Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés

Posté(e)

Lien CJoint.com ALqmwrx0ZPF

 

pour info lors du redémarrage, une fenetre µtorrent s'est ouverte me demandant de choisir ma langue, jai mis [cancel] puis une autre fenêtre toujours µtorrent me proposant de commencer l'install, jai également mis [canceled]. mbam s'est réactivé mais pas kaspersky ni mon pare-feu windoz. dis moi si je peux les réactiver.

Posté(e)

combofix s'est executé, m'a ouvert log.txt.

je n'arrivais pas à ouvrir combofix.txt une fenêtre m'indiquait "tentative d'opération non autorisée sur une clé du registre marquée pour suppression" je ne pouvais pas non plus ouvrir chrome ni firefox : même fenêtre. j'ai dû redémarrer.

 

là, j'ai pu ouvrir combofix.txt :

 

 

ComboFix 11-12-16.01 - mlk 16/12/2011 12:45:36.1.4 - x64

Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4023.1849 [GMT 1:00]

Lancé depuis: c:\users\mlk\Desktop\ComboFix.exe

AV: Kaspersky Anti-Virus *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: Kaspersky Anti-Virus *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Un nouveau point de restauration a été créé

.

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Tarma Installer

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat

c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\Setup.dat

.

.

((((((((((((((((((((((((((((( Fichiers créés du 2011-11-16 au 2011-12-16 ))))))))))))))))))))))))))))))))))))

.

.

2011-12-16 11:58 . 2011-12-16 11:58 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-16 11:58 . 2011-12-16 11:58 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2011-12-16 11:39 . 2011-12-16 11:39 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{185216BA-1A4C-45D8-9241-FF44AFC48255}\offreg.dll

2011-12-16 11:39 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{185216BA-1A4C-45D8-9241-FF44AFC48255}\mpengine.dll

2011-12-16 11:13 . 2011-12-16 11:13 -------- d-----w- c:\users\mlk\AppData\Local\uTorrent

2011-12-16 11:13 . 2011-12-16 11:13 -------- d-----w- c:\users\mlk\AppData\Roaming\uTorrent

2011-12-16 07:50 . 2011-12-16 07:50 512 ----a-w- C:\PhysicalDisk0_MBR.bin

2011-12-16 07:45 . 2011-12-16 10:53 -------- d-----w- C:\ZHP

2011-12-16 07:26 . 2011-12-16 10:41 -------- d-----w- c:\program files (x86)\ZHPDiag

2011-12-15 18:02 . 2011-09-09 17:23 2469760 ----a-w- c:\windows\SysWow64\BootMan.exe

2011-12-15 18:02 . 2011-09-07 16:06 3321728 ----a-w- c:\windows\system32\BootMan.exe

2011-12-15 18:02 . 2011-07-29 12:54 9096 ----a-w- c:\windows\system32\EuGdiDrv.sys

2011-12-15 18:02 . 2011-07-29 12:54 86408 ----a-w- c:\windows\SysWow64\setupempdrv03.exe

2011-12-15 18:02 . 2011-07-29 12:54 8456 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys

2011-12-15 18:02 . 2011-07-29 12:54 16776 ----a-w- c:\windows\system32\epmntdrv.sys

2011-12-15 18:02 . 2011-07-29 12:54 14216 ----a-w- c:\windows\SysWow64\epmntdrv.sys

2011-12-15 18:02 . 2011-07-29 12:54 100232 ----a-w- c:\windows\system32\setupempdrvx64.exe

2011-12-15 18:02 . 2011-07-29 12:54 19840 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll

2011-12-15 18:02 . 2011-07-29 12:54 16256 ----a-w- c:\windows\system32\EuEpmGdi.dll

2011-12-15 18:02 . 2011-12-15 18:02 -------- d-----w- c:\program files (x86)\EASEUS

2011-12-15 09:06 . 2011-12-15 09:06 -------- d-----w- c:\programdata\LightScribe

2011-12-15 09:03 . 2011-12-15 09:03 -------- d-----w- c:\users\mlk\AppData\Roaming\Nero

2011-12-15 08:41 . 2011-12-15 08:47 -------- d-----w- c:\program files (x86)\Common Files\Nero

2011-12-15 08:40 . 2011-12-15 08:52 -------- d-----w- c:\programdata\Nero

2011-12-15 08:29 . 2011-07-13 12:59 15920 ----a-w- c:\windows\system32\drivers\NBVolUp.sys

2011-12-15 08:29 . 2011-07-13 12:59 72240 ----a-w- c:\windows\system32\drivers\NBVol.sys

2011-12-15 08:29 . 2011-12-15 08:52 -------- d-----w- c:\program files (x86)\Nero

2011-12-15 08:28 . 2011-12-15 08:28 -------- d-----w- C:\55405612007316a03c6450bbea1e

2011-12-15 08:26 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll

2011-12-15 08:26 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll

2011-12-15 08:26 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll

2011-12-15 08:26 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll

2011-12-15 08:26 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll

2011-12-15 08:26 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll

2011-12-15 08:26 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll

2011-12-14 09:27 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 09:27 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys

2011-12-14 09:27 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 09:27 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll

2011-12-14 09:27 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-14 09:27 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2011-12-12 20:46 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2011-12-12 20:46 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll

2011-12-12 20:46 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2011-12-12 20:34 . 2011-12-12 20:34 -------- d-----w- c:\program files\iPod

2011-12-12 20:34 . 2011-12-12 20:45 -------- d-----w- c:\program files\iTunes

2011-12-12 20:34 . 2011-12-12 20:45 -------- d-----w- c:\program files (x86)\iTunes

2011-12-12 20:33 . 2011-12-12 20:33 -------- d-----w- c:\program files (x86)\Apple Software Update

2011-12-12 20:32 . 2011-12-12 20:32 -------- d-----w- c:\program files\Common Files\Apple

2011-12-12 20:32 . 2011-12-12 20:32 -------- d-----w- c:\program files\Bonjour

2011-12-12 20:32 . 2011-12-12 20:32 -------- d-----w- c:\program files (x86)\Bonjour

2011-12-08 22:19 . 2011-12-08 22:19 -------- d-----w- c:\users\mlk\AppData\Roaming\Malwarebytes

2011-12-08 22:17 . 2011-12-08 22:17 -------- d-----w- c:\programdata\Malwarebytes

2011-12-08 22:17 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-08 22:17 . 2011-12-08 22:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-12-08 16:25 . 2011-12-08 16:25 -------- d-----w- c:\program files (x86)\LinuxLive USB Creator

2011-12-07 13:20 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll

2011-12-07 13:19 . 2011-12-07 13:19 -------- d-----w- c:\program files (x86)\Winamp Detect

2011-12-07 13:19 . 2011-12-07 13:19 -------- d-----w- c:\users\mlk\AppData\Roaming\Todae

2011-12-07 13:19 . 2011-12-07 13:19 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine

2011-12-07 13:19 . 2011-12-15 12:01 -------- d-----w- c:\users\mlk\AppData\Roaming\Winamp

2011-12-07 13:19 . 2011-12-07 13:22 -------- d-----w- c:\program files (x86)\Winamp

2011-12-02 19:54 . 2011-12-02 19:16 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-12-02 19:17 . 2011-12-02 19:17 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-12-02 19:04 . 2011-11-03 11:06 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys

2011-12-02 17:53 . 2011-12-16 07:16 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2011-12-02 17:53 . 2011-12-02 18:06 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2011-12-02 15:59 . 2011-12-02 15:59 -------- d-----w- c:\programdata\Lavasoft

2011-12-02 15:59 . 2011-12-02 15:59 -------- d-----w- c:\program files (x86)\Lavasoft

2011-12-02 15:52 . 2011-12-02 15:52 279616 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-12-02 15:48 . 2011-12-02 15:52 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2011-12-02 06:42 . 2011-12-02 06:42 -------- d-----w- c:\program files (x86)\Cisco

2011-12-02 06:40 . 2011-12-02 06:39 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll

2011-12-02 06:40 . 2011-12-02 06:39 3561272 ----a-w- c:\windows\system32\bcmihvui64.dll

2011-12-02 06:40 . 2011-12-02 06:39 4171328 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS

2011-12-02 06:40 . 2011-12-02 06:39 3896632 ----a-w- c:\windows\system32\bcmihvsrv64.dll

2011-12-02 06:39 . 2011-12-02 06:39 -------- d-----w- c:\users\mlk\AppData\Roaming\InstallShield

2011-12-02 06:22 . 2011-12-02 06:23 -------- d-----w- c:\program files (x86)\ma-config.com

