Votre question

Virus démarrage Windows

Tags :
  • Virus
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Novembre 2011 00:20:30

Bonsoir!

J'ai des soucis pour ouvrir windows quand je démarre mon pc (doit obligatoirement faire une restauration critique du système à chaque fois pour se lancer). J'ai donc cherché si j'avais des virus et les résultats sont ceux-ci:

http://pjjoint.malekal.com/files.php?id=n6r14e8l12j10u1...

http://pjjoint.malekal.com/files.php?id=b7z12l9y5h15u76...

Et pour OTL:

http://pjjoint.malekal.com/files.php?id=k12w5c14j13c11r...

Avec le scan d'Avast j'ai trouvé deux virus qu'il n'arrive pas à supprimer, ils s'appellent : "Win32:Malware-gen"! J'espère que vous allez pouvoir m'aider, merci d'avance!

Autres pages sur : virus demarrage windows

18 Novembre 2011 21:14:47

Bonsoir
faudrait déjà virer tes trucs de torrents, vu que le problème est très vraisemblablement arrivé par là...
Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs : Combofix
Sauvegarde-le sur ton bureau et pas ailleurs!

Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

<@_@>

+++++++++++++++++++++
19 Novembre 2011 01:51:15

Merci pour ta réponse!

Voici ce que tu m'as demandé:

ComboFix 11-11-18.02 - Arthur 19/11/2011 1:07.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.2935.1405 [GMT 1:00]
Lancé depuis: c:\users\Arthur\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\FREEzeFrog
c:\program files (x86)\OfferBox
c:\program files (x86)\OfferBox\OfferBoxBHO.dll
c:\program files (x86)\QuestScan
c:\program files (x86)\QuestScan\uninstall.exe
c:\programdata\QuestScan
c:\users\Arthur\AppData\Roaming\6262.1EA
c:\users\Arthur\AppData\Roaming\Adobe\plugs
c:\users\Arthur\AppData\Roaming\Adobe\shed
c:\users\Arthur\AppData\Roaming\OfferBox
c:\users\Arthur\AppData\Roaming\OfferBox\config.dat
c:\users\Arthur\AppData\Roaming\OfferBox\config.xml
c:\windows\System64
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\system32
c:\windows\SysWow64\system32\3DAudio.ax
c:\windows\SysWow64\system32\avrt.dll
c:\windows\SysWow64\system32\cis-2.4.dll
c:\windows\SysWow64\system32\issacapi_bs-2.3.dll
c:\windows\SysWow64\system32\issacapi_pe-2.3.dll
c:\windows\SysWow64\system32\issacapi_se-2.3.dll
c:\windows\SysWow64\system32\MACXMLProto.dll
c:\windows\SysWow64\system32\MaDRM.dll
c:\windows\SysWow64\system32\MaJGUILib.dll
c:\windows\SysWow64\system32\MaJUtilLib.dll
c:\windows\SysWow64\system32\MAMACExtract.dll
c:\windows\SysWow64\system32\MASetupCaller.dll
c:\windows\SysWow64\system32\MASetupCleaner.exe
c:\windows\SysWow64\system32\MaXMLProto.dll
c:\windows\SysWow64\system32\MetaStore2.dll
c:\windows\SysWow64\system32\mfplat.dll
c:\windows\SysWow64\system32\Microsoft.Synchronization.dll
c:\windows\SysWow64\system32\MK_Lyric.dll
c:\windows\SysWow64\system32\MSCLib.dll
c:\windows\SysWow64\system32\MSFLib.dll
c:\windows\SysWow64\system32\MSLUR71.dll
c:\windows\SysWow64\system32\msvcp60.dll
c:\windows\SysWow64\system32\MTTELECHIP.dll
c:\windows\SysWow64\system32\MTXSYNCICON.dll
c:\windows\SysWow64\system32\muzaf1.dll
c:\windows\SysWow64\system32\muzapp.dll
c:\windows\SysWow64\system32\muzapp.exe
c:\windows\SysWow64\system32\muzdecode.ax
c:\windows\SysWow64\system32\muzeffect.ax
c:\windows\SysWow64\system32\muzmp4sp.ax
c:\windows\SysWow64\system32\muzmpgsp.ax
c:\windows\SysWow64\system32\muzoggsp.ax
c:\windows\SysWow64\system32\muzwmts.dll
c:\windows\SysWow64\system32\psapi.dll
c:\windows\SysWow64\system32\Synchronization2.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-10-19 au 2011-11-19 ))))))))))))))))))))))))))))))))))))
.
.
2011-11-19 00:20 . 2011-11-19 00:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-19 00:04 . 2011-11-19 00:04 -------- d-----w- c:\users\Arthur\AppData\Roaming\Avira
2011-11-18 09:30 . 2011-11-18 09:30 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD68D484-2E1B-4B37-AC25-EB4B5033BD45}\offreg.dll
2011-11-18 09:30 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD68D484-2E1B-4B37-AC25-EB4B5033BD45}\mpengine.dll
2011-11-17 23:42 . 2011-11-17 23:42 512 ----a-w- C:\PhysicalMBR.bin
2011-11-17 22:52 . 2011-07-21 11:22 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-11-17 22:52 . 2011-07-21 11:22 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-11-17 22:51 . 2011-11-17 22:51 -------- d-----w- c:\programdata\Avira
2011-11-17 22:51 . 2011-11-17 22:51 -------- d-----w- c:\program files (x86)\Avira
2011-11-17 19:04 . 2011-11-17 13:08 -------- d-----w- C:\Emergency
2011-11-17 17:45 . 2011-11-17 22:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-14 13:17 . 2011-11-17 18:49 -------- d-----w- c:\programdata\iolo
2011-11-14 13:17 . 2011-11-14 13:17 -------- d-----w- c:\users\Arthur\AppData\Roaming\iolo
2011-11-12 14:31 . 2011-11-12 14:40 -------- d-----w- C:\adba5e948aa0b520c5dfb8b78ba9
2011-11-09 20:12 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 20:12 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 20:12 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 20:12 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 08:55 . 2011-11-04 08:55 -------- d-----w- c:\users\Arthur\AppData\Local\APN
2011-11-04 08:55 . 2011-11-04 08:55 -------- d-----w- c:\programdata\Ask
2011-10-26 12:52 . 2011-10-26 12:52 -------- d-----w- c:\users\Arthur\AppData\Local\Facebook
2011-10-26 11:18 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 11:18 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-24 11:59 . 2011-10-24 11:59 36352 ----a-w- c:\windows\SysWow64\KAK2n.com
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-18 07:39 . 2011-06-04 08:06 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-05 17:22 . 2011-10-05 17:22 0 ----a-w- c:\windows\SysWow64\sho5543.tmp
2011-10-02 22:31 . 2011-10-02 22:31 0 ----a-w- c:\windows\SysWow64\sho3D02.tmp
2011-10-01 03:25 . 2011-10-13 18:01 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-01 02:42 . 2011-10-13 18:01 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-09-27 08:29 . 2011-09-27 08:29 0 ----a-w- c:\windows\SysWow64\sho61F0.tmp
2011-09-23 16:27 . 2011-09-23 16:27 0 ----a-w- c:\windows\SysWow64\sho933E.tmp
2011-09-22 07:16 . 2011-09-22 07:16 0 ----a-w- c:\windows\SysWow64\sho92DF.tmp
2011-09-06 20:45 . 2011-09-20 13:30 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-09-20 13:30 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-09-20 13:31 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-09-20 13:31 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2011-09-20 13:31 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-09-20 13:31 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-09-20 13:31 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-09-20 13:31 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-09-20 13:31 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-31 16:00 . 2011-04-27 17:11 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-30 21:05 . 2011-08-30 21:05 96104 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-30 21:05 . 2011-08-30 21:05 85864 ----a-w- c:\windows\system32\dnssd.dll
2011-08-30 21:05 . 2011-08-30 21:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-30 21:05 . 2011-08-30 21:05 212840 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-08-27 05:37 . 2011-10-13 18:01 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-13 18:01 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-13 18:01 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-08-27 04:26 . 2011-10-13 18:01 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-10-18 3908192]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\tbVuze.dll" [2010-11-23 3908192]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files (x86)\Softonic_France\tbSoft.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\Softonic_France\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}]
2009-11-20 17:34 87472 ----a-w- c:\progra~2\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-11-23 17:55 3908192 ----a-w- c:\program files (x86)\Vuze_Remote\tbVuze.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 20:20 1515688 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EC8FCB46-9F27-476E-B26A-93989316D2FB}]
2010-10-28 23:05 90624 ----a-w- c:\program files (x86)\WebAdSystem\BrowserExtensions\internetexplorer\WebAdSystemBho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\tbVuze.dll" [2010-11-23 3908192]
"{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}"= "c:\progra~2\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll" [2009-11-20 87472]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files (x86)\Softonic_France\tbSoft.dll" [2010-10-18 3908192]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
"{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}"= "c:\program files (x86)\vShare.tv plugin\BarLcher.dll" [2011-06-01 177712]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f}]
.
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{7ac3e13b-3bca-4158-b330-f66dbb03c1b5}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher.1]
[HKEY_CLASSES_ROOT\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-23 39408]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-11-08 929168]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-01-29 3372856]
"Facebook Update"="c:\users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-26 137536]
"ManyCam"="c:\program files (x86)\ManyCam\Bin\ManyCam.exe" [2011-09-29 1756232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-11 559616]
.
c:\users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Taskman"=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-23 136176]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-23 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-05-25 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 169312]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]
S2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe [2010-04-14 1052328]
S2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe [2010-04-14 45736]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2011-08-10 102608]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-17 2320920]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
.
.
Contenu du dossier 'Tâches planifiées'
.
2011-11-18 c:\windows\Tasks\At11.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-19 c:\windows\Tasks\At13.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At15.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At17.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At19.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At21.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At23.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At25.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At27.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At29.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At3.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At31.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At33.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At35.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At37.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At39.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At41.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At43.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At45.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At47.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At5.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At7.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\At9.job
- c:\windows\system32\KAK2n.com [2011-10-24 11:59]
.
2011-11-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1863726558-3776486946-1034311972-1001Core.job
- c:\users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-26 12:52]
.
2011-11-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1863726558-3776486946-1034311972-1001UA.job
- c:\users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-26 12:52]
.
2011-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-23 11:35]
.
2011-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-23 11:35]
.
2011-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1863726558-3776486946-1034311972-1001Core.job
- c:\users\Arthur\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-25 11:35]
.
2011-11-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1863726558-3776486946-1034311972-1001UA.job
- c:\users\Arthur\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-25 11:35]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-01-06 3179288]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-03 5712896]
"lxebmon.exe"="c:\program files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe" [2010-05-05 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro200-S500 Series\ezprint.exe" [2010-05-05 148280]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"combofix"="c:\combofix\CF17163.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:57374
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
FF - ProfilePath - c:\users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\9f3p9h5a.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://startsear.ch/?aff=1
FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 57374
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file)
WebBrowser-{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1863726558-3776486946-1034311972-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1863726558-3776486946-1034311972-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2011-11-19 01:36:46 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-11-19 00:36
.
Avant-CF: 190 360 018 944 octets libres
Après-CF: 190 333 411 328 octets libres
.
- - End Of File - - 69CB88F8C36AB9507EFE9788439C922B
Contenus similaires
19 Novembre 2011 18:01:52

