Votre question

Virus trojan ADH comment le supprimer ?? [RESOLU]

Tags :
  • Trojan
  • Sécurité
Dernière réponse : dans Sécurité et virus
12 Avril 2011 18:16:17

Bonjour, depuis hier soir j'ai un virus qui bloque ma connexion a internet ! J'utilise l'anti virus AVAST !!
Pouvez-vous m'aider ! Je n'y connais vraiment rien en matière de virus etc...
Merci de m'aider au plus vite !!

Autres pages sur : virus trojan adh supprimer resolu

12 Avril 2011 18:27:26

Bonjour

Tu as fait une analyse de ton PC avec Avast ?
12 Avril 2011 18:31:24

J'ai fais un scan rapide et sa ma detecter 1676 infections :( 
Contenus similaires
12 Avril 2011 18:33:19

Wahhooou Tu peux mettre le rapport d'avast?
12 Avril 2011 18:41:06

Non j'arrive pas a envoier le rapport !! Comment faut il faire ?
12 Avril 2011 18:54:41

Ok

Tu vas supprimer ce rapport
Clique sur le bouton "Editer" en bas de page tu surlignes tout comme si tu voulais faire un copier ensuite clic droit supprimer

Je te prépare un scan a faire pendant ce temps
12 Avril 2011 18:59:31

Je ne vois pas le bouton "Editer" il se trouve sur le logiciel AVAST ou sur le bloc note ?
12 Avril 2011 19:13:15

En bas de ton message sur le forum


Télécharge OTL sur ton Bureau.

  • Prends le soin de fermer toutes les autres fenêtres Windows afin de ne pas interrompre le scan.
  • Double-clique sur OTL.exe pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
  • L'écran principal de OTL s'affiche:



    (1) Si ce n'est déjà fait, dans le paragraphe Registre: Approfondi, cocher le bouton-radio Avec liste blanche

    (2) Coche (en haut) la case située devant Tous les utilisateurs

    (3) Coche également les cases à côté de Recherche Lop et Recherche purity.

    (4) Sélectionne très précisément tout ce qui est en gras avec la souris et copie/colle le contenu dans la zone Personnalisation de la fenêtre OTL


    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    %systemroot%\System32\config\*.sav
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.dll /lockedfiles
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    iexplore.exe
    /md5stop



    (5) Puis cliquer sur le bouton Analyse

    - Laisser l'outil travailler sans l'interrompre.

  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau)

    Utilise le site http://pjjoint.malekal.com/ pour envoyer tes rapports, et poste le lien dans ta prochaine réponse.b]
    12 Avril 2011 20:49:15

    Ok pendant que je regarde tout çà

    Supprimes PC Tools

    Télécharge et exécute le Norton Removal Tool.
    Ce produit va désinstaller la majorité des traces des produits Symantec.

    Fais moi signe une fois terminé !
    12 Avril 2011 21:26:03

    J'ai executé le norton removal tool, après le redemarage de mon pc il le logiciel me demande de reinstaller mes produits norton ! Que dois-je faire ?
    12 Avril 2011 21:33:07

    Tu ne réinstalles rien du tout puisque ton antivirus est Avast tu n'as pas besoin de ce truc , ce que tu as fait c'est supprimer des restes de Norton !

    Relance OTL.exe.

    Fais un double clic sur l'icône pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

    Sélectionne très précisément tout ce qui est dans le cadre ci dessous , avec la souris et copie le contenu dans la zone "Personnalisation" de la fenêtre OTL

    RAS
    :Files
    C:\Users\Pauline\AppData\Roaming\ClickPotatoLite
    C:\Users\Pauline\AppData\Roaming\LimeWire
    C:\Users\Pauline\AppData\Roaming\OfferBox
    @Alternate Data Stream - 161 bytes -> C:\ProgramData\Temp:DFC5A2B2
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
    ipconfig /flushdns /c