2011-12-02 06:22 . 2011-12-02 06:22 -------- d-----w- c:\programdata\ma-config.com

2011-12-01 21:13 . 2011-12-16 12:00 -------- d-----w- c:\programdata\Kaspersky Lab

2011-12-01 21:13 . 2011-12-01 21:13 -------- d-----w- c:\program files (x86)\Kaspersky Lab

2011-12-01 18:09 . 2011-12-01 18:10 -------- d-----w- c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition

2011-11-27 12:42 . 2011-12-15 08:28 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-27 12:41 . 2011-11-27 12:41 -------- d-----w- c:\windows\system32\Macromed

2011-11-27 11:58 . 2011-11-27 11:58 -------- d-----w- c:\users\mlk\AppData\Local\Mozilla

2011-11-25 17:16 . 2011-11-25 17:16 -------- d-----w- c:\users\mlk\AppData\Roaming\NVIDIA

2011-11-25 17:15 . 2011-12-02 18:23 -------- d-----w- c:\users\UpdatusUser

2011-11-25 17:15 . 2011-11-25 17:16 -------- d-----w- c:\program files (x86)\NVIDIA Corporation

2011-11-25 17:15 . 2011-10-15 08:53 837952 ----a-w- c:\windows\system32\easyupdatusapiu64.dll

2011-11-25 17:15 . 2011-11-25 17:15 -------- d-----w- c:\programdata\NVIDIA Corporation

2011-11-25 17:11 . 2011-11-25 17:15 -------- d-----w- c:\program files\NVIDIA Corporation

2011-11-25 17:09 . 2011-11-25 17:09 -------- d-----w- C:\NVIDIA

2011-11-18 13:48 . 2011-11-24 15:41 -------- d-----w- c:\program files (x86)\Power Meter Plus

2011-11-17 22:26 . 2011-11-17 22:26 -------- d-----w- c:\users\mlk\AppData\Local\Microsoft Games

.

.

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-02 06:39 . 2010-02-16 00:24 6656 ----a-w- c:\windows\system32\bcmwlrc.dll

2011-10-21 08:13 . 2011-09-30 21:16 848 --sha-w- c:\programdata\KGyGaAvL.sys

2011-10-20 11:48 . 2011-09-27 12:46 641400 ----a-w- c:\users\mlk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uTorrent.exe

2011-10-15 08:53 . 2009-11-29 17:20 8791360 ----a-w- c:\windows\system32\nvwgf2umx.dll

2011-10-15 08:53 . 2009-11-29 17:20 2808128 ----a-w- c:\windows\system32\nvapi64.dll

2011-10-15 08:53 . 2009-11-29 17:20 2458432 ----a-w- c:\windows\SysWow64\nvapi.dll

2011-10-15 08:53 . 2009-11-29 17:20 15693120 ----a-w- c:\windows\system32\nvd3dumx.dll

2011-10-15 08:53 . 2009-11-29 17:20 13205312 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2011-10-15 08:53 . 2009-11-28 20:56 1640768 ----a-w- c:\windows\system32\nvvsvc.exe

2011-10-15 08:53 . 2009-11-28 20:55 539456 ----a-w- c:\windows\system32\nvhotkey.dll

2011-10-15 08:53 . 2009-11-28 20:55 5067584 ----a-w- c:\windows\system32\nvsvc64.dll

2011-10-15 08:53 . 2009-11-28 20:55 3074368 ----a-w- c:\windows\system32\nvsvcr.dll

2011-10-15 08:53 . 2009-11-28 20:55 222528 ----a-w- c:\windows\system32\nvmctray.dll

2011-10-15 08:53 . 2009-11-28 20:55 137536 ----a-w- c:\windows\system32\nvshext.dll

2011-10-15 08:53 . 2009-11-28 20:55 10406208 ----a-w- c:\windows\system32\nvcpl.dll

2011-10-07 08:22 . 2011-10-07 08:22 406528 ----a-w- c:\windows\SysWow64\ReWire.dll

2011-10-07 08:22 . 2011-10-07 08:22 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll

2011-10-03 04:06 . 2011-09-26 13:59 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-09-29 16:29 . 2011-11-09 09:37 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-09-27 12:58 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2011-09-27 12:58 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2011-09-26 13:46 . 2010-01-08 23:31 588472 ----a-w- c:\windows\SysWow64\ezsvc7x.dll

2011-09-26 13:27 . 2011-09-26 13:27 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2011-09-26 13:27 . 2011-09-26 13:27 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2011-09-26 13:27 . 2011-09-26 13:27 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2011-09-26 13:27 . 2011-09-26 13:27 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2011-09-26 13:27 . 2011-09-26 13:27 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2011-09-26 13:27 . 2011-09-26 13:27 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2011-09-26 13:27 . 2011-09-26 13:27 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2011-09-26 13:27 . 2011-09-26 13:27 367104 ----a-w- c:\windows\SysWow64\html.iec

2011-09-26 13:27 . 2011-09-26 13:27 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2011-09-26 13:27 . 2011-09-26 13:27 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2011-09-26 13:27 . 2011-09-26 13:27 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2011-09-26 13:27 . 2011-09-26 13:27 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2011-09-26 13:27 . 2011-09-26 13:27 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2011-09-26 13:27 . 2011-09-26 13:27 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2011-09-26 13:27 . 2011-09-26 13:27 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2011-09-26 13:27 . 2011-09-26 13:27 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2011-09-26 13:27 . 2011-09-26 13:27 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2011-09-26 13:27 . 2011-09-26 13:27 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2011-09-26 13:27 . 2011-09-26 13:27 222208 ----a-w- c:\windows\system32\msls31.dll

2011-09-26 13:27 . 2011-09-26 13:27 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2011-09-26 13:27 . 2011-09-26 13:27 85504 ----a-w- c:\windows\system32\iesetup.dll

2011-09-26 13:27 . 2011-09-26 13:27 76800 ----a-w- c:\windows\system32\tdc.ocx

2011-09-26 13:27 . 2011-09-26 13:27 49664 ----a-w- c:\windows\system32\imgutil.dll

2011-09-26 13:27 . 2011-09-26 13:27 48640 ----a-w- c:\windows\system32\mshtmler.dll

2011-09-26 13:27 . 2011-09-26 13:27 448512 ----a-w- c:\windows\system32\html.iec

2011-09-26 13:27 . 2011-09-26 13:27 30720 ----a-w- c:\windows\system32\licmgr10.dll

2011-09-26 13:27 . 2011-09-26 13:27 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2011-09-26 13:27 . 2011-09-26 13:27 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2011-09-26 13:27 . 2011-09-26 13:27 12288 ----a-w- c:\windows\system32\mshta.exe

2011-09-26 13:27 . 2011-09-26 13:27 114176 ----a-w- c:\windows\system32\admparse.dll

2011-09-26 13:27 . 2011-09-26 13:27 111616 ----a-w- c:\windows\system32\iesysprep.dll

2011-09-26 13:27 . 2011-09-26 13:27 603648 ----a-w- c:\windows\system32\vbscript.dll

2011-09-26 13:27 . 2011-09-26 13:27 165888 ----a-w- c:\windows\system32\iexpress.exe

2011-09-26 13:27 . 2011-09-26 13:27 160256 ----a-w- c:\windows\system32\wextract.exe

.

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2009-06-02 24264488]

"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Corel File Shell Monitor"="c:\program files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2009-08-25 15544]

"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe" [2011-04-24 202296]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288]

.

c:\users\mlk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

uTorrent.exe [2011-10-20 641400]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2011-7-6 6904208]

Snagit 10.lnk - c:\program files (x86)\TechSmith\Snagit 10\Snagit32.exe [2010-9-1 7056712]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"HideFastUserSwitching"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]

R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]

R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]

R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]

R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]

R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-11-25 311928]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2011-12-01 19952]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]

S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]

S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]

S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]

S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-07-06 2304912]

S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-11-03 2152152]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]

S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-12-02 17152]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

.

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\AutorunsDisabled\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contenu du dossier 'Tâches planifiées'

.

2011-12-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-11-03 11:06]

.

2011-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-807948818-632619353-2037628586-1001Core.job

- c:\users\mlk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-26 13:22]

.

2011-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-807948818-632619353-2037628586-1001UA.job

- c:\users\mlk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-26 13:22]

.

2011-12-12 c:\windows\Tasks\HPCeeScheduleFormlk.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Examen supplémentaire -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 212.27.40.241 212.27.40.240

FF - ProfilePath - c:\users\mlk\AppData\Roaming\Mozilla\Firefox\Profiles\yc0fy0un.default\

FF - prefs.js: browser.startup.homepage - hxxp://sn125w.snt125.mail.live.com/default.aspx

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHELINS SUPPRIMES - - - -

.

Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe

.

.

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Out è*€8*]

@Class="Shell"

@Allowed: (Read) (RestrictedCode)

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Out è*€8*\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ªYtøå*‹file:///C:/Users/mlk/Music/Leftfield%20-%20Leftism%20-%20CD1]

@Class="Shell"

@Allowed: (Read) (RestrictedCode)

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ªYtøå*‹file:///C:/Users/mlk/Music/Leftfield%20-%20Leftism%20-%20CD1\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*Out è*€8*]

"0"=hex:43,3a,5c,55,73,65,72,73,5c,6d,6c,6b,5c,4d,75,73,69,63,5c,4d,20,2d,20,

6c,65,20,74,6f,75,72,20,64,65,20,2d,4d,2d,20,43,44,32,00,65,00,73,00,2e,00,\

"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*ªYtøå*‹file:///C:/Users/mlk/Music/Leftfield%20-%20Leftism%20-%20CD1]

"0"=hex:43,3a,5c,55,73,65,72,73,5c,6d,6c,6b,5c,4d,75,73,69,63,5c,6c,69,76,69,

6e,67,20,63,6f,6c,6f,72,20,2d,20,76,69,76,69,64,00,4c,00,65,00,73,00,2e,00,\

"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Autres processus actifs ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

c:\program files (x86)\CyberLink\Shared files\RichVideo.exe

c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

.

**************************************************************************

.

Heure de fin: 2011-12-16 13:07:30 - La machine a redémarré

ComboFix-quarantined-files.txt 2011-12-16 12:07

.

Avant-CF: 134 922 768 384 octets libres

Après-CF: 135 370 698 752 octets libres

.

- - End Of File - - 3CC97EB5E529101A80CD36EC04008094

Posté(e)

le rapport TDSSKiller:

 

 

13:31:06.0502 5860 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31

13:31:06.0673 5860 ============================================================

13:31:06.0673 5860 Current date / time: 2011/12/16 13:31:06.0673

13:31:06.0673 5860 SystemInfo:

13:31:06.0673 5860

13:31:06.0673 5860 OS Version: 6.1.7601 ServicePack: 1.0

13:31:06.0673 5860 Product type: Workstation

13:31:06.0673 5860 ComputerName: MLK-PC

13:31:06.0673 5860 UserName: mlk

13:31:06.0673 5860 Windows directory: C:\Windows

13:31:06.0673 5860 System windows directory: C:\Windows

13:31:06.0673 5860 Running under WOW64

13:31:06.0673 5860 Processor architecture: Intel x64

13:31:06.0673 5860 Number of processors: 4

13:31:06.0673 5860 Page size: 0x1000

13:31:06.0674 5860 Boot type: Normal boot

13:31:06.0674 5860 ============================================================

13:31:07.0337 5860 Initialize success

13:31:10.0358 5512 ============================================================

13:31:10.0358 5512 Scan started

13:31:10.0358 5512 Mode: Manual;

13:31:10.0358 5512 ============================================================

13:31:11.0367 5512 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:31:11.0371 5512 1394ohci - ok

13:31:11.0495 5512 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys

13:31:11.0497 5512 Accelerometer - ok

13:31:11.0604 5512 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:31:11.0609 5512 ACPI - ok

13:31:11.0721 5512 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:31:11.0723 5512 AcpiPmi - ok

13:31:11.0860 5512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

13:31:11.0868 5512 adp94xx - ok

13:31:11.0989 5512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

13:31:11.0995 5512 adpahci - ok

13:31:12.0129 5512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

13:31:12.0133 5512 adpu320 - ok

13:31:12.0318 5512 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

13:31:12.0325 5512 AFD - ok

13:31:12.0458 5512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:31:12.0460 5512 agp440 - ok

13:31:12.0588 5512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:31:12.0591 5512 aliide - ok

13:31:12.0691 5512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:31:12.0693 5512 amdide - ok

13:31:12.0914 5512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

13:31:12.0918 5512 AmdK8 - ok

13:31:13.0061 5512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

13:31:13.0063 5512 AmdPPM - ok

13:31:13.0204 5512 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

13:31:13.0207 5512 amdsata - ok

13:31:13.0361 5512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

13:31:13.0364 5512 amdsbs - ok

13:31:13.0499 5512 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

13:31:13.0501 5512 amdxata - ok

13:31:13.0653 5512 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:31:13.0656 5512 AppID - ok

13:31:13.0835 5512 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

13:31:13.0839 5512 arc - ok

13:31:14.0024 5512 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

13:31:14.0026 5512 arcsas - ok

13:31:14.0128 5512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:31:14.0130 5512 AsyncMac - ok

13:31:14.0172 5512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:31:14.0173 5512 atapi - ok

13:31:14.0324 5512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

13:31:14.0332 5512 b06bdrv - ok

13:31:14.0464 5512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:31:14.0469 5512 b57nd60a - ok

13:31:14.0717 5512 BCM43XX (2d659b569a76cdb83b815675a80d7096) C:\Windows\system32\DRIVERS\bcmwl664.sys

13:31:14.0807 5512 BCM43XX - ok

13:31:14.0942 5512 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:31:14.0943 5512 Beep - ok

13:31:15.0101 5512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

13:31:15.0103 5512 blbdrive - ok

13:31:15.0158 5512 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:31:15.0160 5512 bowser - ok

13:31:15.0196 5512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

13:31:15.0198 5512 BrFiltLo - ok

13:31:15.0221 5512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

13:31:15.0222 5512 BrFiltUp - ok

13:31:15.0275 5512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:31:15.0280 5512 Brserid - ok

13:31:15.0310 5512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:31:15.0312 5512 BrSerWdm - ok

13:31:15.0349 5512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:31:15.0351 5512 BrUsbMdm - ok

13:31:15.0413 5512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:31:15.0414 5512 BrUsbSer - ok

13:31:15.0447 5512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

13:31:15.0450 5512 BTHMODEM - ok

13:31:15.0528 5512 catchme - ok

13:31:15.0658 5512 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:31:15.0661 5512 cdfs - ok

13:31:15.0739 5512 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

13:31:15.0742 5512 cdrom - ok

13:31:15.0824 5512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

13:31:15.0826 5512 circlass - ok

13:31:15.0871 5512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:31:15.0877 5512 CLFS - ok

13:31:16.0058 5512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

13:31:16.0059 5512 CmBatt - ok

13:31:16.0100 5512 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:31:16.0102 5512 cmdide - ok

13:31:16.0151 5512 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys

13:31:16.0158 5512 CNG - ok

13:31:16.0312 5512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

13:31:16.0314 5512 Compbatt - ok

13:31:16.0383 5512 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

13:31:16.0384 5512 CompositeBus - ok

13:31:16.0429 5512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

13:31:16.0431 5512 crcdisk - ok

13:31:16.0515 5512 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:31:16.0517 5512 DfsC - ok

13:31:16.0552 5512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:31:16.0553 5512 discache - ok

13:31:16.0636 5512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

13:31:16.0638 5512 Disk - ok

13:31:16.0858 5512 driverhardwarev2x64 (b28c853770c995552b9f5760d8245f44) C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys

13:31:16.0860 5512 driverhardwarev2x64 - ok

13:31:16.0900 5512 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:31:16.0902 5512 drmkaud - ok

13:31:16.0944 5512 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

13:31:16.0949 5512 dtsoftbus01 - ok

13:31:17.0004 5512 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:31:17.0018 5512 DXGKrnl - ok

13:31:17.0123 5512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

13:31:17.0178 5512 ebdrv - ok

13:31:17.0370 5512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

13:31:17.0378 5512 elxstor - ok

13:31:17.0433 5512 enecir (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys

13:31:17.0435 5512 enecir - ok

13:31:17.0484 5512 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys

13:31:17.0486 5512 epmntdrv - ok

13:31:17.0519 5512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:31:17.0521 5512 ErrDev - ok

13:31:17.0581 5512 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys

13:31:17.0583 5512 EuGdiDrv - ok

13:31:17.0653 5512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:31:17.0656 5512 exfat - ok

13:31:17.0700 5512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:31:17.0704 5512 fastfat - ok

13:31:17.0782 5512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

13:31:17.0784 5512 fdc - ok

13:31:17.0809 5512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:31:17.0811 5512 FileInfo - ok

13:31:17.0826 5512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:31:17.0828 5512 Filetrace - ok

13:31:17.0853 5512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

13:31:17.0855 5512 flpydisk - ok

13:31:17.0900 5512 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:31:17.0904 5512 FltMgr - ok

13:31:17.0933 5512 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:31:17.0935 5512 FsDepends - ok