Bonsoir
je crois que je t'avais conseillé de désinstallé tous tes trucs de torrents....

étape 1

désinstalle:
c:\program files (x86)\Ask.com
c:\program files (x86)\uTorrentBar
c:\program files (x86)\Vuze_Remote
c:\program files (x86)\Softonic_France
c:\program files (x86)\ConduitEngine

étape 2

Copie (Ctrl+C) le texte ci-dessous :
Killall::
AtJob::
File::
c:\windows\system32\KAK2n.com
c:\windows\SysWow64\KAK2n.com



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte que tu viens de copier.
Sauvegarde ce fichier sous le nom de CFScript.txt

Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture


  • Combofix se lance, laisse toi guider..

  • Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
    Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis

  • Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer

    étape 3


    telecharge sur ton bureau http://support.kaspersky.com/downloads/utils/tdsskiller... , dezippe le et execute le , un rapport sera crée ici:

    C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu

    tu as aussi directement l'executable là : http://support.kaspersky.com/downloads/utils/tdsskiller...

    o execute le , La fenêtre suivante va s'ouvrir::



    o Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
    o Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:



    o Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

    o Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.

    o Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.

    o Si Suspicious file est indiqué, laisse l'option cochée sur Skip

    o Clique sur Continue puis sur Reboot now pour redémarrer le PC.

    o Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).

    tutoriel--> http://support.kaspersky.com/viruses/solutions?qid=2082...


    21 Novembre 2011 16:28:33

    Merci pour ta réponse! Je crois que mon virus a disparu!...

    Voila mon rapport combofix :