    :OTL
    PRC - [2011/02/24 14:04:09 | 002,268,672 | ---- | M] (Kow Media) -- C:\Users\Pauline\AppData\Local\WahOO\WahOO.exe
    PRC - [2010/07/21 14:59:48 | 001,962,840 | ---- | M] (Secure Digital Services Limited) -- C:\Program Files (x86)\OfferBox\OfferBox.exe
    FF - HKLM\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.529.0\firefox\extensions [2010/09/09 22:26:31 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Program Files (x86)\OfferBox\offerboxffx@offerbox.com [2010/09/18 17:39:41 | 000,000,000 | ---D | M]
    O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
    O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O33 - MountPoints2\{0faf1363-60d6-11df-9465-806e6f6e6963}\Shell - %µ£%µ£ = AutoRun
    O33 - MountPoints2\{0faf1363-60d6-11df-9465-806e6f6e6963}\Shell\AutoRun\command - %µ£%µ£ = D:\install.exe -- [2010/06/29 12:54:00 | 032,343,552 | R--- | M] (Woonoz SAs)

    :Commands
    [emptytemp]
    [EMPTYFLASH]


  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler sans te servir du PC!!!!!
  • Copie et colle le rapport dans ta réponse stp
    12 Avril 2011 21:47:37

    All processes killed
    Error: Unable to interpret <RAS > in the current context!
    ========== FILES ==========
    C:\Users\Pauline\AppData\Roaming\ClickPotatoLite folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\xml\data folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\xml folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\promotion folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\mozilla-profile\updates\0 folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\mozilla-profile\updates folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\mozilla-profile\extensions folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\mozilla-profile\Cache folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\mozilla-profile folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\certificate folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\res\html folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\res\dtd folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\res folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\plugins folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\modules folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\greprefs folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\dictionaries folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US\chrome folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\chrome folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\defaults\pref folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\defaults\autoconfig folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\defaults folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\components folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner\chrome folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser\xulrunner folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\browser folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire\.AppSpecialShare folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\LimeWire folder moved successfully.
    C:\Users\Pauline\AppData\Roaming\OfferBox folder moved successfully.
    ADS C:\ProgramData\Temp:D FC5A2B2 deleted successfully.
    ADS C:\ProgramData\Temp:430C6D84 deleted successfully.
    < ipconfig /flushdns /c >
    Configuration IP de Windows
    Cache de r‚solution DNS vid‚.
    C:\Users\Pauline\Desktop\cmd.bat deleted successfully.
    C:\Users\Pauline\Desktop\cmd.txt deleted successfully.
    ========== OTL ==========
    No active process named WahOO.exe was found!
    No active process named OfferBox.exe was found!
    Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com deleted successfully.
    C:\Program Files (x86)\ClickPotatoLite\bin\10.0.529.0\firefox\extensions\plugins folder moved successfully.
    C:\Program Files (x86)\ClickPotatoLite\bin\10.0.529.0\firefox\extensions folder moved successfully.
    Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com deleted successfully.
    C:\Program Files (x86)\OfferBox\offerboxffx@offerbox.com\components folder moved successfully.
    C:\Program Files (x86)\OfferBox\offerboxffx@offerbox.com\chrome\content folder moved successfully.
    C:\Program Files (x86)\OfferBox\offerboxffx@offerbox.com\chrome folder moved successfully.
    C:\Program Files (x86)\OfferBox\offerboxffx@offerbox.com folder moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully.
    C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll moved successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0faf1363-60d6-11df-9465-806e6f6e6963}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0faf1363-60d6-11df-9465-806e6f6e6963}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0faf1363-60d6-11df-9465-806e6f6e6963}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0faf1363-60d6-11df-9465-806e6f6e6963}\ not found.
    File move failed. D:\install.exe scheduled to be moved on reboot.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Pauline
    ->Temp folder emptied: 314982742 bytes
    ->Temporary Internet Files folder emptied: 547858292 bytes
    ->Java cache emptied: 835963 bytes
    ->Flash cache emptied: 75267 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 35845489 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67843 bytes
    RecycleBin emptied: 512992 bytes

    Total Files Cleaned = 859,00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: Pauline
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0,00 mb