13:31:17.0974 5512 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

13:31:17.0976 5512 Fs_Rec - ok

13:31:18.0036 5512 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:31:18.0040 5512 fvevol - ok

13:31:18.0077 5512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

13:31:18.0080 5512 gagp30kx - ok

13:31:18.0191 5512 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

13:31:18.0193 5512 GEARAspiWDM - ok

13:31:18.0224 5512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:31:18.0226 5512 hcw85cir - ok

13:31:18.0290 5512 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

13:31:18.0296 5512 HdAudAddService - ok

13:31:18.0346 5512 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

13:31:18.0348 5512 HDAudBus - ok

13:31:18.0379 5512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

13:31:18.0381 5512 HidBatt - ok

13:31:18.0406 5512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

13:31:18.0408 5512 HidBth - ok

13:31:18.0471 5512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

13:31:18.0473 5512 HidIr - ok

13:31:18.0514 5512 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

13:31:18.0515 5512 HidUsb - ok

13:31:18.0590 5512 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys

13:31:18.0591 5512 hpdskflt - ok

13:31:18.0664 5512 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

13:31:18.0665 5512 HpqKbFiltr - ok

13:31:18.0719 5512 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:31:18.0721 5512 HpSAMD - ok

13:31:18.0778 5512 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:31:18.0789 5512 HTTP - ok

13:31:18.0853 5512 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:31:18.0855 5512 hwpolicy - ok

13:31:18.0900 5512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

13:31:18.0902 5512 i8042prt - ok

13:31:18.0940 5512 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys

13:31:18.0944 5512 iaStor - ok

13:31:18.0976 5512 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:31:18.0983 5512 iaStorV - ok

13:31:19.0181 5512 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys

13:31:19.0330 5512 igfx - ok

13:31:19.0448 5512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

13:31:19.0450 5512 iirsp - ok

13:31:19.0528 5512 Impcd (4ff8a2082d78255d2eb169f986bcc981) C:\Windows\system32\DRIVERS\Impcd.sys

13:31:19.0530 5512 Impcd - ok

13:31:19.0573 5512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:31:19.0575 5512 intelide - ok

13:31:19.0591 5512 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

13:31:19.0592 5512 intelppm - ok

13:31:19.0652 5512 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:31:19.0654 5512 IpFilterDriver - ok

13:31:19.0691 5512 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:31:19.0694 5512 IPMIDRV - ok

13:31:19.0716 5512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:31:19.0719 5512 IPNAT - ok

13:31:19.0772 5512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:31:19.0773 5512 IRENUM - ok

13:31:19.0804 5512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:31:19.0805 5512 isapnp - ok

13:31:19.0835 5512 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:31:19.0840 5512 iScsiPrt - ok

13:31:19.0908 5512 JMCR (f8844b00c10e386c704c610e95a9847d) C:\Windows\system32\DRIVERS\jmcr.sys

13:31:19.0910 5512 JMCR - ok

13:31:19.0937 5512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

13:31:19.0939 5512 kbdclass - ok

13:31:19.0954 5512 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

13:31:19.0955 5512 kbdhid - ok

13:31:20.0030 5512 KL1 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\kl1.sys

13:31:20.0037 5512 KL1 - ok

13:31:20.0059 5512 kl2 (d865dd8b0448e3f963d68c04c532858f) C:\Windows\system32\DRIVERS\kl2.sys

13:31:20.0060 5512 kl2 - ok

13:31:20.0123 5512 KLIF (c7d4f357c482dd37e2b05f34093b7b0c) C:\Windows\system32\DRIVERS\klif.sys

13:31:20.0132 5512 KLIF - ok

13:31:20.0161 5512 KLIM6 (89fb5a33d7171b6d84f5eb721d5055e1) C:\Windows\system32\DRIVERS\klim6.sys

13:31:20.0162 5512 KLIM6 - ok

13:31:20.0196 5512 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys

13:31:20.0197 5512 klmouflt - ok

13:31:20.0232 5512 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys

13:31:20.0234 5512 KSecDD - ok

13:31:20.0284 5512 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys

13:31:20.0287 5512 KSecPkg - ok

13:31:20.0351 5512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:31:20.0352 5512 ksthunk - ok

13:31:20.0517 5512 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys

13:31:20.0518 5512 Lavasoft Kernexplorer - ok

13:31:20.0562 5512 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys

13:31:20.0564 5512 Lbd - ok

13:31:20.0623 5512 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:31:20.0625 5512 lltdio - ok

13:31:20.0688 5512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

13:31:20.0691 5512 LSI_FC - ok

13:31:20.0701 5512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

13:31:20.0703 5512 LSI_SAS - ok

13:31:20.0722 5512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

13:31:20.0725 5512 LSI_SAS2 - ok

13:31:20.0735 5512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

13:31:20.0738 5512 LSI_SCSI - ok

13:31:20.0767 5512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:31:20.0769 5512 luafv - ok

13:31:20.0856 5512 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

13:31:20.0858 5512 MBAMProtector - ok

13:31:20.0907 5512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

13:31:20.0910 5512 megasas - ok

13:31:20.0950 5512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

13:31:20.0955 5512 MegaSR - ok

13:31:20.0973 5512 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:31:20.0976 5512 Modem - ok

13:31:21.0004 5512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:31:21.0005 5512 monitor - ok

13:31:21.0035 5512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

13:31:21.0036 5512 mouclass - ok

13:31:21.0061 5512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:31:21.0063 5512 mouhid - ok

13:31:21.0123 5512 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:31:21.0125 5512 mountmgr - ok

13:31:21.0165 5512 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:31:21.0168 5512 mpio - ok

13:31:21.0200 5512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:31:21.0202 5512 mpsdrv - ok

13:31:21.0254 5512 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:31:21.0257 5512 MRxDAV - ok

13:31:21.0295 5512 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:31:21.0298 5512 mrxsmb - ok

13:31:21.0324 5512 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:31:21.0328 5512 mrxsmb10 - ok

13:31:21.0351 5512 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:31:21.0354 5512 mrxsmb20 - ok

13:31:21.0379 5512 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:31:21.0381 5512 msahci - ok

13:31:21.0414 5512 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:31:21.0417 5512 msdsm - ok

13:31:21.0458 5512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:31:21.0459 5512 Msfs - ok

13:31:21.0475 5512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:31:21.0476 5512 mshidkmdf - ok

13:31:21.0490 5512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:31:21.0492 5512 msisadrv - ok

13:31:21.0534 5512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:31:21.0535 5512 MSKSSRV - ok

13:31:21.0550 5512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:31:21.0551 5512 MSPCLOCK - ok

13:31:21.0569 5512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:31:21.0570 5512 MSPQM - ok

13:31:21.0623 5512 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:31:21.0629 5512 MsRPC - ok

13:31:21.0663 5512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

13:31:21.0664 5512 mssmbios - ok

13:31:21.0689 5512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:31:21.0690 5512 MSTEE - ok

13:31:21.0709 5512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

13:31:21.0711 5512 MTConfig - ok

13:31:21.0734 5512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:31:21.0736 5512 Mup - ok

13:31:21.0795 5512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:31:21.0800 5512 NativeWifiP - ok

13:31:21.0869 5512 NBVol (7b2d90bbbbed11c8dfba441d34ae901e) C:\Windows\system32\DRIVERS\NBVol.sys

13:31:21.0871 5512 NBVol - ok

13:31:21.0918 5512 NBVolUp (4fe7b5757279d82c4d171e9f7fd52a75) C:\Windows\system32\DRIVERS\NBVolUp.sys

13:31:21.0919 5512 NBVolUp - ok

13:31:21.0989 5512 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

13:31:22.0002 5512 NDIS - ok

13:31:22.0044 5512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:31:22.0046 5512 NdisCap - ok

13:31:22.0076 5512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:31:22.0078 5512 NdisTapi - ok

13:31:22.0137 5512 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:31:22.0139 5512 Ndisuio - ok

13:31:22.0182 5512 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:31:22.0184 5512 NdisWan - ok

13:31:22.0236 5512 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:31:22.0237 5512 NDProxy - ok

13:31:22.0268 5512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:31:22.0270 5512 NetBIOS - ok

13:31:22.0311 5512 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:31:22.0315 5512 NetBT - ok

13:31:22.0472 5512 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

13:31:22.0586 5512 netw5v64 - ok

13:31:22.0703 5512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

13:31:22.0704 5512 nfrd960 - ok

13:31:22.0732 5512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:31:22.0734 5512 Npfs - ok

13:31:22.0766 5512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:31:22.0767 5512 nsiproxy - ok