    ComboFix 11-11-18.02 - Arthur 21/11/2011 15:51:15.2.4 - x64
    Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.2935.1497 [GMT 1:00]
    Lancé depuis: c:\users\Arthur\Desktop\ComboFix.exe
    Commutateurs utilisés :: c:\users\Arthur\Desktop\CFScript.txt
    AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\windows\system32\KAK2n.com"
    "c:\windows\SysWow64\KAK2n.com"
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\Tasks\At11.job
    c:\windows\Tasks\At13.job
    c:\windows\Tasks\At15.job
    c:\windows\Tasks\At17.job
    c:\windows\Tasks\At19.job
    c:\windows\Tasks\At21.job
    c:\windows\Tasks\At23.job
    c:\windows\Tasks\At25.job
    c:\windows\Tasks\At27.job
    c:\windows\Tasks\At29.job
    c:\windows\Tasks\At3.job
    c:\windows\Tasks\At31.job
    c:\windows\Tasks\At33.job
    c:\windows\Tasks\At35.job
    c:\windows\Tasks\At37.job
    c:\windows\Tasks\At39.job
    c:\windows\Tasks\At41.job
    c:\windows\Tasks\At43.job
    c:\windows\Tasks\At45.job
    c:\windows\Tasks\At47.job
    c:\windows\Tasks\At5.job
    c:\windows\Tasks\At7.job
    c:\windows\Tasks\At9.job
    .
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-10-21 au 2011-11-21 ))))))))))))))))))))))))))))))))))))
    .
    .
    2011-11-21 15:01 . 2011-11-21 15:01 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-11-19 16:20 . 2011-11-19 16:20 -------- d-----w- c:\program files\iPod
    2011-11-19 16:20 . 2011-11-19 16:21 -------- d-----w- c:\program files\iTunes
    2011-11-19 00:04 . 2011-11-19 00:04 -------- d-----w- c:\users\Arthur\AppData\Roaming\Avira
    2011-11-17 23:42 . 2011-11-17 23:42 512 ----a-w- C:\PhysicalMBR.bin
    2011-11-17 22:52 . 2011-07-21 11:22 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
    2011-11-17 22:52 . 2011-07-21 11:22 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2011-11-17 22:51 . 2011-11-17 22:51 -------- d-----w- c:\programdata\Avira
    2011-11-17 22:51 . 2011-11-17 22:51 -------- d-----w- c:\program files (x86)\Avira
    2011-11-17 19:04 . 2011-11-17 13:08 -------- d-----w- C:\Emergency
    2011-11-17 17:45 . 2011-11-17 22:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-11-14 13:17 . 2011-11-17 18:49 -------- d-----w- c:\programdata\iolo
    2011-11-14 13:17 . 2011-11-14 13:17 -------- d-----w- c:\users\Arthur\AppData\Roaming\iolo
    2011-11-12 14:31 . 2011-11-12 14:40 -------- d-----w- C:\adba5e948aa0b520c5dfb8b78ba9
    2011-11-09 20:12 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
    2011-11-09 20:12 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
    2011-11-09 20:12 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-11-09 20:12 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
    2011-11-04 08:55 . 2011-11-04 08:55 -------- d-----w- c:\users\Arthur\AppData\Local\APN
    2011-11-04 08:55 . 2011-11-04 08:55 -------- d-----w- c:\programdata\Ask
    2011-10-26 12:52 . 2011-10-26 12:52 -------- d-----w- c:\users\Arthur\AppData\Local\Facebook
    2011-10-26 11:18 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
    2011-10-26 11:18 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-10-18 07:39 . 2011-06-04 08:06 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-07 04:16 . 2011-11-18 09:30 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD68D484-2E1B-4B37-AC25-EB4B5033BD45}\mpengine.dll
    2011-10-05 17:22 . 2011-10-05 17:22 0 ----a-w- c:\windows\SysWow64\sho5543.tmp
    2011-10-02 22:31 . 2011-10-02 22:31 0 ----a-w- c:\windows\SysWow64\sho3D02.tmp
    2011-10-01 03:25 . 2011-10-13 18:01 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2011-10-01 02:42 . 2011-10-13 18:01 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2011-09-27 08:29 . 2011-09-27 08:29 0 ----a-w- c:\windows\SysWow64\sho61F0.tmp
    2011-09-23 16:27 . 2011-09-23 16:27 0 ----a-w- c:\windows\SysWow64\sho933E.tmp
    2011-09-22 07:16 . 2011-09-22 07:16 0 ----a-w- c:\windows\SysWow64\sho92DF.tmp
    2011-09-06 20:45 . 2011-09-20 13:30 41184 ----a-w- c:\windows\avastSS.scr
    2011-09-06 20:45 . 2011-09-20 13:30 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
    2011-09-06 20:45 . 2011-09-20 13:31 254400 ----a-w- c:\windows\system32\aswBoot.exe
    2011-09-06 20:38 . 2011-09-20 13:31 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-09-06 20:38 . 2011-09-20 13:31 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-09-06 20:36 . 2011-09-20 13:31 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-09-06 20:36 . 2011-09-20 13:31 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-09-06 20:36 . 2011-09-20 13:31 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-09-06 20:36 . 2011-09-20 13:31 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-08-31 16:00 . 2011-04-27 17:11 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-08-30 21:05 . 2011-08-30 21:05 96104 ----a-w- c:\windows\system32\dns-sd.exe
    2011-08-30 21:05 . 2011-08-30 21:05 85864 ----a-w- c:\windows\system32\dnssd.dll
    2011-08-30 21:05 . 2011-08-30 21:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll
    2011-08-30 21:05 . 2011-08-30 21:05 212840 ----a-w- c:\windows\system32\dnssdX.dll
    2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe
    2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll
    2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll
    2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll
    2011-08-27 05:37 . 2011-10-13 18:01 861696 ----a-w- c:\windows\system32\oleaut32.dll
    2011-08-27 05:37 . 2011-10-13 18:01 331776 ----a-w- c:\windows\system32\oleacc.dll
    2011-08-27 04:26 . 2011-10-13 18:01 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
    2011-08-27 04:26 . 2011-10-13 18:01 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-11-19_00.26.10 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2011-11-21 15:02 . 2011-11-21 15:02 14549 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
    - 2011-11-13 00:25 . 2011-11-13 00:25 14549 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
    + 2009-07-14 04:54 . 2011-11-21 15:08 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-07-14 04:54 . 2011-11-19 00:27 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-07-14 04:54 . 2011-11-19 00:27 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-07-14 04:54 . 2011-11-21 15:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-07-14 04:54 . 2011-11-21 15:08 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2009-07-14 04:54 . 2011-11-19 00:27 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-04-29 12:31 . 2011-11-21 11:10 71168 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2011-11-21 11:10 37654 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2010-10-23 08:19 . 2011-11-21 11:10 20120 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1863726558-3776486946-1034311972-1001_UserData.bin
    + 2009-07-14 05:30 . 2011-11-19 16:17 86016 c:\windows\system32\DriverStore\infpub.dat
    - 2009-07-14 05:30 . 2011-11-04 08:55 86016 c:\windows\system32\DriverStore\infpub.dat
    - 2010-10-22 18:23 . 2011-11-19 00:27 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-10-22 18:23 . 2011-11-21 15:06 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-10-22 18:23 . 2011-11-21 15:06 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-10-22 18:23 . 2011-11-19 00:27 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-10-22 18:23 . 2011-11-21 15:06 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2010-10-22 18:23 . 2011-11-19 00:27 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2010-10-22 18:08 . 2011-11-19 00:27 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-10-22 18:08 . 2011-11-21 15:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-10-22 20:48 . 2011-11-19 00:01 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat
    + 2010-10-22 20:48 . 2011-11-19 09:27 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat
    + 2010-10-22 18:08 . 2011-11-21 15:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2010-10-22 18:08 . 2011-11-19 00:27 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-11-07 22:41 . 2011-11-21 15:02 3500 c:\windows\system32\wdi\ERCQueuedResolutions.dat