    OTL by OldTimer - Version 3.2.22.3 log created on 04122011_214123

    Files\Folders moved on Reboot...
    File move failed. D:\install.exe scheduled to be moved on reboot.
    C:\Users\Pauline\AppData\Local\Temp\Low\~DF3E52F2CAB0853153.TMP moved successfully.
    C:\Users\Pauline\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    File\Folder C:\Users\Pauline\AppData\Local\Temp\~DF01CF2912ED0E6F94.TMP not found!
    File\Folder C:\Users\Pauline\AppData\Local\Temp\~DF16881427150DFFDE.TMP not found!
    File\Folder C:\Users\Pauline\AppData\Local\Temp\~DFE2D546276CCA4C40.TMP not found!
    File\Folder C:\Users\Pauline\AppData\Local\Temp\~DFE97EE6BC8E12AB62.TMP not found!
    C:\Users\Pauline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YPU3UBWH\forum2[1].php moved successfully.
    C:\Users\Pauline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HBIIE969\like[1].php moved successfully.
    C:\Users\Pauline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
    C:\Users\Pauline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
    File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
    File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
    12 Avril 2011 21:51:30

    Ok

    Télécharge sur ton bureau: http://support.kaspersky.com/downloads/utils/tdsskiller... , dezippe le et execute le , un rapport sera crée ici:

    C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu

    tu as aussi directement l'executable là : http://support.kaspersky.com/downloads/utils/tdsskiller.exe

    execute le , La fenêtre suivante va s'ouvrir::



    Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
    Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:



    Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

    Si TDSS.tdl3 est détecté assure toi que Cure est bien coché.

    Si TDSS.tdl4(mbr) est détecté assure toi que Cure est bien coché.

    Si Suspicious file est indiqué, laisse l'option cochée sur Skip

    Clique sur Continue puis sur Reboot now pour redémarrer le PC.

    Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).



    Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.



  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :



  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen rapide".
  • Afin de lancer la recherche, clic sur " Rechercher ".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
  • Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
  • Si des infections sont présentes, clic sur "Afficher les résultats"
    puis sur "Supprimer la sélection".

    Enregistre le rapport sur ton Bureau.
  • Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
    12 Avril 2011 21:57:53