13:31:22.0828 5512 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:31:22.0850 5512 Ntfs - ok

13:31:22.0880 5512 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:31:22.0881 5512 Null - ok

13:31:22.0942 5512 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys

13:31:22.0946 5512 NVHDA - ok

13:31:23.0243 5512 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys

13:31:23.0517 5512 nvlddmkm - ok

13:31:23.0612 5512 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:31:23.0615 5512 nvraid - ok

13:31:23.0640 5512 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:31:23.0644 5512 nvstor - ok

13:31:23.0693 5512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:31:23.0696 5512 nv_agp - ok

13:31:23.0743 5512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

13:31:23.0746 5512 ohci1394 - ok

13:31:23.0798 5512 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

13:31:23.0800 5512 Parport - ok

13:31:23.0848 5512 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

13:31:23.0850 5512 partmgr - ok

13:31:23.0908 5512 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:31:23.0912 5512 pci - ok

13:31:23.0936 5512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:31:23.0938 5512 pciide - ok

13:31:23.0966 5512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

13:31:23.0970 5512 pcmcia - ok

13:31:23.0990 5512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:31:23.0992 5512 pcw - ok

13:31:24.0019 5512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:31:24.0029 5512 PEAUTH - ok

13:31:24.0126 5512 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:31:24.0129 5512 PptpMiniport - ok

13:31:24.0160 5512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

13:31:24.0162 5512 Processor - ok

13:31:24.0221 5512 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:31:24.0223 5512 Psched - ok

13:31:24.0287 5512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

13:31:24.0309 5512 ql2300 - ok

13:31:24.0334 5512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

13:31:24.0337 5512 ql40xx - ok

13:31:24.0370 5512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:31:24.0372 5512 QWAVEdrv - ok

13:31:24.0397 5512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:31:24.0399 5512 RasAcd - ok

13:31:24.0443 5512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:31:24.0445 5512 RasAgileVpn - ok

13:31:24.0487 5512 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:31:24.0490 5512 Rasl2tp - ok

13:31:24.0506 5512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:31:24.0509 5512 RasPppoe - ok

13:31:24.0521 5512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:31:24.0523 5512 RasSstp - ok

13:31:24.0573 5512 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:31:24.0578 5512 rdbss - ok

13:31:24.0617 5512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

13:31:24.0619 5512 rdpbus - ok

13:31:24.0639 5512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:31:24.0640 5512 RDPCDD - ok

13:31:24.0662 5512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:31:24.0664 5512 RDPENCDD - ok

13:31:24.0689 5512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:31:24.0691 5512 RDPREFMP - ok

13:31:24.0735 5512 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

13:31:24.0739 5512 RDPWD - ok

13:31:24.0820 5512 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:31:24.0824 5512 rdyboost - ok

13:31:24.0947 5512 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys

13:31:24.0949 5512 RivaTuner64 - ok

13:31:24.0993 5512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:31:24.0995 5512 rspndr - ok

13:31:25.0027 5512 RTL8167 (5b04929ef24f87e239b880faae410e3a) C:\Windows\system32\DRIVERS\Rt64win7.sys

13:31:25.0031 5512 RTL8167 - ok

13:31:25.0069 5512 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:31:25.0072 5512 sbp2port - ok

13:31:25.0141 5512 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:31:25.0142 5512 scfilter - ok

13:31:25.0185 5512 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

13:31:25.0188 5512 sdbus - ok

13:31:25.0223 5512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:31:25.0224 5512 secdrv - ok

13:31:25.0269 5512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

13:31:25.0271 5512 Serenum - ok

13:31:25.0293 5512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

13:31:25.0296 5512 Serial - ok

13:31:25.0320 5512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

13:31:25.0321 5512 sermouse - ok

13:31:25.0371 5512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

13:31:25.0373 5512 sffdisk - ok

13:31:25.0398 5512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:31:25.0400 5512 sffp_mmc - ok

13:31:25.0422 5512 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

13:31:25.0424 5512 sffp_sd - ok

13:31:25.0477 5512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

13:31:25.0478 5512 sfloppy - ok

13:31:25.0547 5512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

13:31:25.0549 5512 SiSRaid2 - ok

13:31:25.0573 5512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

13:31:25.0576 5512 SiSRaid4 - ok

13:31:25.0618 5512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:31:25.0620 5512 Smb - ok

13:31:25.0649 5512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:31:25.0650 5512 spldr - ok

13:31:25.0752 5512 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys

13:31:25.0752 5512 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2

13:31:25.0754 5512 sptd ( LockedFile.Multi.Generic ) - warning

13:31:25.0754 5512 sptd - detected LockedFile.Multi.Generic (1)

13:31:25.0801 5512 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:31:25.0808 5512 srv - ok

13:31:25.0837 5512 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:31:25.0843 5512 srv2 - ok

13:31:25.0887 5512 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

13:31:25.0892 5512 SrvHsfHDA - ok

13:31:25.0949 5512 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

13:31:25.0972 5512 SrvHsfV92 - ok

13:31:26.0032 5512 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

13:31:26.0044 5512 SrvHsfWinac - ok

13:31:26.0091 5512 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:31:26.0094 5512 srvnet - ok

13:31:26.0140 5512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

13:31:26.0142 5512 stexstor - ok

13:31:26.0197 5512 STHDA (dffbc024dfc7bb05b2129e05cbc7a201) C:\Windows\system32\DRIVERS\stwrt64.sys

13:31:26.0204 5512 STHDA - ok

13:31:26.0249 5512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

13:31:26.0251 5512 swenum - ok

13:31:26.0305 5512 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys

13:31:26.0311 5512 SynTP - ok

13:31:26.0400 5512 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

13:31:26.0428 5512 Tcpip - ok

13:31:26.0552 5512 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

13:31:26.0569 5512 TCPIP6 - ok

13:31:26.0695 5512 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:31:26.0697 5512 tcpipreg - ok

13:31:26.0739 5512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:31:26.0740 5512 TDPIPE - ok

13:31:26.0763 5512 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

13:31:26.0765 5512 TDTCP - ok

13:31:26.0802 5512 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:31:26.0805 5512 tdx - ok

13:31:26.0835 5512 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

13:31:26.0837 5512 TermDD - ok

13:31:26.0924 5512 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:31:26.0926 5512 tssecsrv - ok

13:31:27.0008 5512 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:31:27.0010 5512 TsUsbFlt - ok

13:31:27.0070 5512 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:31:27.0073 5512 tunnel - ok

13:31:27.0099 5512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

13:31:27.0101 5512 uagp35 - ok

13:31:27.0151 5512 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:31:27.0157 5512 udfs - ok

13:31:27.0199 5512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:31:27.0202 5512 uliagpkx - ok

13:31:27.0251 5512 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

13:31:27.0252 5512 umbus - ok

13:31:27.0288 5512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

13:31:27.0290 5512 UmPass - ok

13:31:27.0345 5512 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

13:31:27.0347 5512 USBAAPL64 - ok

13:31:27.0446 5512 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

13:31:27.0449 5512 usbaudio - ok

13:31:27.0488 5512 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:31:27.0490 5512 usbccgp - ok

13:31:27.0512 5512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:31:27.0515 5512 usbcir - ok

13:31:27.0555 5512 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

13:31:27.0556 5512 usbehci - ok

13:31:27.0593 5512 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

13:31:27.0599 5512 usbhub - ok

13:31:27.0620 5512 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

13:31:27.0622 5512 usbohci - ok

13:31:27.0651 5512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

13:31:27.0653 5512 usbprint - ok

13:31:27.0698 5512 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:31:27.0701 5512 USBSTOR - ok

13:31:27.0723 5512 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

13:31:27.0725 5512 usbuhci - ok

13:31:27.0778 5512 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

13:31:27.0782 5512 usbvideo - ok

13:31:27.0823 5512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:31:27.0825 5512 vdrvroot - ok

13:31:27.0853 5512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:31:27.0855 5512 vga - ok

13:31:27.0881 5512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:31:27.0882 5512 VgaSave - ok

13:31:27.0912 5512 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:31:27.0916 5512 vhdmp - ok

13:31:27.0954 5512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:31:27.0955 5512 viaide - ok

13:31:27.0976 5512 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:31:27.0978 5512 volmgr - ok

13:31:28.0039 5512 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:31:28.0045 5512 volmgrx - ok

13:31:28.0095 5512 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:31:28.0100 5512 volsnap - ok

13:31:28.0150 5512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

13:31:28.0153 5512 vsmraid - ok

13:31:28.0174 5512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

13:31:28.0175 5512 vwifibus - ok

13:31:28.0219 5512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

13:31:28.0221 5512 vwififlt - ok

13:31:28.0254 5512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

13:31:28.0256 5512 WacomPen - ok

13:31:28.0315 5512 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:31:28.0318 5512 WANARP - ok