    - 2011-11-19 00:22 . 2011-11-19 00:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-11-21 15:03 . 2011-11-21 15:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-11-21 15:03 . 2011-11-21 15:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-11-19 00:22 . 2011-11-19 00:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2009-07-14 05:30 . 2011-11-04 08:55 143360 c:\windows\system32\DriverStore\infstrng.dat
    + 2009-07-14 05:30 . 2011-11-19 16:17 143360 c:\windows\system32\DriverStore\infstrng.dat
    - 2009-07-14 05:01 . 2011-11-19 00:21 415556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2009-07-14 05:01 . 2011-11-21 15:02 415556 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2011-11-19 16:21 . 2011-11-19 16:21 380928 c:\windows\Installer\{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}\iTunesIco.exe
    + 2011-09-14 03:54 . 2011-09-14 03:54 236904 c:\windows\Installer\$PatchCache$\Managed\638401577CACE4443AE9F3455191245F\4.0.0\OutlookChangeNotifierAddIn_x64.dll
    + 2011-09-14 03:54 . 2011-09-14 03:54 227176 c:\windows\Installer\$PatchCache$\Managed\638401577CACE4443AE9F3455191245F\4.0.0\OutlookChangeNotifierAddIn.dll
    + 2010-11-09 17:54 . 2011-11-19 18:01 25210640 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1863726558-3776486946-1034311972-1001-12288.dat
    + 2011-11-19 16:16 . 2011-11-19 16:16 44277248 c:\windows\Installer\17d6515.msi
    + 2011-11-19 16:16 . 2011-11-19 16:16 11081728 c:\windows\Installer\17d5973.msi
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}]
    2009-11-20 17:34 87472 ----a-w- c:\progra~2\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EC8FCB46-9F27-476E-B26A-93989316D2FB}]
    2010-10-28 23:05 90624 ----a-w- c:\program files (x86)\WebAdSystem\BrowserExtensions\internetexplorer\WebAdSystemBho.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}"= "c:\progra~2\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll" [2009-11-20 87472]
    "{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}"= "c:\program files (x86)\vShare.tv plugin\BarLcher.dll" [2011-06-01 177712]
    .
    [HKEY_CLASSES_ROOT\clsid\{abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f}]
    .
    [HKEY_CLASSES_ROOT\clsid\{7ac3e13b-3bca-4158-b330-f66dbb03c1b5}]
    [HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher.1]
    [HKEY_CLASSES_ROOT\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}]
    [HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-23 39408]
    "KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-11-08 929168]
    "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-01-29 3372856]
    "Facebook Update"="c:\users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-26 137536]
    "ManyCam"="c:\program files (x86)\ManyCam\Bin\ManyCam.exe" [2011-09-29 1756232]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]
    "Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
    "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
    "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-11-12 421736]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
    "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-11 559616]
    .
    c:\users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]
    .
    c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-23 136176]
    R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
    R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-23 136176]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
    R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
    R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
    R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-05-25 16392]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 169312]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
    S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]
    S2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe [2010-04-14 1052328]
    S2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe [2010-04-14 45736]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
    S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-17 2320920]
    S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x]
    S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
    S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
    S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
    .
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2011-11-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1863726558-3776486946-1034311972-1001Core.job
    - c:\users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-26 12:52]
    .
    2011-11-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1863726558-3776486946-1034311972-1001UA.job
    - c:\users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-26 12:52]
    .
    2011-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-23 11:35]
    .
    2011-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-23 11:35]
    .
    2011-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1863726558-3776486946-1034311972-1001Core.job
    - c:\users\Arthur\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-25 11:35]
    .
    2011-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1863726558-3776486946-1034311972-1001UA.job
    - c:\users\Arthur\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-25 11:35]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
    "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
    "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-03 5712896]
    "lxebmon.exe"="c:\program files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe" [2010-05-05 770728]
    "EzPrint"="c:\program files (x86)\Lexmark Pro200-S500 Series\ezprint.exe" [2010-05-05 148280]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.com
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyServer = http=127.0.0.1:57374
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporter vers Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
    FF - ProfilePath - c:\users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\9f3p9h5a.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://startsear.ch/?aff=1
    FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=mcafee&p=
    FF - prefs.js: network.proxy.http - 127.0.0.1
    FF - prefs.js: network.proxy.http_port - 57374
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files (x86)\uTorrentBar\tbuTor.dll
    URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\Vuze_Remote\tbVuze.dll
    URLSearchHooks-{4daac69c-cba7-45e2-9bc8-1044483d3352} - (no file)
    BHO-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\Vuze_Remote\tbVuze.dll
    BHO-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files (x86)\uTorrentBar\tbuTor.dll
    Toolbar-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files (x86)\uTorrentBar\tbuTor.dll
    Toolbar-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\Vuze_Remote\tbVuze.dll
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
    WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
    WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
    WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file)
    WebBrowser-{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - (no file)
    .
    .
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------
    .
    [HKEY_USERS\S-1-5-21-1863726558-3776486946-1034311972-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-1863726558-3776486946-1034311972-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\AVAST Software\Avast\AvastSvc.exe
    c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
    c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
    .
    **************************************************************************
    .
    Heure de fin: 2011-11-21 16:12:27 - La machine a redémarré
    ComboFix-quarantined-files.txt 2011-11-21 15:12
    ComboFix2.txt 2011-11-19 00:36
    .
    Avant-CF: 193 373 442 048 octets libres
    Après-CF: 193 120 239 616 octets libres
    .
    - - End Of File - - 1F2F69A17C46CED32E3B3F5A9F51BC7B
    21 Novembre 2011 16:29:06