    2011/04/12 21:54:57.0980 2732 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
    2011/04/12 21:54:58.0728 2732 ================================================================================
    2011/04/12 21:54:58.0728 2732 SystemInfo:
    2011/04/12 21:54:58.0728 2732
    2011/04/12 21:54:58.0728 2732 OS Version: 6.1.7600 ServicePack: 0.0
    2011/04/12 21:54:58.0728 2732 Product type: Workstation
    2011/04/12 21:54:58.0728 2732 ComputerName: PAULINE-PC
    2011/04/12 21:54:58.0728 2732 UserName: Pauline
    2011/04/12 21:54:58.0728 2732 Windows directory: C:\Windows
    2011/04/12 21:54:58.0728 2732 System windows directory: C:\Windows
    2011/04/12 21:54:58.0728 2732 Running under WOW64
    2011/04/12 21:54:58.0728 2732 Processor architecture: Intel x64
    2011/04/12 21:54:58.0728 2732 Number of processors: 1
    2011/04/12 21:54:58.0728 2732 Page size: 0x1000
    2011/04/12 21:54:58.0728 2732 Boot type: Normal boot
    2011/04/12 21:54:58.0728 2732 ================================================================================
    2011/04/12 21:54:58.0962 2732 Initialize success
    2011/04/12 21:55:03.0502 0184 ================================================================================
    2011/04/12 21:55:03.0502 0184 Scan started
    2011/04/12 21:55:03.0502 0184 Mode: Manual;
    2011/04/12 21:55:03.0502 0184 ================================================================================
    2011/04/12 21:55:04.0797 0184 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
    2011/04/12 21:55:04.0953 0184 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
    2011/04/12 21:55:05.0031 0184 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
    2011/04/12 21:55:05.0234 0184 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    2011/04/12 21:55:05.0358 0184 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    2011/04/12 21:55:05.0483 0184 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    2011/04/12 21:55:05.0624 0184 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
    2011/04/12 21:55:05.0764 0184 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
    2011/04/12 21:55:05.0889 0184 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
    2011/04/12 21:55:06.0014 0184 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
    2011/04/12 21:55:06.0154 0184 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    2011/04/12 21:55:06.0404 0184 amdkmdag (09a3d41550116e898c4c6f2b941e6d07) C:\Windows\system32\DRIVERS\atipmdag.sys
    2011/04/12 21:55:06.0638 0184 amdkmdap (5e9d3213040458690ebb61c37ec685ba) C:\Windows\system32\DRIVERS\atikmpag.sys
    2011/04/12 21:55:06.0747 0184 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    2011/04/12 21:55:06.0872 0184 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
    2011/04/12 21:55:06.0996 0184 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    2011/04/12 21:55:07.0043 0184 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
    2011/04/12 21:55:07.0168 0184 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
    2011/04/12 21:55:07.0293 0184 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
    2011/04/12 21:55:07.0371 0184 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    2011/04/12 21:55:07.0418 0184 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    2011/04/12 21:55:07.0480 0184 aswFsBlk (e8184039d57365bee3eaa750375c44ad) C:\Windows\system32\drivers\aswFsBlk.sys
    2011/04/12 21:55:07.0652 0184 aswMonFlt (c671e9548d3d1b4cd15d0b164d9d01c7) C:\Windows\system32\drivers\aswMonFlt.sys
    2011/04/12 21:55:07.0730 0184 aswRdr (dee012d532c3f62ca099961505f41cf6) C:\Windows\system32\drivers\aswRdr.sys
    2011/04/12 21:55:07.0808 0184 aswSP (56bbd39753b9f7461c4de03c3217249d) C:\Windows\system32\drivers\aswSP.sys
    2011/04/12 21:55:07.0854 0184 aswTdi (193691b35598642a328d880483dc0ed9) C:\Windows\system32\drivers\aswTdi.sys
    2011/04/12 21:55:07.0917 0184 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/04/12 21:55:07.0948 0184 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
    2011/04/12 21:55:08.0104 0184 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
    2011/04/12 21:55:08.0276 0184 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
    2011/04/12 21:55:08.0478 0184 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    2011/04/12 21:55:08.0666 0184 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    2011/04/12 21:55:08.0868 0184 BCM43XX (5b5c36b2ec500462a715db6bcbaf5da7) C:\Windows\system32\DRIVERS\bcmwl664.sys
    2011/04/12 21:55:09.0040 0184 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    2011/04/12 21:55:09.0258 0184 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    2011/04/12 21:55:09.0321 0184 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
    2011/04/12 21:55:09.0399 0184 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    2011/04/12 21:55:09.0430 0184 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    2011/04/12 21:55:09.0461 0184 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    2011/04/12 21:55:09.0492 0184 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    2011/04/12 21:55:09.0524 0184 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    2011/04/12 21:55:09.0555 0184 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    2011/04/12 21:55:09.0586 0184 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    2011/04/12 21:55:09.0648 0184 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/04/12 21:55:09.0976 0184 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
    2011/04/12 21:55:10.0226 0184 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    2011/04/12 21:55:10.0304 0184 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    2011/04/12 21:55:10.0475 0184 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    2011/04/12 21:55:10.0522 0184 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
    2011/04/12 21:55:10.0584 0184 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
    2011/04/12 21:55:10.0756 0184 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    2011/04/12 21:55:10.0896 0184 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
    2011/04/12 21:55:11.0037 0184 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    2011/04/12 21:55:11.0224 0184 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
    2011/04/12 21:55:11.0364 0184 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    2011/04/12 21:55:11.0442 0184 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    2011/04/12 21:55:11.0614 0184 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
    2011/04/12 21:55:11.0754 0184 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    2011/04/12 21:55:11.0817 0184 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
    2011/04/12 21:55:11.0895 0184 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    2011/04/12 21:55:12.0051 0184 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/04/12 21:55:12.0207 0184 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    2011/04/12 21:55:12.0378 0184 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    2011/04/12 21:55:12.0488 0184 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
    2011/04/12 21:55:12.0628 0184 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    2011/04/12 21:55:12.0675 0184 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    2011/04/12 21:55:12.0722 0184 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    2011/04/12 21:55:12.0878 0184 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    2011/04/12 21:55:13.0002 0184 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    2011/04/12 21:55:13.0096 0184 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    2011/04/12 21:55:13.0174 0184 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