13:31:28.0323 5512 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:31:28.0325 5512 Wanarpv6 - ok

13:31:28.0395 5512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

13:31:28.0397 5512 Wd - ok

13:31:28.0428 5512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

13:31:28.0439 5512 Wdf01000 - ok

13:31:28.0481 5512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:31:28.0482 5512 WfpLwf - ok

13:31:28.0522 5512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:31:28.0524 5512 WIMMount - ok

13:31:28.0609 5512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

13:31:28.0610 5512 WmiAcpi - ok

13:31:28.0666 5512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:31:28.0667 5512 ws2ifsl - ok

13:31:28.0714 5512 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:31:28.0717 5512 WudfPf - ok

13:31:28.0748 5512 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:31:28.0752 5512 WUDFRd - ok

13:31:28.0790 5512 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

13:31:28.0796 5512 yukonw7 - ok

13:31:28.0825 5512 MBR (0x1B8) (e9a74a32b23140d7c242c3c3125dc619) \Device\Harddisk0\DR0

13:31:28.0831 5512 \Device\Harddisk0\DR0 - ok

13:31:28.0845 5512 Boot (0x1200) (359a22e18a9fbbe46c3e10c8900188fd) \Device\Harddisk0\DR0\Partition0

13:31:28.0846 5512 \Device\Harddisk0\DR0\Partition0 - ok

13:31:28.0856 5512 Boot (0x1200) (168db18406f1669f407ed958c54ddd4c) \Device\Harddisk0\DR0\Partition1

13:31:28.0858 5512 \Device\Harddisk0\DR0\Partition1 - ok

13:31:28.0876 5512 Boot (0x1200) (27fdc53274d556ccd46eb016ff584d39) \Device\Harddisk0\DR0\Partition2

13:31:28.0877 5512 \Device\Harddisk0\DR0\Partition2 - ok

13:31:28.0901 5512 Boot (0x1200) (4cf4871229b393df8392cc5e2f9b76b0) \Device\Harddisk0\DR0\Partition3

13:31:28.0902 5512 \Device\Harddisk0\DR0\Partition3 - ok

13:31:28.0918 5512 Boot (0x1200) (1017632f0a239f7ad4f0ab352aa0a5d3) \Device\Harddisk0\DR0\Partition4

13:31:28.0920 5512 \Device\Harddisk0\DR0\Partition4 - ok

13:31:28.0920 5512 ============================================================

13:31:28.0920 5512 Scan finished

13:31:28.0920 5512 ============================================================

13:31:28.0934 6060 Detected object count: 1

13:31:28.0934 6060 Actual detected object count: 1

13:31:39.0381 6060 sptd ( LockedFile.Multi.Generic ) - skipped by user

13:31:39.0381 6060 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

13:31:51.0056 4268 Deinitialize success

Posté(e)

- Ton rapport de TDSSKiller est OK.

 

- Tu ne m'as pas dit s'il y a un changement quelconque dans tes soucis initiaux? Essaie d'y penser à la fin de cette étape pour savoir quoi faire après.

 

- Trois antispyware à la fois c'est trop (ressource et place sur le DD):

Windows Defender

Lavasoft\Ad-Aware

Spybot

 

Le moins lourd étant le 1er, je te suggère de désinstaller les deux autres.

--

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

 

>>> ComboFix/ Correction: Cliquer sur "Démarrer" => "Exécuter". Saisir Notepad et cliquer sur "OK".

Copier et coller ces lignes:

 

Folder::

c:\users\mlk\AppData\Local\uTorrent

c:\users\mlk\AppData\Roaming\uTorrent

 

File::

c:\users\mlk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uTorrent.exe

 

RegLock::

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* Out è*€8*]

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* Out è*€8*\OpenWithList]

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* ªYtøå*‹file:///C:/Users/mlk/Music/Leftfield%20-%20Leftism%20-%20CD1]

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* ªYtøå*‹file:///C:/Users/mlk/Music/Leftfield%20-%20Leftism%20-%20CD1\OpenWithList]

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.* Out è*€8*]

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.* ªYtøå*‹file:///C:/Users/mlk/Music/Leftfield%20-%20Leftism%20-%20CD1]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Cliquer sur "Fichier" => "Enregistrer". Dans "Nom du fichier", saisir ou coller CFScript.txt, cliquer sur Bureau à gauche puis sur "Enregistrer" en bas à droite.

Fermer toutes les fenêtres et applications ouvertes et désactiver antivirus, pare-feu et antispyware pour éviter qu'ils interfèrent avec ComboFix.

Glisser le fichier CFScript.txt et le déposer sur ComboFix.exe CFScriptB-4.gif

Ceci a pour effet de lancer ComboFix. Patienter!

A la fin, redémarrer le PC (s'il ne redémarre pas automatiquement) et Copier/coller le contenu du rapport généré dans la prochaine réponse. Il est sauvegardé, automatiquement, à la racine de la partition système (généralement C:\).

 

 

>>> Analyse en ligne: , brancher/ allumer tous les médias amovibles disponibles (DD externe, clés USB etc) susceptibles d'avoir été infecté et désactiver antivirus/ pare-feu et antispyware.

Utiliser Internet Explorer pour aller ici, cliquer sur le bouton "Lancer ESET Online Scanner", cocher la case "Oui, j'accepte les conditions d'utilisation." et cliquer sur Start.

Accepter l'installation de l'ActiveX et cocher "Analyser les archives", DEcocher "Supprimer les menaces détectées" et cliquer Démarrer.

Eset téléchargera la base de données et commencera le scan. NE PAS utiliser la machine tant que l'analyse n'est pas finie (peut durer très longtemps).

Quand c'est fini, cliquer sur "Finish" et fermer la fenêtre de ESET. Un rapport "log.txt" sera sauvegardé automatiquement.

Pour ouvrir ce rapport, cliquer sur "Démarrer" => "Exécuter" et saisir (ou copier/coller):

%programfiles(x86)%\ESET\ESET Online Scanner\log.txt

Cliquer sur OK et copier/coller le contenu de la fenêtre qui s'ouvre dans la prochaine réponse.

Posté(e) (modifié)

dans le menu démarrer, je n'ai pas "executer"

 

j'ai donc crée un .txt sur le bureau, je l'ai nommé CFScript.txt et y ai collé le contenu de la citation plus haut.

 

ça me parait beaucoup plus simple que tes instructions alors je préfère attendre ta confirmation pour la poursuite de la procédure.

 

sinon je ne rencontre toujours pas les symptomes qui m'ont fait démarrer ce sujet mais leur intempestivité me pousse à attendre avant de me prononcer...

Modifié par toxeek
Posté(e)

bon, mon pc n'a pas pris feu :

 

 

ComboFix 11-12-16.01 - mlk 16/12/2011 16:58:02.2.4 - x64

Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4023.2039 [GMT 1:00]

Lancé depuis: c:\users\mlk\Desktop\ComboFix.exe

Commutateurs utilisés :: c:\users\mlk\Desktop\CFScript.txt

AV: Kaspersky Anti-Virus *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}

SP: Kaspersky Anti-Virus *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Un nouveau point de restauration a été créé

.

FILE ::

"c:\users\mlk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uTorrent.exe"

.

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\mlk\AppData\Local\uTorrent

c:\users\mlk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uTorrent.exe

c:\users\mlk\AppData\Roaming\uTorrent

c:\users\mlk\AppData\Roaming\uTorrent\settings.dat

c:\users\mlk\AppData\Roaming\uTorrent\settings.dat.old

.

Une copie infectée de c:\windows\SysWow64\userinit.exe a été trouvée et désinfectée

Copie restaurée à partir de - c:\windows\ERDNT\cache86\userinit.exe

.

.

((((((((((((((((((((((((((((( Fichiers créés du 2011-11-16 au 2011-12-16 ))))))))))))))))))))))))))))))))))))

.

.