    Et voila mon rapport TDSSKILER:

    16:18:25.0200 3196 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
    16:18:25.0413 3196 ============================================================
    16:18:25.0413 3196 Current date / time: 2011/11/21 16:18:25.0413
    16:18:25.0413 3196 SystemInfo:
    16:18:25.0413 3196
    16:18:25.0413 3196 OS Version: 6.1.7601 ServicePack: 1.0
    16:18:25.0413 3196 Product type: Workstation
    16:18:25.0414 3196 ComputerName: ARTHUR-PC
    16:18:25.0414 3196 UserName: Arthur
    16:18:25.0414 3196 Windows directory: C:\Windows
    16:18:25.0414 3196 System windows directory: C:\Windows
    16:18:25.0414 3196 Running under WOW64
    16:18:25.0414 3196 Processor architecture: Intel x64
    16:18:25.0414 3196 Number of processors: 4
    16:18:25.0414 3196 Page size: 0x1000
    16:18:25.0414 3196 Boot type: Normal boot
    16:18:25.0414 3196 ============================================================
    16:18:25.0872 3196 Initialize success
    16:18:39.0043 6868 ============================================================
    16:18:39.0043 6868 Scan started
    16:18:39.0043 6868 Mode: Manual;
    16:18:39.0043 6868 ============================================================
    16:18:39.0948 6868 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    16:18:39.0952 6868 1394ohci - ok
    16:18:40.0079 6868 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    16:18:40.0085 6868 ACPI - ok
    16:18:40.0206 6868 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    16:18:40.0207 6868 AcpiPmi - ok
    16:18:40.0375 6868 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    16:18:40.0382 6868 adp94xx - ok
    16:18:40.0517 6868 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    16:18:40.0523 6868 adpahci - ok
    16:18:40.0674 6868 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    16:18:40.0677 6868 adpu320 - ok
    16:18:40.0822 6868 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    16:18:40.0829 6868 AFD - ok
    16:18:40.0956 6868 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    16:18:40.0957 6868 agp440 - ok
    16:18:41.0093 6868 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    16:18:41.0093 6868 aliide - ok
    16:18:41.0196 6868 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    16:18:41.0197 6868 amdide - ok
    16:18:41.0325 6868 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    16:18:41.0326 6868 AmdK8 - ok
    16:18:41.0448 6868 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    16:18:41.0450 6868 AmdPPM - ok
    16:18:41.0601 6868 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    16:18:41.0603 6868 amdsata - ok
    16:18:41.0711 6868 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    16:18:41.0714 6868 amdsbs - ok
    16:18:41.0836 6868 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    16:18:41.0837 6868 amdxata - ok
    16:18:42.0374 6868 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    16:18:42.0375 6868 AppID - ok
    16:18:42.0515 6868 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    16:18:42.0518 6868 arc - ok
    16:18:42.0604 6868 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    16:18:42.0606 6868 arcsas - ok
    16:18:42.0733 6868 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys
    16:18:42.0735 6868 aswFsBlk - ok
    16:18:42.0852 6868 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys
    16:18:42.0855 6868 aswMonFlt - ok
    16:18:42.0970 6868 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys
    16:18:42.0971 6868 aswRdr - ok
    16:18:43.0103 6868 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys
    16:18:43.0111 6868 aswSnx - ok
    16:18:43.0202 6868 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys
    16:18:43.0207 6868 aswSP - ok
    16:18:43.0320 6868 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys
    16:18:43.0322 6868 aswTdi - ok
    16:18:43.0424 6868 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    16:18:43.0425 6868 AsyncMac - ok
    16:18:43.0542 6868 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    16:18:43.0543 6868 atapi - ok
    16:18:43.0701 6868 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
    16:18:43.0702 6868 avgntflt - ok
    16:18:43.0843 6868 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
    16:18:43.0845 6868 avipbb - ok
    16:18:43.0960 6868 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    16:18:43.0966 6868 b06bdrv - ok
    16:18:44.0108 6868 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    16:18:44.0112 6868 b57nd60a - ok
    16:18:44.0237 6868 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
    16:18:44.0238 6868 BCM42RLY - ok
    16:18:44.0532 6868 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
    16:18:44.0615 6868 BCM43XX - ok
    16:18:44.0756 6868 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
    16:18:44.0757 6868 BcmVWL - ok
    16:18:44.0876 6868 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    16:18:44.0877 6868 Beep - ok
    16:18:44.0995 6868 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    16:18:44.0996 6868 blbdrive - ok
    16:18:45.0157 6868 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    16:18:45.0159 6868 bowser - ok
    16:18:45.0298 6868 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    16:18:45.0299 6868 BrFiltLo - ok
    16:18:45.0420 6868 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    16:18:45.0421 6868 BrFiltUp - ok
    16:18:45.0555 6868 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    16:18:45.0559 6868 Brserid - ok
    16:18:45.0753 6868 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    16:18:45.0754 6868 BrSerWdm - ok
    16:18:45.0838 6868 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    16:18:45.0839 6868 BrUsbMdm - ok
    16:18:45.0920 6868 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    16:18:45.0921 6868 BrUsbSer - ok
    16:18:46.0056 6868 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    16:18:46.0058 6868 BTHMODEM - ok
    16:18:46.0119 6868 catchme - ok
    16:18:46.0242 6868 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    16:18:46.0244 6868 cdfs - ok
    16:18:46.0436 6868 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    16:18:46.0439 6868 cdrom - ok
    16:18:46.0628 6868 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    16:18:46.0629 6868 circlass - ok
    16:18:46.0752 6868 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    16:18:46.0756 6868 CLFS - ok
    16:18:46.0922 6868 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    16:18:46.0923 6868 CmBatt - ok
    16:18:47.0038 6868 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    16:18:47.0039 6868 cmdide - ok
    16:18:47.0171 6868 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
    16:18:47.0177 6868 CNG - ok
    16:18:47.0320 6868 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    16:18:47.0321 6868 Compbatt - ok
    16:18:47.0458 6868 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    16:18:47.0459 6868 CompositeBus - ok
    16:18:47.0567 6868 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    16:18:47.0568 6868 crcdisk - ok
    16:18:47.0717 6868 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
    16:18:47.0720 6868 CtClsFlt - ok
    16:18:47.0895 6868 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    16:18:47.0896 6868 DfsC - ok
    16:18:48.0046 6868 dgderdrv (867fa8b9e9e3078f68c4089904bbf4b0) C:\Windows\system32\drivers\dgderdrv.sys
    16:18:48.0046 6868 dgderdrv - ok
    16:18:48.0185 6868 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    16:18:48.0185 6868 discache - ok
    16:18:48.0319 6868 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    16:18:48.0320 6868 Disk - ok
    16:18:48.0464 6868 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    16:18:48.0464 6868 drmkaud - ok
    16:18:48.0602 6868 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    16:18:48.0618 6868 DXGKrnl - ok
    16:18:48.0795 6868 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    16:18:48.0876 6868 ebdrv - ok
    16:18:49.0046 6868 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    16:18:49.0053 6868 elxstor - ok
    16:18:49.0140 6868 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    16:18:49.0141 6868 ErrDev - ok
    16:18:49.0289 6868 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    16:18:49.0292 6868 exfat - ok
    16:18:49.0351 6868 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    16:18:49.0354 6868 fastfat - ok
    16:18:49.0493 6868 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    16:18:49.0495 6868 fdc - ok
    16:18:49.0566 6868 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    16:18:49.0568 6868 FileInfo - ok
    16:18:49.0615 6868 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    16:18:49.0616 6868 Filetrace - ok
    16:18:49.0696 6868 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    16:18:49.0697 6868 flpydisk - ok
    16:18:49.0747 6868 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    16:18:49.0751 6868 FltMgr - ok
    16:18:49.0874 6868 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    16:18:49.0875 6868 FsDepends - ok
    16:18:49.0916 6868 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    16:18:49.0922 6868 Fs_Rec - ok
    16:18:50.0068 6868 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    16:18:50.0071 6868 fvevol - ok
    16:18:50.0170 6868 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    16:18:50.0172 6868 gagp30kx - ok
    16:18:50.0314 6868 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    16:18:50.0316 6868 GEARAspiWDM - ok
    16:18:50.0507 6868 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    16:18:50.0508 6868 hcw85cir - ok
    16:18:50.0649 6868 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    16:18:50.0654 6868 HdAudAddService - ok
    16:18:50.0797 6868 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    16:18:50.0800 6868 HDAudBus - ok
    16:18:50.0949 6868 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
    16:18:50.0950 6868 HECIx64 - ok
    16:18:51.0063 6868 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    16:18:51.0064 6868 HidBatt - ok
    16:18:51.0166 6868 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    16:18:51.0168 6868 HidBth - ok
    16:18:51.0290 6868 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    16:18:51.0292 6868 HidIr - ok
    16:18:51.0439 6868 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
    16:18:51.0440 6868 HidUsb - ok
    16:18:51.0582 6868 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    16:18:51.0583 6868 HpSAMD - ok