    2011/04/12 21:55:13.0221 0184 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    2011/04/12 21:55:13.0268 0184 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/04/12 21:55:13.0330 0184 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
    2011/04/12 21:55:13.0439 0184 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    2011/04/12 21:55:13.0626 0184 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    2011/04/12 21:55:13.0751 0184 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
    2011/04/12 21:55:13.0876 0184 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2011/04/12 21:55:13.0954 0184 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    2011/04/12 21:55:13.0985 0184 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    2011/04/12 21:55:14.0016 0184 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    2011/04/12 21:55:14.0141 0184 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
    2011/04/12 21:55:14.0344 0184 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
    2011/04/12 21:55:14.0438 0184 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
    2011/04/12 21:55:14.0484 0184 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
    2011/04/12 21:55:14.0609 0184 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
    2011/04/12 21:55:14.0718 0184 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
    2011/04/12 21:55:14.0999 0184 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
    2011/04/12 21:55:15.0342 0184 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    2011/04/12 21:55:15.0545 0184 IntcAzAudAddService (3edd3ce185da3e6aaec22adcfd7b1d54) C:\Windows\system32\drivers\RTKVHD64.sys
    2011/04/12 21:55:15.0639 0184 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
    2011/04/12 21:55:15.0686 0184 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    2011/04/12 21:55:15.0717 0184 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/04/12 21:55:15.0748 0184 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    2011/04/12 21:55:15.0779 0184 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    2011/04/12 21:55:15.0904 0184 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    2011/04/12 21:55:15.0982 0184 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
    2011/04/12 21:55:16.0029 0184 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
    2011/04/12 21:55:16.0169 0184 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
    2011/04/12 21:55:16.0310 0184 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    2011/04/12 21:55:16.0388 0184 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
    2011/04/12 21:55:16.0512 0184 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
    2011/04/12 21:55:16.0575 0184 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
    2011/04/12 21:55:16.0653 0184 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    2011/04/12 21:55:16.0809 0184 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
    2011/04/12 21:55:16.0996 0184 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/04/12 21:55:17.0168 0184 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    2011/04/12 21:55:17.0246 0184 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    2011/04/12 21:55:17.0277 0184 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    2011/04/12 21:55:17.0292 0184 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    2011/04/12 21:55:17.0355 0184 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    2011/04/12 21:55:17.0402 0184 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    2011/04/12 21:55:17.0433 0184 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    2011/04/12 21:55:17.0604 0184 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    2011/04/12 21:55:17.0698 0184 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    2011/04/12 21:55:17.0807 0184 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    2011/04/12 21:55:17.0948 0184 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    2011/04/12 21:55:18.0026 0184 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
    2011/04/12 21:55:18.0072 0184 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
    2011/04/12 21:55:18.0119 0184 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    2011/04/12 21:55:18.0182 0184 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
    2011/04/12 21:55:18.0228 0184 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/04/12 21:55:18.0275 0184 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/04/12 21:55:18.0384 0184 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/04/12 21:55:18.0478 0184 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
    2011/04/12 21:55:18.0556 0184 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
    2011/04/12 21:55:18.0650 0184 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    2011/04/12 21:55:18.0696 0184 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    2011/04/12 21:55:18.0728 0184 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
    2011/04/12 21:55:18.0868 0184 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/04/12 21:55:18.0946 0184 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/04/12 21:55:19.0008 0184 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    2011/04/12 21:55:19.0071 0184 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
    2011/04/12 21:55:19.0118 0184 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
    2011/04/12 21:55:19.0227 0184 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    2011/04/12 21:55:19.0289 0184 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    2011/04/12 21:55:19.0336 0184 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    2011/04/12 21:55:19.0476 0184 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    2011/04/12 21:55:19.0601 0184 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
    2011/04/12 21:55:19.0742 0184 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    2011/04/12 21:55:19.0882 0184 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    2011/04/12 21:55:19.0991 0184 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
    2011/04/12 21:55:20.0054 0184 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
    2011/04/12 21:55:20.0085 0184 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
    2011/04/12 21:55:20.0241 0184 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    2011/04/12 21:55:20.0303 0184 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
    2011/04/12 21:55:20.0646 0184 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    2011/04/12 21:55:20.0849 0184 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    2011/04/12 21:55:20.0912 0184 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    2011/04/12 21:55:21.0021 0184 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
    2011/04/12 21:55:21.0224 0184 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
    2011/04/12 21:55:21.0302 0184 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    2011/04/12 21:55:21.0348 0184 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
    2011/04/12 21:55:21.0364 0184 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
    2011/04/12 21:55:21.0411 0184 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
    2011/04/12 21:55:21.0442 0184 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
    2011/04/12 21:55:21.0504 0184 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    2011/04/12 21:55:21.0536 0184 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
    2011/04/12 21:55:21.0582 0184 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
    2011/04/12 21:55:21.0614 0184 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
    2011/04/12 21:55:21.0645 0184 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    2011/04/12 21:55:21.0692 0184 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    2011/04/12 21:55:21.0738 0184 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    2011/04/12 21:55:21.0972 0184 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/04/12 21:55:22.0035 0184 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    2011/04/12 21:55:22.0191 0184 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