2011-12-16 16:09 . 2011-12-16 16:09 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-16 16:09 . 2011-12-16 16:09 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2011-12-16 11:39 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{185216BA-1A4C-45D8-9241-FF44AFC48255}\mpengine.dll

2011-12-16 07:50 . 2011-12-16 07:50 512 ----a-w- C:\PhysicalDisk0_MBR.bin

2011-12-16 07:45 . 2011-12-16 10:53 -------- d-----w- C:\ZHP

2011-12-16 07:26 . 2011-12-16 10:41 -------- d-----w- c:\program files (x86)\ZHPDiag

2011-12-15 18:02 . 2011-09-09 17:23 2469760 ----a-w- c:\windows\SysWow64\BootMan.exe

2011-12-15 18:02 . 2011-09-07 16:06 3321728 ----a-w- c:\windows\system32\BootMan.exe

2011-12-15 18:02 . 2011-07-29 12:54 9096 ----a-w- c:\windows\system32\EuGdiDrv.sys

2011-12-15 18:02 . 2011-07-29 12:54 86408 ----a-w- c:\windows\SysWow64\setupempdrv03.exe

2011-12-15 18:02 . 2011-07-29 12:54 8456 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys

2011-12-15 18:02 . 2011-07-29 12:54 16776 ----a-w- c:\windows\system32\epmntdrv.sys

2011-12-15 18:02 . 2011-07-29 12:54 14216 ----a-w- c:\windows\SysWow64\epmntdrv.sys

2011-12-15 18:02 . 2011-07-29 12:54 100232 ----a-w- c:\windows\system32\setupempdrvx64.exe

2011-12-15 18:02 . 2011-07-29 12:54 19840 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll

2011-12-15 18:02 . 2011-07-29 12:54 16256 ----a-w- c:\windows\system32\EuEpmGdi.dll

2011-12-15 18:02 . 2011-12-15 18:02 -------- d-----w- c:\program files (x86)\EASEUS

2011-12-15 09:06 . 2011-12-15 09:06 -------- d-----w- c:\programdata\LightScribe

2011-12-15 09:03 . 2011-12-15 09:03 -------- d-----w- c:\users\mlk\AppData\Roaming\Nero

2011-12-15 08:41 . 2011-12-15 08:47 -------- d-----w- c:\program files (x86)\Common Files\Nero

2011-12-15 08:40 . 2011-12-15 08:52 -------- d-----w- c:\programdata\Nero

2011-12-15 08:29 . 2011-07-13 12:59 15920 ----a-w- c:\windows\system32\drivers\NBVolUp.sys

2011-12-15 08:29 . 2011-07-13 12:59 72240 ----a-w- c:\windows\system32\drivers\NBVol.sys

2011-12-15 08:29 . 2011-12-15 08:52 -------- d-----w- c:\program files (x86)\Nero

2011-12-15 08:28 . 2011-12-15 08:28 -------- d-----w- C:\55405612007316a03c6450bbea1e

2011-12-15 08:26 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll

2011-12-15 08:26 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll

2011-12-15 08:26 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll

2011-12-15 08:26 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll

2011-12-15 08:26 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll

2011-12-15 08:26 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll

2011-12-15 08:26 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll

2011-12-14 09:27 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 09:27 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys

2011-12-14 09:27 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 09:27 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll

2011-12-14 09:27 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-14 09:27 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2011-12-12 20:46 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2011-12-12 20:46 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll

2011-12-12 20:46 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2011-12-12 20:34 . 2011-12-12 20:34 -------- d-----w- c:\program files\iPod

2011-12-12 20:34 . 2011-12-12 20:45 -------- d-----w- c:\program files\iTunes

2011-12-12 20:34 . 2011-12-12 20:45 -------- d-----w- c:\program files (x86)\iTunes

2011-12-12 20:33 . 2011-12-12 20:33 -------- d-----w- c:\program files (x86)\Apple Software Update

2011-12-12 20:32 . 2011-12-12 20:32 -------- d-----w- c:\program files\Common Files\Apple

2011-12-12 20:32 . 2011-12-12 20:32 -------- d-----w- c:\program files\Bonjour

2011-12-12 20:32 . 2011-12-12 20:32 -------- d-----w- c:\program files (x86)\Bonjour

2011-12-08 22:19 . 2011-12-08 22:19 -------- d-----w- c:\users\mlk\AppData\Roaming\Malwarebytes

2011-12-08 22:17 . 2011-12-08 22:17 -------- d-----w- c:\programdata\Malwarebytes

2011-12-08 22:17 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-08 22:17 . 2011-12-08 22:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-12-08 16:25 . 2011-12-08 16:25 -------- d-----w- c:\program files (x86)\LinuxLive USB Creator

2011-12-07 13:20 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll

2011-12-07 13:19 . 2011-12-07 13:19 -------- d-----w- c:\program files (x86)\Winamp Detect

2011-12-07 13:19 . 2011-12-07 13:19 -------- d-----w- c:\users\mlk\AppData\Roaming\Todae

2011-12-07 13:19 . 2011-12-07 13:19 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine

2011-12-07 13:19 . 2011-12-15 12:01 -------- d-----w- c:\users\mlk\AppData\Roaming\Winamp

2011-12-07 13:19 . 2011-12-07 13:22 -------- d-----w- c:\program files (x86)\Winamp

2011-12-02 19:17 . 2011-12-02 19:17 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-12-02 17:53 . 2011-12-16 13:47 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2011-12-02 17:53 . 2011-12-16 13:47 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2011-12-02 15:59 . 2011-12-16 13:44 -------- d-----w- c:\programdata\Lavasoft

2011-12-02 15:59 . 2011-12-02 15:59 -------- d-----w- c:\program files (x86)\Lavasoft

2011-12-02 15:52 . 2011-12-02 15:52 279616 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-12-02 15:48 . 2011-12-02 15:52 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2011-12-02 06:42 . 2011-12-02 06:42 -------- d-----w- c:\program files (x86)\Cisco

2011-12-02 06:40 . 2011-12-02 06:39 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll

2011-12-02 06:40 . 2011-12-02 06:39 3561272 ----a-w- c:\windows\system32\bcmihvui64.dll

2011-12-02 06:40 . 2011-12-02 06:39 4171328 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS

2011-12-02 06:40 . 2011-12-02 06:39 3896632 ----a-w- c:\windows\system32\bcmihvsrv64.dll

2011-12-02 06:39 . 2011-12-02 06:39 -------- d-----w- c:\users\mlk\AppData\Roaming\InstallShield

2011-12-02 06:22 . 2011-12-02 06:23 -------- d-----w- c:\program files (x86)\ma-config.com

2011-12-02 06:22 . 2011-12-02 06:22 -------- d-----w- c:\programdata\ma-config.com

2011-12-01 21:13 . 2011-12-16 16:11 -------- d-----w- c:\programdata\Kaspersky Lab

2011-12-01 21:13 . 2011-12-01 21:13 -------- d-----w- c:\program files (x86)\Kaspersky Lab

2011-12-01 18:09 . 2011-12-01 18:10 -------- d-----w- c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition

2011-11-27 12:42 . 2011-12-15 08:28 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-27 12:41 . 2011-11-27 12:41 -------- d-----w- c:\windows\system32\Macromed

2011-11-27 11:58 . 2011-11-27 11:58 -------- d-----w- c:\users\mlk\AppData\Local\Mozilla

2011-11-25 17:16 . 2011-11-25 17:16 -------- d-----w- c:\users\mlk\AppData\Roaming\NVIDIA

2011-11-25 17:15 . 2011-12-02 18:23 -------- d-----w- c:\users\UpdatusUser

2011-11-25 17:15 . 2011-11-25 17:16 -------- d-----w- c:\program files (x86)\NVIDIA Corporation

2011-11-25 17:15 . 2011-10-15 08:53 837952 ----a-w- c:\windows\system32\easyupdatusapiu64.dll

2011-11-25 17:15 . 2011-11-25 17:15 -------- d-----w- c:\programdata\NVIDIA Corporation

2011-11-25 17:11 . 2011-11-25 17:15 -------- d-----w- c:\program files\NVIDIA Corporation

2011-11-25 17:09 . 2011-11-25 17:09 -------- d-----w- C:\NVIDIA

2011-11-18 13:48 . 2011-11-24 15:41 -------- d-----w- c:\program files (x86)\Power Meter Plus

2011-11-17 22:26 . 2011-11-17 22:26 -------- d-----w- c:\users\mlk\AppData\Local\Microsoft Games

.

.

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-02 06:39 . 2010-02-16 00:24 6656 ----a-w- c:\windows\system32\bcmwlrc.dll

2011-10-21 08:13 . 2011-09-30 21:16 848 --sha-w- c:\programdata\KGyGaAvL.sys

2011-10-15 08:53 . 2009-11-29 17:20 8791360 ----a-w- c:\windows\system32\nvwgf2umx.dll

2011-10-15 08:53 . 2009-11-29 17:20 2808128 ----a-w- c:\windows\system32\nvapi64.dll

2011-10-15 08:53 . 2009-11-29 17:20 2458432 ----a-w- c:\windows\SysWow64\nvapi.dll

2011-10-15 08:53 . 2009-11-29 17:20 15693120 ----a-w- c:\windows\system32\nvd3dumx.dll

2011-10-15 08:53 . 2009-11-29 17:20 13205312 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2011-10-15 08:53 . 2009-11-28 20:56 1640768 ----a-w- c:\windows\system32\nvvsvc.exe

2011-10-15 08:53 . 2009-11-28 20:55 539456 ----a-w- c:\windows\system32\nvhotkey.dll

2011-10-15 08:53 . 2009-11-28 20:55 5067584 ----a-w- c:\windows\system32\nvsvc64.dll

2011-10-15 08:53 . 2009-11-28 20:55 3074368 ----a-w- c:\windows\system32\nvsvcr.dll

2011-10-15 08:53 . 2009-11-28 20:55 222528 ----a-w- c:\windows\system32\nvmctray.dll

2011-10-15 08:53 . 2009-11-28 20:55 137536 ----a-w- c:\windows\system32\nvshext.dll

2011-10-15 08:53 . 2009-11-28 20:55 10406208 ----a-w- c:\windows\system32\nvcpl.dll

2011-10-07 08:22 . 2011-10-07 08:22 406528 ----a-w- c:\windows\SysWow64\ReWire.dll

2011-10-07 08:22 . 2011-10-07 08:22 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll

2011-10-03 04:06 . 2011-09-26 13:59 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-09-29 16:29 . 2011-11-09 09:37 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-09-27 12:58 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2011-09-27 12:58 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2011-09-26 13:46 . 2010-01-08 23:31 588472 ----a-w- c:\windows\SysWow64\ezsvc7x.dll

2011-09-26 13:27 . 2011-09-26 13:27 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2011-09-26 13:27 . 2011-09-26 13:27 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2011-09-26 13:27 . 2011-09-26 13:27 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2011-09-26 13:27 . 2011-09-26 13:27 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2011-09-26 13:27 . 2011-09-26 13:27 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2011-09-26 13:27 . 2011-09-26 13:27 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2011-09-26 13:27 . 2011-09-26 13:27 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2011-09-26 13:27 . 2011-09-26 13:27 367104 ----a-w- c:\windows\SysWow64\html.iec

2011-09-26 13:27 . 2011-09-26 13:27 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2011-09-26 13:27 . 2011-09-26 13:27 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2011-09-26 13:27 . 2011-09-26 13:27 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2011-09-26 13:27 . 2011-09-26 13:27 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2011-09-26 13:27 . 2011-09-26 13:27 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2011-09-26 13:27 . 2011-09-26 13:27 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2011-09-26 13:27 . 2011-09-26 13:27 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2011-09-26 13:27 . 2011-09-26 13:27 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2011-09-26 13:27 . 2011-09-26 13:27 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2011-09-26 13:27 . 2011-09-26 13:27 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2011-09-26 13:27 . 2011-09-26 13:27 222208 ----a-w- c:\windows\system32\msls31.dll

2011-09-26 13:27 . 2011-09-26 13:27 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2011-09-26 13:27 . 2011-09-26 13:27 85504 ----a-w- c:\windows\system32\iesetup.dll

2011-09-26 13:27 . 2011-09-26 13:27 76800 ----a-w- c:\windows\system32\tdc.ocx

2011-09-26 13:27 . 2011-09-26 13:27 49664 ----a-w- c:\windows\system32\imgutil.dll

2011-09-26 13:27 . 2011-09-26 13:27 48640 ----a-w- c:\windows\system32\mshtmler.dll

2011-09-26 13:27 . 2011-09-26 13:27 448512 ----a-w- c:\windows\system32\html.iec

2011-09-26 13:27 . 2011-09-26 13:27 30720 ----a-w- c:\windows\system32\licmgr10.dll

2011-09-26 13:27 . 2011-09-26 13:27 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2011-09-26 13:27 . 2011-09-26 13:27 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2011-09-26 13:27 . 2011-09-26 13:27 12288 ----a-w- c:\windows\system32\mshta.exe

2011-09-26 13:27 . 2011-09-26 13:27 114176 ----a-w- c:\windows\system32\admparse.dll

2011-09-26 13:27 . 2011-09-26 13:27 111616 ----a-w- c:\windows\system32\iesysprep.dll

2011-09-26 13:27 . 2011-09-26 13:27 603648 ----a-w- c:\windows\system32\vbscript.dll

2011-09-26 13:27 . 2011-09-26 13:27 165888 ----a-w- c:\windows\system32\iexpress.exe

2011-09-26 13:27 . 2011-09-26 13:27 160256 ----a-w- c:\windows\system32\wextract.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2011-12-16_12.00.34 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2011-12-16 12:00 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2011-12-16 12:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2011-12-16 12:17 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2011-12-16 12:00 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2011-12-16 12:00 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2011-12-16 12:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 05:10 . 2011-12-16 16:12 46942 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-09-26 13:53 . 2011-12-16 16:12 13624 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-807948818-632619353-2037628586-1001_UserData.bin

- 2010-02-16 00:24 . 2011-12-16 11:19 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-02-16 00:24 . 2011-12-16 14:17 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-02-16 00:24 . 2011-12-16 14:17 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-02-16 00:24 . 2011-12-16 11:19 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-12-16 14:17 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2011-12-16 11:19 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-12-16 12:17 . 2011-12-16 16:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2011-12-16 11:59 . 2011-12-16 11:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-12-16 12:17 . 2011-12-16 16:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2011-12-16 11:59 . 2011-12-16 11:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2011-09-26 12:40 . 2011-12-16 15:48 360618 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2009-06-02 24264488]

"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Corel File Shell Monitor"="c:\program files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2009-08-25 15544]

"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe" [2011-04-24 202296]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288]

.

c:\users\mlk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2011-7-6 6904208]

Snagit 10.lnk - c:\program files (x86)\TechSmith\Snagit 10\Snagit32.exe [2010-9-1 7056712]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"HideFastUserSwitching"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]

R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]

R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]

R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]

R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]

R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-11-25 311928]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2011-12-01 19952]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]

S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]

S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]

S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-07-06 2304912]

S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]

S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

.

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\AutorunsDisabled\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contenu du dossier 'Tâches planifiées'

.

2011-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-807948818-632619353-2037628586-1001Core.job

- c:\users\mlk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-26 13:22]

.

2011-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-807948818-632619353-2037628586-1001UA.job

- c:\users\mlk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-26 13:22]

.

2011-12-12 c:\windows\Tasks\HPCeeScheduleFormlk.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]

.

------- Examen supplémentaire -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 212.27.40.241 212.27.40.240

FF - ProfilePath - c:\users\mlk\AppData\Roaming\Mozilla\Firefox\Profiles\yc0fy0un.default\

FF - prefs.js: browser.startup.homepage - hxxp://sn125w.snt125.mail.live.com/default.aspx

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHELINS SUPPRIMES - - - -

.

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

.

.

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Out è*€8*]

@Class="Shell"

@Allowed: (Read) (RestrictedCode)

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Out è*€8*\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ªYtøå*‹file:///C:/Users/mlk/Music/Leftfield%20-%20Leftism%20-%20CD1]

@Class="Shell"

@Allowed: (Read) (RestrictedCode)

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ªYtøå*‹file:///C:/Users/mlk/Music/Leftfield%20-%20Leftism%20-%20CD1\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*Out è*€8*]

"0"=hex:43,3a,5c,55,73,65,72,73,5c,6d,6c,6b,5c,4d,75,73,69,63,5c,4d,20,2d,20,

6c,65,20,74,6f,75,72,20,64,65,20,2d,4d,2d,20,43,44,32,00,65,00,73,00,2e,00,\

"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff

.

[HKEY_USERS\S-1-5-21-807948818-632619353-2037628586-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*ªYtøå*‹file:///C:/Users/mlk/Music/Leftfield%20-%20Leftism%20-%20CD1]

"0"=hex:43,3a,5c,55,73,65,72,73,5c,6d,6c,6b,5c,4d,75,73,69,63,5c,6c,69,76,69,

6e,67,20,63,6f,6c,6f,72,20,2d,20,76,69,76,69,64,00,4c,00,65,00,73,00,2e,00,\

"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff

.

------------------------ Autres processus actifs ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

c:\program files (x86)\CyberLink\Shared files\RichVideo.exe

c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

.

**************************************************************************

.

Heure de fin: 2011-12-16 17:17:41 - La machine a redémarré

ComboFix-quarantined-files.txt 2011-12-16 16:17

ComboFix2.txt 2011-12-16 12:07

.

Avant-CF: 135 827 664 896 octets libres

Après-CF: 135 758 876 672 octets libres

.

- - End Of File - - 70DC92AF46A0208B0E5914DDC46C3A5A

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...