    16:18:51.0732 6868 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    16:18:51.0743 6868 HTTP - ok
    16:18:51.0868 6868 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    16:18:51.0870 6868 hwpolicy - ok
    16:18:52.0018 6868 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    16:18:52.0021 6868 i8042prt - ok
    16:18:52.0395 6868 iaStor (2064090c9faad92c090d77e50e735b2e) C:\Windows\system32\DRIVERS\iaStor.sys
    16:18:52.0400 6868 iaStor - ok
    16:18:52.0864 6868 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    16:18:52.0871 6868 iaStorV - ok
    16:18:53.0646 6868 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
    16:18:53.0843 6868 igfx - ok
    16:18:53.0980 6868 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    16:18:53.0981 6868 iirsp - ok
    16:18:54.0095 6868 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
    16:18:54.0098 6868 Impcd - ok
    16:18:54.0237 6868 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
    16:18:54.0241 6868 IntcDAud - ok
    16:18:54.0367 6868 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    16:18:54.0369 6868 intelide - ok
    16:18:54.0443 6868 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    16:18:54.0445 6868 intelppm - ok
    16:18:54.0540 6868 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    16:18:54.0542 6868 IpFilterDriver - ok
    16:18:54.0638 6868 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    16:18:54.0640 6868 IPMIDRV - ok
    16:18:54.0753 6868 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    16:18:54.0756 6868 IPNAT - ok
    16:18:54.0871 6868 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    16:18:54.0872 6868 IRENUM - ok
    16:18:54.0932 6868 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    16:18:54.0933 6868 isapnp - ok
    16:18:54.0992 6868 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    16:18:54.0995 6868 iScsiPrt - ok
    16:18:55.0033 6868 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    16:18:55.0035 6868 kbdclass - ok
    16:18:55.0154 6868 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    16:18:55.0155 6868 kbdhid - ok
    16:18:55.0208 6868 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
    16:18:55.0210 6868 KSecDD - ok
    16:18:55.0307 6868 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
    16:18:55.0309 6868 KSecPkg - ok
    16:18:55.0398 6868 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    16:18:55.0399 6868 ksthunk - ok
    16:18:55.0515 6868 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    16:18:55.0517 6868 lltdio - ok
    16:18:55.0670 6868 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    16:18:55.0671 6868 LSI_FC - ok
    16:18:55.0772 6868 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    16:18:55.0774 6868 LSI_SAS - ok
    16:18:55.0884 6868 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    16:18:55.0886 6868 LSI_SAS2 - ok
    16:18:56.0009 6868 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    16:18:56.0011 6868 LSI_SCSI - ok
    16:18:56.0120 6868 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    16:18:56.0122 6868 luafv - ok
    16:18:56.0323 6868 ManyCam (d33e2b74cf8b3a652bf0a9fbd068e87a) C:\Windows\system32\DRIVERS\ManyCam_x64.sys
    16:18:56.0325 6868 ManyCam - ok
    16:18:56.0488 6868 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
    16:18:56.0490 6868 MBAMProtector - ok
    16:18:56.0636 6868 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    16:18:56.0637 6868 megasas - ok
    16:18:56.0766 6868 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    16:18:56.0770 6868 MegaSR - ok
    16:18:56.0883 6868 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    16:18:56.0884 6868 Modem - ok
    16:18:57.0019 6868 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    16:18:57.0020 6868 monitor - ok
    16:18:57.0151 6868 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    16:18:57.0153 6868 mouclass - ok
    16:18:57.0292 6868 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    16:18:57.0293 6868 mouhid - ok
    16:18:57.0533 6868 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    16:18:57.0535 6868 mountmgr - ok
    16:18:57.0660 6868 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    16:18:57.0662 6868 mpio - ok
    16:18:57.0772 6868 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    16:18:57.0774 6868 mpsdrv - ok
    16:18:57.0906 6868 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    16:18:57.0908 6868 MRxDAV - ok
    16:18:58.0029 6868 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    16:18:58.0031 6868 mrxsmb - ok
    16:18:58.0165 6868 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    16:18:58.0169 6868 mrxsmb10 - ok
    16:18:58.0288 6868 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    16:18:58.0291 6868 mrxsmb20 - ok
    16:18:58.0440 6868 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    16:18:58.0441 6868 msahci - ok
    16:18:58.0725 6868 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    16:18:58.0727 6868 msdsm - ok
    16:18:58.0837 6868 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    16:18:58.0839 6868 Msfs - ok
    16:18:58.0937 6868 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    16:18:58.0938 6868 mshidkmdf - ok
    16:18:59.0039 6868 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    16:18:59.0040 6868 msisadrv - ok
    16:18:59.0163 6868 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    16:18:59.0164 6868 MSKSSRV - ok
    16:18:59.0277 6868 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    16:18:59.0278 6868 MSPCLOCK - ok
    16:18:59.0383 6868 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    16:18:59.0384 6868 MSPQM - ok
    16:18:59.0495 6868 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    16:18:59.0500 6868 MsRPC - ok
    16:18:59.0604 6868 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    16:18:59.0606 6868 mssmbios - ok
    16:18:59.0716 6868 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    16:18:59.0717 6868 MSTEE - ok
    16:18:59.0805 6868 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    16:18:59.0807 6868 MTConfig - ok
    16:18:59.0906 6868 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    16:18:59.0908 6868 Mup - ok
    16:19:00.0040 6868 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    16:19:00.0045 6868 NativeWifiP - ok
    16:19:00.0191 6868 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    16:19:00.0209 6868 NDIS - ok
    16:19:00.0318 6868 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    16:19:00.0320 6868 NdisCap - ok
    16:19:00.0454 6868 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    16:19:00.0455 6868 NdisTapi - ok
    16:19:00.0593 6868 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    16:19:00.0594 6868 Ndisuio - ok
    16:19:00.0718 6868 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    16:19:00.0721 6868 NdisWan - ok
    16:19:00.0851 6868 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    16:19:00.0852 6868 NDProxy - ok
    16:19:00.0966 6868 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    16:19:00.0968 6868 NetBIOS - ok
    16:19:01.0078 6868 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    16:19:01.0081 6868 NetBT - ok
    16:19:01.0242 6868 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    16:19:01.0244 6868 nfrd960 - ok
    16:19:01.0369 6868 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    16:19:01.0371 6868 Npfs - ok
    16:19:01.0491 6868 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    16:19:01.0492 6868 nsiproxy - ok
    16:19:01.0649 6868 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    16:19:01.0662 6868 Ntfs - ok
    16:19:01.0778 6868 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    16:19:01.0780 6868 Null - ok
    16:19:01.0934 6868 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    16:19:01.0936 6868 nvraid - ok
    16:19:02.0090 6868 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    16:19:02.0092 6868 nvstor - ok
    16:19:02.0252 6868 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    16:19:02.0254 6868 nv_agp - ok
    16:19:02.0425 6868 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    16:19:02.0427 6868 ohci1394 - ok
    16:19:02.0626 6868 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    16:19:02.0629 6868 Parport - ok
    16:19:02.0756 6868 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    16:19:02.0758 6868 partmgr - ok
    16:19:02.0898 6868 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    16:19:02.0901 6868 pci - ok
    16:19:03.0062 6868 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    16:19:03.0064 6868 pciide - ok
    16:19:03.0184 6868 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    16:19:03.0188 6868 pcmcia - ok
    16:19:03.0319 6868 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    16:19:03.0320 6868 pcw - ok
    16:19:03.0448 6868 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    16:19:03.0459 6868 PEAUTH - ok
    16:19:03.0676 6868 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    16:19:03.0679 6868 PptpMiniport - ok
    16:19:03.0805 6868 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    16:19:03.0807 6868 Processor - ok
    16:19:03.0964 6868 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    16:19:03.0967 6868 Psched - ok
    16:19:04.0096 6868 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
    16:19:04.0097 6868 PxHlpa64 - ok
    16:19:04.0261 6868 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    16:19:04.0295 6868 ql2300 - ok
    16:19:04.0457 6868 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    16:19:04.0459 6868 ql40xx - ok
    16:19:04.0572 6868 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    16:19:04.0573 6868 QWAVEdrv - ok
    16:19:04.0716 6868 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    16:19:04.0717 6868 RasAcd - ok
    16:19:04.0863 6868 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    16:19:04.0864 6868 RasAgileVpn - ok
    16:19:05.0035 6868 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    16:19:05.0038 6868 Rasl2tp - ok
    16:19:05.0208 6868 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    16:19:05.0210 6868 RasPppoe - ok
    16:19:05.0368 6868 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    16:19:05.0370 6868 RasSstp - ok
    16:19:05.0516 6868 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    16:19:05.0520 6868 rdbss - ok
    16:19:05.0656 6868 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    16:19:05.0657 6868 rdpbus - ok
    16:19:05.0796 6868 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    16:19:05.0797 6868 RDPCDD - ok
    16:19:05.0945 6868 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    16:19:05.0946 6868 RDPENCDD - ok
    16:19:06.0096 6868 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    16:19:06.0097 6868 RDPREFMP - ok
    16:19:06.0226 6868 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    16:19:06.0229 6868 RDPWD - ok
    16:19:06.0391 6868 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    16:19:06.0395 6868 rdyboost - ok
    16:19:06.0561 6868 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    16:19:06.0562 6868 rspndr - ok
    16:19:06.0716 6868 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
    16:19:06.0722 6868 RTL8167 - ok
    16:19:06.0862 6868 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    16:19:06.0864 6868 sbp2port - ok
    16:19:06.0984 6868 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    16:19:06.0985 6868 scfilter - ok
    16:19:07.0152 6868 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    16:19:07.0153 6868 secdrv - ok
    16:19:07.0325 6868 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    16:19:07.0326 6868 Serenum - ok
    16:19:07.0474 6868 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    16:19:07.0475 6868 Serial - ok
    16:19:07.0602 6868 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    16:19:07.0603 6868 sermouse - ok
    16:19:07.0745 6868 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    16:19:07.0746 6868 sffdisk - ok
    16:19:07.0881 6868 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    16:19:07.0882 6868 sffp_mmc - ok
    16:19:08.0015 6868 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    16:19:08.0016 6868 sffp_sd - ok
    16:19:08.0165 6868 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    16:19:08.0166 6868 sfloppy - ok
    16:19:08.0320 6868 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
    16:19:08.0330 6868 Sftfs - ok
    16:19:08.0503 6868 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
    16:19:08.0508 6868 Sftplay - ok
    16:19:08.0637 6868 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
    16:19:08.0638 6868 Sftredir - ok
    16:19:08.0773 6868 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
    16:19:08.0774 6868 Sftvol - ok
    16:19:08.0935 6868 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    16:19:08.0936 6868 SiSRaid2 - ok
    16:19:09.0060 6868 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    16:19:09.0063 6868 SiSRaid4 - ok
    16:19:09.0218 6868 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    16:19:09.0220 6868 Smb - ok
    16:19:09.0375 6868 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    16:19:09.0376 6868 spldr - ok
    16:19:09.0552 6868 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    16:19:09.0560 6868 srv - ok
    16:19:09.0695 6868 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    16:19:09.0700 6868 srv2 - ok
    16:19:09.0852 6868 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    16:19:09.0854 6868 srvnet - ok
    16:19:10.0009 6868 ssadbus (d52282225d5bd73a9cbf420699d1a0fe) C:\Windows\system32\DRIVERS\ssadbus.sys
    16:19:10.0011 6868 ssadbus - ok
    16:19:10.0174 6868 ssadmdfl (f7936ac6e8437e10e1ae488ce21f3086) C:\Windows\system32\DRIVERS\ssadmdfl.sys
    16:19:10.0175 6868 ssadmdfl - ok
    16:19:10.0304 6868 ssadmdm (1fe033372a58c67b3ecca903fc637b36) C:\Windows\system32\DRIVERS\ssadmdm.sys
    16:19:10.0306 6868 ssadmdm - ok
    16:19:10.0459 6868 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    16:19:10.0460 6868 stexstor - ok
    16:19:10.0634 6868 STHDA (4304b75094e106fb5423a290c95841e5) C:\Windows\system32\DRIVERS\stwrt64.sys
    16:19:10.0640 6868 STHDA - ok
    16:19:10.0804 6868 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    16:19:10.0805 6868 swenum - ok
    16:19:10.0969 6868 SynTP (8a3fbcb3d6d4710730d27da4392a4863) C:\Windows\system32\DRIVERS\SynTP.sys
    16:19:10.0974 6868 SynTP - ok
    16:19:11.0177 6868 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    16:19:11.0223 6868 Tcpip - ok
    16:19:11.0408 6868 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    16:19:11.0424 6868 TCPIP6 - ok
    16:19:11.0561 6868 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    16:19:11.0562 6868 tcpipreg - ok
    16:19:11.0720 6868 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    16:19:11.0721 6868 TDPIPE - ok
    16:19:11.0873 6868 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    16:19:11.0874 6868 TDTCP - ok
    16:19:12.0012 6868 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    16:19:12.0014 6868 tdx - ok
    16:19:12.0181 6868 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    16:19:12.0183 6868 TermDD - ok
    16:19:12.0378 6868 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys
    16:19:12.0379 6868 TFsExDisk - ok
    16:19:12.0558 6868 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    16:19:12.0559 6868 tssecsrv - ok
    16:19:12.0733 6868 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    16:19:12.0735 6868 TsUsbFlt - ok
    16:19:12.0905 6868 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    16:19:12.0908 6868 tunnel - ok
    16:19:13.0044 6868 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    16:19:13.0046 6868 uagp35 - ok
    16:19:13.0195 6868 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    16:19:13.0201 6868 udfs - ok
    16:19:13.0402 6868 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    16:19:13.0404 6868 uliagpkx - ok
    16:19:13.0545 6868 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    16:19:13.0547 6868 umbus - ok
    16:19:13.0683 6868 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    16:19:13.0684 6868 UmPass - ok
    16:19:13.0879 6868 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
    16:19:13.0880 6868 USBAAPL64 - ok
    16:19:14.0047 6868 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    16:19:14.0050 6868 usbccgp - ok
    16:19:14.0214 6868 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    16:19:14.0216 6868 usbcir - ok
    16:19:14.0380 6868 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
    16:19:14.0382 6868 usbehci - ok
    16:19:14.0585 6868 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    16:19:14.0590 6868 usbhub - ok
    16:19:14.0734 6868 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    16:19:14.0735 6868 usbohci - ok
    16:19:14.0905 6868 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    16:19:14.0906 6868 usbprint - ok
    16:19:15.0080 6868 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    16:19:15.0081 6868 usbscan - ok
    16:19:15.0222 6868 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
    16:19:15.0224 6868 USBSTOR - ok
    16:19:15.0375 6868 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
    16:19:15.0376 6868 usbuhci - ok
    16:19:15.0551 6868 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    16:19:15.0553 6868 usbvideo - ok
    16:19:15.0728 6868 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    16:19:15.0729 6868 vdrvroot - ok
    16:19:15.0879 6868 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    16:19:15.0881 6868 vga - ok
    16:19:16.0018 6868 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    16:19:16.0020 6868 VgaSave - ok
    16:19:16.0163 6868 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    16:19:16.0166 6868 vhdmp - ok
    16:19:16.0300 6868 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    16:19:16.0302 6868 viaide - ok
    16:19:16.0450 6868 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    16:19:16.0452 6868 volmgr - ok
    16:19:16.0599 6868 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    16:19:16.0604 6868 volmgrx - ok
    16:19:16.0749 6868 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    16:19:16.0753 6868 volsnap - ok
    16:19:16.0921 6868 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    16:19:16.0923 6868 vsmraid - ok
    16:19:17.0059 6868 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    16:19:17.0060 6868 vwifibus - ok
    16:19:17.0209 6868 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    16:19:17.0211 6868 vwififlt - ok
    16:19:17.0373 6868 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    16:19:17.0375 6868 WacomPen - ok
    16:19:17.0529 6868 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    16:19:17.0531 6868 WANARP - ok
    16:19:17.0556 6868 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    16:19:17.0558 6868 Wanarpv6 - ok
    16:19:17.0761 6868 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    16:19:17.0763 6868 Wd - ok
    16:19:17.0909 6868 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    16:19:17.0917 6868 Wdf01000 - ok
    16:19:18.0099 6868 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    16:19:18.0101 6868 WfpLwf - ok
    16:19:18.0260 6868 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
    16:19:18.0263 6868 WimFltr - ok
    16:19:18.0414 6868 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    16:19:18.0415 6868 WIMMount - ok
    16:19:18.0638 6868 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    16:19:18.0640 6868 WinUsb - ok
    16:19:18.0829 6868 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    16:19:18.0831 6868 WmiAcpi - ok
    16:19:19.0023 6868 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    16:19:19.0024 6868 ws2ifsl - ok
    16:19:19.0189 6868 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    16:19:19.0190 6868 WudfPf - ok
    16:19:19.0354 6868 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    16:19:19.0357 6868 WUDFRd - ok
    16:19:19.0518 6868 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
    16:19:19.0524 6868 yukonw7 - ok
    16:19:19.0565 6868 MBR (0x1B8) (c3220eb08add62e3ed9f72a1f4e4b1bb) \Device\Harddisk0\DR0
    16:19:19.0579 6868 \Device\Harddisk0\DR0 - ok
    16:19:19.0583 6868 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0
    16:19:19.0584 6868 \Device\Harddisk0\DR0\Partition0 - ok
    16:19:19.0597 6868 Boot (0x1200) (42830d70bbef9b5ec0b23baae40fa686) \Device\Harddisk0\DR0\Partition1
    16:19:19.0599 6868 \Device\Harddisk0\DR0\Partition1 - ok
    16:19:19.0599 6868 ============================================================
    16:19:19.0599 6868 Scan finished
    16:19:19.0599 6868 ============================================================
    16:19:19.0617 5568 Detected object count: 0
    16:19:19.0617 5568 Actual detected object count: 0
    16:19:54.0762 5852 Deinitialize success
    22 Novembre 2011 23:34:59