    2011/04/12 21:55:22.0284 0184 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
    2011/04/12 21:55:22.0394 0184 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    2011/04/12 21:55:22.0550 0184 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    2011/04/12 21:55:22.0628 0184 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    2011/04/12 21:55:22.0659 0184 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/04/12 21:55:22.0830 0184 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    2011/04/12 21:55:22.0908 0184 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/04/12 21:55:22.0955 0184 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/04/12 21:55:22.0986 0184 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/04/12 21:55:23.0018 0184 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/04/12 21:55:23.0080 0184 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    2011/04/12 21:55:23.0111 0184 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/04/12 21:55:23.0220 0184 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    2011/04/12 21:55:23.0298 0184 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    2011/04/12 21:55:23.0345 0184 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
    2011/04/12 21:55:23.0392 0184 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
    2011/04/12 21:55:23.0548 0184 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/04/12 21:55:23.0626 0184 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
    2011/04/12 21:55:23.0688 0184 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
    2011/04/12 21:55:23.0829 0184 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    2011/04/12 21:55:23.0922 0184 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    2011/04/12 21:55:24.0016 0184 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    2011/04/12 21:55:24.0047 0184 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    2011/04/12 21:55:24.0110 0184 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
    2011/04/12 21:55:24.0125 0184 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    2011/04/12 21:55:24.0156 0184 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
    2011/04/12 21:55:24.0188 0184 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    2011/04/12 21:55:24.0234 0184 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    2011/04/12 21:55:24.0250 0184 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    2011/04/12 21:55:24.0359 0184 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    2011/04/12 21:55:24.0531 0184 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    2011/04/12 21:55:24.0702 0184 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
    2011/04/12 21:55:24.0765 0184 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
    2011/04/12 21:55:24.0827 0184 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/04/12 21:55:24.0921 0184 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    2011/04/12 21:55:25.0061 0184 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
    2011/04/12 21:55:25.0233 0184 SynTP (ed6d1424e5b0c21a57b28dd8508d6843) C:\Windows\system32\DRIVERS\SynTP.sys
    2011/04/12 21:55:25.0373 0184 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
    2011/04/12 21:55:25.0638 0184 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/04/12 21:55:25.0748 0184 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
    2011/04/12 21:55:25.0826 0184 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    2011/04/12 21:55:25.0872 0184 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    2011/04/12 21:55:25.0997 0184 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
    2011/04/12 21:55:26.0075 0184 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
    2011/04/12 21:55:26.0169 0184 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/04/12 21:55:26.0309 0184 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/04/12 21:55:26.0372 0184 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    2011/04/12 21:55:26.0528 0184 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
    2011/04/12 21:55:26.0621 0184 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
    2011/04/12 21:55:26.0715 0184 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
    2011/04/12 21:55:26.0808 0184 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
    2011/04/12 21:55:26.0918 0184 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    2011/04/12 21:55:26.0996 0184 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/04/12 21:55:27.0042 0184 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
    2011/04/12 21:55:27.0074 0184 usbehci (cb490987a7f6928a04bb838e3bd8a936) C:\Windows\system32\DRIVERS\usbehci.sys
    2011/04/12 21:55:27.0230 0184 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
    2011/04/12 21:55:27.0339 0184 usbhub (18124ef0a881a00ee222d02a3ee30270) C:\Windows\system32\DRIVERS\usbhub.sys
    2011/04/12 21:55:27.0417 0184 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
    2011/04/12 21:55:27.0510 0184 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    2011/04/12 21:55:27.0651 0184 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    2011/04/12 21:55:27.0713 0184 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2011/04/12 21:55:27.0760 0184 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
    2011/04/12 21:55:27.0900 0184 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
    2011/04/12 21:55:28.0056 0184 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
    2011/04/12 21:55:28.0228 0184 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/04/12 21:55:28.0306 0184 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    2011/04/12 21:55:28.0368 0184 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
    2011/04/12 21:55:28.0415 0184 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
    2011/04/12 21:55:28.0478 0184 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
    2011/04/12 21:55:28.0524 0184 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
    2011/04/12 21:55:28.0571 0184 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
    2011/04/12 21:55:28.0602 0184 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    2011/04/12 21:55:28.0649 0184 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    2011/04/12 21:55:28.0696 0184 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    2011/04/12 21:55:28.0836 0184 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
    2011/04/12 21:55:28.0992 0184 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    2011/04/12 21:55:29.0164 0184 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/04/12 21:55:29.0195 0184 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/04/12 21:55:29.0367 0184 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    2011/04/12 21:55:29.0460 0184 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    2011/04/12 21:55:29.0648 0184 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    2011/04/12 21:55:29.0741 0184 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    2011/04/12 21:55:29.0960 0184 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
    2011/04/12 21:55:30.0131 0184 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
    2011/04/12 21:55:30.0256 0184 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/04/12 21:55:30.0365 0184 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
    2011/04/12 21:55:30.0490 0184 ================================================================================
    2011/04/12 21:55:30.0490 0184 Scan finished
    2011/04/12 21:55:30.0490 0184 ================================================================================
    12 Avril 2011 22:03:20

    Je n'ai pas besoin de faire MalwareByte's Anti-Malware ?
    Mon pc n'a plus de virus ?
    Et est ce que je peux supprimer le logiciel OTL et les rapport sr mon bureau ?
    12 Avril 2011 22:09:43

    Si passe MBAM on a pas terminé je disais que c'était bon pour TDSkiller c'est tout!
    12 Avril 2011 22:24:05

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 6346

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    12/04/2011 22:20:24
    mbam-log-2011-04-12 (22-20-24).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 166145
    Temps écoulé: 2 minute(s), 39 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 20
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 7
    Fichier(s) infecté(s): 10

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\programdata\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files (x86)\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files (x86)\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files (x86)\clickpotatolite\bin\10.0.529.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files (x86)\clickpotatolite\bin\10.0.529.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    c:\program files (x86)\clickpotatolite\bin\10.0.529.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\programdata\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\programdata\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\programdata\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\programdata\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\programdata\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files (x86)\clickpotatolite\bin\10.0.529.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
    12 Avril 2011 22:27:41

    Sacré nettoyage

    Comment se comporte ton PC maintenant ?
    12 Avril 2011 22:32:04

    Oui en effet j'ai l'impression que mon pc a été remis au propre !
    J'ai plus de messages de AVAST me signalant que j'ai des menaces et cheval de troie !!
    Heureusement qu'il y a des gens doués en informatique comme vous pour aider les moins compétent !! Sa ma redonner le sourire pour ma fin de journée qui avait drôlement mal commencer.
    Merci hackinginterdit
    12 Avril 2011 22:33:23

    Je peux maintenant supprimer les logiciels et rapport de mon bureau ?
    12 Avril 2011 22:43:48

    Ok
    Lance OTL et clique sur purge outils.
    Le PC va redémarrer pour supprimer l'outil et sa quarantaine.


    Malwarebytes tu peux garder

    Télécharge TFC par OldTimer impérativement sur ton Bureau:

  • Faites un double clic sur TFC.exe pour le lancer.
  • L'outil va fermer tous les programmes lors de son exécution, donc vérifiez que vous avez sauvegardé tout votre travail en cours avant de commencer.
  • Cliquez sur le bouton Start pour lancer le processus. Selon la fréquence à laquelle vous supprimez vos fichiers temporaires, cela peut durer de quelques secondes à une minute ou deux. Laissez le programme s'exécuter sans l'interrompre.
  • Lorsqu'il a terminé, l'outil devrait faire redémarrer votre système.


    Lorsque terminé tu supprimes TFC


    pauline5600 Peux tu Ajouter [Résolu] au titre. Pour cela :
    Clique, sur ton premier message, sur le bouton "Editer"
    Rajoute la mention [RESOLU] à ton titre
    Clique ensuite sur "Valider votre message"

    Il ne me reste plus qu'à te souhaiter une bonne fin de soirée et un bon surf sans malwares !!!!






    12 Avril 2011 22:54:41

    Merci beaucoup ! :D 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS