2288 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 19:00:09:562 2288 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 19:00:09:578 2288 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 19:00:09:578 2288 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 19:00:09:609 2288 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 19:00:09:609 2288 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 19:00:09:625 2288 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 19:00:09:640 2288 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 19:00:09:640 2288 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 19:00:09:656 2288 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 19:00:09:687 2288 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 19:00:09:718 2288 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 19:00:09:750 2288 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 19:00:09:765 2288 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 19:00:09:921 2288 IntcAzAudAddService (a5d5b8c427f4b67580fb2b511291a89d) C:\WINDOWS\system32\drivers\RtkHDAud.sys 19:00:09:984 2288 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 19:00:10:000 2288 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 19:00:10:031 2288 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 19:00:10:046 2288 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 19:00:10:062 2288 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 19:00:10:078 2288 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 19:00:10:109 2288 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys 19:00:10:125 2288 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 19:00:10:140 2288 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys 19:00:10:156 2288 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 19:00:10:171 2288 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 19:00:10:187 2288 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 19:00:10:234 2288 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 19:00:10:250 2288 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 19:00:10:281 2288 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 19:00:10:296 2288 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 19:00:10:296 2288 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 19:00:10:312 2288 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 19:00:10:328 2288 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 19:00:10:343 2288 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 19:00:10:375 2288 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 19:00:10:390 2288 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 19:00:10:406 2288 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 19:00:10:406 2288 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 19:00:10:421 2288 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 19:00:10:437 2288 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 19:00:10:437 2288 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 19:00:10:453 2288 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 19:00:10:468 2288 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 19:00:10:484 2288 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 19:00:10:500 2288 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 19:00:10:515 2288 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 19:00:10:531 2288 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 19:00:10:546 2288 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 19:00:10:562 2288 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 19:00:10:578 2288 Nsynas32 (4b4a21e158c039ee0888741bfe1d24e0) C:\WINDOWS\system32\drivers\Nsynas32.sys 19:00:10:609 2288 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 19:00:10:625 2288 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 19:00:10:828 2288 nv (ce34061a298bfb4ebd1a0bb8592dc977) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 19:00:10:921 2288 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 19:00:10:921 2288 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 19:00:10:953 2288 OADevice (da5e5a2026eeef52d94fcb760e171752) C:\WINDOWS\system32\drivers\OADriver.sys 19:00:10:984 2288 OAmon (3524dd1f24bd0114eaa98048d76075c1) C:\WINDOWS\system32\drivers\OAmon.sys 19:00:11:000 2288 OAnet (e57d9d511e837ef56f93ec29f1ff730d) C:\WINDOWS\system32\drivers\OAnet.sys 19:00:11:031 2288 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys 19:00:11:046 2288 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 19:00:11:062 2288 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 19:00:11:078 2288 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 19:00:11:109 2288 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 19:00:11:125 2288 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 19:00:11:203 2288 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\system32\PfModNT.sys 19:00:11:218 2288 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 19:00:11:218 2288 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 19:00:11:265 2288 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 19:00:11:281 2288 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys 19:00:11:296 2288 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 19:00:11:296 2288 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 19:00:11:312 2288 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 19:00:11:328 2288 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 19:00:11:328 2288 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 19:00:11:359 2288 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 19:00:11:390 2288 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 19:00:11:421 2288 RTLE8023xp (25be98c05808c57e4d8d26477dc12d39) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 19:00:11:468 2288 sbext (b4495cad15771b15f09e2e304b24fe58) C:\WINDOWS\system32\DRIVERS\sbext.sys 19:00:11:515 2288 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 19:00:11:515 2288 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 19:00:11:546 2288 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys 19:00:11:546 2288 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 19:00:11:593 2288 SG762_XP (478b4415dfb3a45b6fe61ec781e07d7b) C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys 19:00:11:625 2288 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 19:00:11:640 2288 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 19:00:11:671 2288 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys 19:00:11:703 2288 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 19:00:11:703 2288 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 19:00:11:734 2288 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 19:00:11:765 2288 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 19:00:11:796 2288 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 19:00:11:828 2288 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 19:00:11:843 2288 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 19:00:11:859 2288 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 19:00:11:875 2288 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 19:00:11:921 2288 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 19:00:11:937 2288 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 19:00:11:968 2288 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 19:00:11:984 2288 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 19:00:12:000 2288 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 19:00:12:015 2288 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 19:00:12:031 2288 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 19:00:12:062 2288 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 19:00:12:078 2288 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 19:00:12:093 2288 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 19:00:12:125 2288 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 19:00:12:156 2288 WPN111 (75a833b635e093c728f5027b01f8cbb7) C:\WINDOWS\system32\DRIVERS\WPN111.sys 19:00:12:187 2288 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 19:00:12:218 2288 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 19:00:12:234 2288 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 19:00:12:250 2288 19:00:12:250 2288 Completed 19:00:12:250 2288 19:00:12:250 2288 Results: 19:00:12:250 2288 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 19:00:12:250 2288 File objects infected / cured / cured on reboot: 0 / 0 / 0 19:00:12:250 2288 19:00:12:250 2288 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system 19:00:12:250 2288 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software 19:00:12:250 2288 KLMD(ARK) unloaded successfully 15:52:09:984 3472 TDSS rootkit removing tool 2.3.0.0 May 12 2010 18:11:17 15:52:09:984 3472 ================================================================================ 15:52:09:984 3472 SystemInfo: 15:52:09:984 3472 OS Version: 5.1.2600 ServicePack: 3.0 15:52:09:984 3472 Product type: Workstation 15:52:09:984 3472 ComputerName: CAPENTIE-39EFA5 15:52:09:984 3472 UserName: carpentier 15:52:09:984 3472 Windows directory: C:\WINDOWS 15:52:09:984 3472 Processor architecture: Intel x86 15:52:09:984 3472 Number of processors: 2 15:52:09:984 3472 Page size: 0x1000 15:52:10:000 3472 Boot type: Normal boot 15:52:10:000 3472 ================================================================================ 15:52:10:015 3472 UnloadDriverW: NtUnloadDriver error 2 15:52:10:015 3472 ForceUnloadDriverW: UnloadDriverW(klmd23) error 2 15:52:10:343 3472 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system 15:52:10:343 3472 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 15:52:10:343 3472 wfopen_ex: Trying to KLMD file open 15:52:10:343 3472 wfopen_ex: File opened ok (Flags 2) 15:52:10:343 3472 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software 15:52:10:343 3472 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 15:52:10:343 3472 wfopen_ex: Trying to KLMD file open 15:52:10:343 3472 wfopen_ex: File opened ok (Flags 2) 15:52:10:343 3472 KLAVA engine initialized 15:52:11:187 3472 Initialize success 15:52:11:265 3472 15:52:11:265 3472 Scanning Services ... 15:52:12:593 3472 Raw services enum returned 318 services 15:52:12:703 3472 15:52:12:703 3472 Scanning Drivers ... 15:52:13:031 3472 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 15:52:13:187 3472 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys 15:52:13:343 3472 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 15:52:13:484 3472 AegisP (2c5c22990156a1063e19ad162191dc1d) C:\WINDOWS\system32\DRIVERS\AegisP.sys 15:52:13:546 3472 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 15:52:13:812 3472 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:52:13:890 3472 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 15:52:13:953 3472 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:52:14:046 3472 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 15:52:14:296 3472 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 15:52:14:453 3472 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 15:52:14:578 3472 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\WINDOWS\system32\DRIVERS\avipbb.sys 15:52:14:640 3472 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 15:52:14:750 3472 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS 15:52:14:890 3472 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 15:52:14:968 3472 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 15:52:15:046 3472 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 15:52:15:140 3472 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 15:52:15:265 3472 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys 15:52:15:375 3472 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 15:52:15:562 3472 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 15:52:15:671 3472 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 15:52:15:781 3472 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 15:52:15:890 3472 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 15:52:15:984 3472 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS 15:52:16:125 3472 driverhardwarev2 (984627ee71a73a38c3d8719facf302a8) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys 15:52:16:187 3472 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 15:52:16:250 3472 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 15:52:16:328 3472 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 15:52:16:406 3472 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 15:52:16:500 3472 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 15:52:16:546 3472 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 15:52:16:625 3472 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:52:16:687 3472 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:52:16:781 3472 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 15:52:16:859 3472 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 15:52:17:015 3472 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 15:52:17:265 3472 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 15:52:17:515 3472 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:52:17:656 3472 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 15:52:18:078 3472 IntcAzAudAddService (a5d5b8c427f4b67580fb2b511291a89d) C:\WINDOWS\system32\drivers\RtkHDAud.sys 15:52:18:875 3472 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 15:52:19:031 3472 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 15:52:19:250 3472 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:52:19:593 3472 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 15:52:19:703 3472 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 15:52:20:031 3472 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 15:52:20:281 3472 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys 15:52:20:703 3472 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 15:52:21:062 3472 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys 15:52:21:453 3472 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 15:52:21:890 3472 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:52:22:312 3472 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 15:52:23:375 3472 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 15:52:23:796 3472 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 15:52:24:171 3472 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) C:\WINDOWS\system32\drivers\mbamswissarmy.sys 15:52:24:312 3472 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 15:52:24:531 3472 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 15:52:24:625 3472 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 15:52:24:718 3472 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 15:52:24:812 3472 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 15:52:24:906 3472 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:52:25:109 3472 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:52:25:390 3472 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 15:52:25:484 3472 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:52:25:578 3472 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:52:25:656 3472 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 15:52:25:718 3472 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:52:25:796 3472 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 15:52:26:015 3472 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 15:52:26:156 3472 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:52:26:265 3472 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:52:26:531 3472 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:52:26:671 3472 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 15:52:26:781 3472 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 15:52:26:875 3472 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 15:52:27:031 3472 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 15:52:27:125 3472 Nsynas32 (4b4a21e158c039ee0888741bfe1d24e0) C:\WINDOWS\system32\drivers\Nsynas32.sys 15:52:27:218 3472 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 15:52:27:531 3472 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 15:52:28:312 3472 nv (ce34061a298bfb4ebd1a0bb8592dc977) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 15:52:29:796 3472 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:52:30:000 3472 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:52:30:140 3472 OADevice (da5e5a2026eeef52d94fcb760e171752) C:\WINDOWS\system32\drivers\OADriver.sys 15:52:30:453 3472 OAmon (3524dd1f24bd0114eaa98048d76075c1) C:\WINDOWS\system32\drivers\OAmon.sys 15:52:30:656 3472 OAnet (e57d9d511e837ef56f93ec29f1ff730d) C:\WINDOWS\system32\drivers\OAnet.sys 15:52:30:812 3472 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys 15:52:30:906 3472 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 15:52:31:093 3472 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 15:52:31:218 3472 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 15:52:31:390 3472 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 15:52:31:546 3472 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 15:52:31:875 3472 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\system32\PfModNT.sys 15:52:31:968 3472 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:52:32:062 3472 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 15:52:32:312 3472 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:52:32:453 3472 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys 15:52:32:593 3472 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:52:32:765 3472 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:52:32:875 3472 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 15:52:32:968 3472 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:52:33:109 3472 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:52:33:234 3472 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 15:52:33:500 3472 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 15:52:33:609 3472 RTLE8023xp (25be98c05808c57e4d8d26477dc12d39) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 15:52:33:765 3472 sbext (b4495cad15771b15f09e2e304b24fe58) C:\WINDOWS\system32\DRIVERS\sbext.sys 15:52:33:984 3472 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 15:52:34:093 3472 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 15:52:34:203 3472 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys 15:52:34:312 3472 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 15:52:34:562 3472 SG762_XP (478b4415dfb3a45b6fe61ec781e07d7b) C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys 15:52:34:796 3472 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 15:52:34:921 3472 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 15:52:35:078 3472 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys 15:52:35:328 3472 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 15:52:35:453 3472 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 15:52:35:578 3472 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 15:52:35:781 3472 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 15:52:35:937 3472 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:52:36:093 3472 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 15:52:36:156 3472 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 15:52:36:250 3472 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 15:52:36:406 3472 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 15:52:36:609 3472 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 15:52:36:750 3472 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 15:52:36:859 3472 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 15:52:36:953 3472 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 15:52:37:031 3472 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 15:52:37:171 3472 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:52:37:296 3472 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 15:52:37:468 3472 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 15:52:37:640 3472 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 15:52:37:734 3472 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:52:37:890 3472 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 15:52:38:062 3472 WPN111 (75a833b635e093c728f5027b01f8cbb7) C:\WINDOWS\system32\DRIVERS\WPN111.sys 15:52:38:265 3472 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 15:52:38:375 3472 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 15:52:38:468 3472 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 15:52:38:671 3472 15:52:38:671 3472 Completed 15:52:38:671 3472 15:52:38:671 3472 Results: 15:52:38:687 3472 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 15:52:38:687 3472 File objects infected / cured / cured on reboot: 0 / 0 / 0 15:52:38:687 3472 15:52:38:687 3472 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system 15:52:38:687 3472 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software 15:52:38:718 3472 KLMD(ARK) unloaded successfully -
[Résolu] Virus qui me demande de télécharger une nouvelle protection
BountyKiller a répondu à un(e) sujet de BountyKiller dans Analyses et éradication malwares
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:21:10, on 23/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Tall Emu\Online Armor\OAcat.exe C:\Program Files\Tall Emu\Online Armor\oasrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Tall Emu\Online Armor\oaui.exe C:\Program Files\NETGEAR\WPN111\wpn111.exe C:\Program Files\Tall Emu\Online Armor\OAhlp.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dailymotion.com/fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [AudCtrl] RunDll32 AudCtrl.dll,RCMonitor O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe (User 'Default user') O4 - Startup: Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ? O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/mygarmin/m/GarminAxControl.CAB O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_3_4.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\OAcat.exe O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- End of file - 9267 bytes