    Je n'arrive pas à désactiver le proxy, meme avec le tutot (tout était ok)

    Sinon je n'ai aucun autre problème!

    Merci beaucoup pour ton aide !! :) 
    23 Novembre 2011 13:22:30

    Bonjour
    on va utiliser un outil pour le supprimer alors...

  • Télécharge RogueKiller sur lon bureau

    http://www.sur-la-toile.com/RogueKiller/
  • Quitte tous les programmes en cours
  • Lance RogueKiller.exe.
    Sous Vista/Seven, faire un clic droit et choisir Exécuter en tant qu'administrateur.
  • Choisis l'option 4 et laisse tourner l'outil.

  • Poste le rapport RKreport.txt crée sur ton bureau.
    27 Novembre 2011 12:16:56

    Je n'avais pas vu que tu m'avais répondu!

    Voici le rapport:

    RogueKiller V6.1.10 [18/11/2011] par Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
    Blog: http://tigzyrk.blogspot.com

    Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Demarrage : Mode normal
    Utilisateur: Arthur [Droits d'admin]
    Mode: Proxy RAZ -- Date : 27/11/2011 12:16:13

    ¤¤¤ Processus malicieux: 0 ¤¤¤

    ¤¤¤ Driver: [NOT LOADED] ¤¤¤

    ¤¤¤ Entrees de registre: 1 ¤¤¤
    [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (http=127.0.0.1:57374) -> DELETED

    Termine : << RKreport[1].txt >>
    RKreport[1].txt


    27 Novembre 2011 16:56:03

    Bonjour
    d'autres soucis?
    28 Novembre 2011 23:11:06

    Non tout est nickel maintenant!

    Merci pour ta grande aide, c'est super sympa!
    29 Novembre 2011 21:09:35

    Bonsoir



    Supprime/Désinstalle tous les programmes utilisés pour la désinfection.
    (mais garde Malwarebytes' Anti-Malware pour faire des scan réguliers (en n'omettant pas de le mettre à jour)

    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!

    ~Clique, sur ton premier message, sur le bouton "Editer" et marque [résolu] dans le titre.

    Clique ensuite sur "Valider votre message"

    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 

    ++++++
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS