Sujet Précédent Sujet Suivant

Svchost.exe met l'UC à 100%

Résolu/Fermé
Utilisateur anonyme - 25 juil. 2011 à 12:08
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014 - 30 juil. 2011 à 01:20
Bonjour à tous,

Je me retrouve confronter à un problème relativement embêtant. Le processus svchost.exe (censé être normal sur windows je sais) fait ramer mon PC, il met mon UC à 100%! Je pense que cela vient d'un virus, mais malgré divers scan (antivir et malwarebytes notamment), j'ai pu supprimer quelques "merdes" mais cela n'a malheureusement pas réglé mon problème. J'espère que vous pourrez m'apporter une aide précieuse afin de m'aider à résoudre ce problème et à éradiquer ce qui reste de néfastes sur mon ordinateur.

Merci d'avance de votre aide

24 réponses

  • 1
  • 2
Réponse 1 / 24
Utilisateur anonyme
25 juil. 2011 à 22:45
Ok
Relances TDSSkiller et post le rapport
1
Réponse 2 / 24
Utilisateur anonyme
25 juil. 2011 à 12:22
Bonjour

Post le rapport Mbam

On va faire une analyse de ton systéme.


* Télécharge ZHPDiag ( de Nicolas coolman ).
ou
ZHPDiag
ou
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

Ou le lien FTP en secours :
ftp://zebulon.fr/ZHPDiag2.exe

***********************
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, " exécuter en tant qu'Administrateur /!\
* Laisse toi guider lors de l'installation
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
0
kiwi3
Modifié par kiwi3 le 25/07/2011 à 13:44
J'ai lancé le scan avec ZHPDiag, mais le logiciel a bugué sur le fichier iejocddv.sys! Je l'avais déjà remarqué que ce fichier causait des bugs lors des scans, cela m'a fait pareil avec antivir et malwarebytes. En mode sans échec aucun soucis normalement par contre.
Dois-je effectuer le scan ZHPDiag en mode sans échec?

Merci de votre aide!
0
Utilisateur anonyme
25 juil. 2011 à 14:16
Oui fais le scan en mse
0
Utilisateur anonyme
Modifié par kiwi3 le 25/07/2011 à 15:22
Voila le scan ZHPDiag. Le résultat n'est pas sur un des 3 sites proposés car chaque tentative de chargement du fichier dessus c'est soldé par : une erreur est survenue lors du chargement de la page (même après plusieurs essais, actualisation de la page ...)

partage-facile.com/3TGBKAUFK5/zhpdiag.txt.html (il manque http://www. devant bien sur, mais sinon le lien ne s'affichait pas)
0
Utilisateur anonyme
25 juil. 2011 à 15:22
Pour heberger le rapport tu dois auparavant le compresser.
Pour cela tu fais
Clic droit sur ton rapport et envoyer vers et dossier compressé.Il te reste plus qu' a l'héberger et coller le lien ici.
0
Utilisateur anonyme
25 juil. 2011 à 15:48
Voila le lien sur cijoint alors : http://www.cijoint.fr/cjlink.php?file=cj201107/cijTTDaDbL.zip
0
Réponse 3 / 24
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014
Modifié par kiwi3 le 25/07/2011 à 17:05
Rapport ZHPDiag sur cijoint : http://www.cijoint.fr/cjlink.php?file=cj201107/cijTTDaDbL.zip

J'ai oublié de mentionner que malwarebytes me bloquait un nombre non négligeable d'ip sortante. J'ai été infecté par personal shield pro, il y quelques temps, je pensais avoir réussi à l'éradiquer, mais en fait le problème vient peut-être encore de là en partie!

Merci
0
Réponse 4 / 24
Utilisateur anonyme
25 juil. 2011 à 17:10
/!\ A l'attention de ceux qui passent sur ce sujet /!\
Le logiciel qui suit n'est pas à utiliser à la légère et peut faire des dégâts s'il est mal utilisé ! Ne le faites que si un helpeur du forum qui connait bien cet outil vous l'a recommandé.

/!\ Désactive tous tes logiciels de protection (Antivirus, Antispywares) /!\

* Télécharge combofix(de sUBs) sur ton Bureau.
* Double-clique sur ComboFix.exe afin de le lancer.
* Il va te demander d'installer la console de récupération : accepte. (important en cas de problème)
/!\ Ne touche ni à la souris, ni au clavier durant le scan /!\
* Lorsque la recherche sera terminée, un rapport apparaîtra.
* Héberge le rapport C:\Combofix.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
#Si combofix ne veut pas se lancer renommes le en ccm.exe et éxécutes le en mode sans échec .
Tutoriel officiel de Combofix : Tuto Combofix
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 24
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014
25 juil. 2011 à 20:08
Voila j'ai réalisé le scan : http://www.cijoint.fr/cjlink.php?file=cj201107/cij21vUOZC.zip
0
Réponse 6 / 24
Utilisateur anonyme
25 juil. 2011 à 20:28
* Télécharge load_tdsskiller (de Loup Blanc) sur ton Bureau

http://fradesch.perso.cegetel.net/transf/Load_tdsskiller.exe

* Lance load_tdsskiller en faisant un double-clic dessus / Lance par un clic-droit dessus ? Exécuter en temps qu'administrateur
* L'outil va se connecter pour télécharger une copie à jour de TDSSKiller, puis va lancer une analyse
* Lorsque l'outil a terminé son travail d'inspection, si des nuisibles ("Malicious objects") ont été trouvés, vérifier que l'option (Cure) est sélectionnée,
* Si des objects suspects ("Suspicious objects") ont été détectés, sur l'écran de demande de confirmation, modifier l'action à entreprendre et indiquer Quarantine (au lieu de Skip),
* A la fin, il te sera demandé d'appuyer sur une touche, puis le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (C:\tdsskiller\report.txt)


0
Réponse 7 / 24
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014
25 juil. 2011 à 21:11
Voila pour le scan :

2011/07/25 20:57:31.0093 1572 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/25 20:57:31.0406 1572 ================================================================================
2011/07/25 20:57:31.0406 1572 SystemInfo:
2011/07/25 20:57:31.0406 1572
2011/07/25 20:57:31.0406 1572 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/25 20:57:31.0406 1572 Product type: Workstation
2011/07/25 20:57:31.0406 1572 ComputerName: NOM-EB85C523610
2011/07/25 20:57:31.0406 1572 UserName: Administrateur
2011/07/25 20:57:31.0406 1572 Windows directory: C:\WINDOWS
2011/07/25 20:57:31.0406 1572 System windows directory: C:\WINDOWS
2011/07/25 20:57:31.0406 1572 Processor architecture: Intel x86
2011/07/25 20:57:31.0406 1572 Number of processors: 2
2011/07/25 20:57:31.0406 1572 Page size: 0x1000
2011/07/25 20:57:31.0406 1572 Boot type: Safe boot with network
2011/07/25 20:57:31.0406 1572 ================================================================================
2011/07/25 20:57:33.0343 1572 Initialize success
2011/07/25 20:57:40.0765 1632 ================================================================================
2011/07/25 20:57:40.0765 1632 Scan started
2011/07/25 20:57:40.0765 1632 Mode: Manual;
2011/07/25 20:57:40.0765 1632 ================================================================================
2011/07/25 20:57:42.0750 1632 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/25 20:57:42.0906 1632 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/25 20:57:43.0203 1632 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/25 20:57:43.0328 1632 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/25 20:57:44.0328 1632 appdrv01 (f951c27fe54e1b2b5ada9719289b4756) C:\WINDOWS\system32\Drivers\appdrv01.sys
2011/07/25 20:57:44.0562 1632 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/07/25 20:57:45.0187 1632 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/25 20:57:45.0296 1632 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/25 20:57:45.0578 1632 atksgt (72bc628af75c4c3250f2a3bac260265a) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/07/25 20:57:45.0703 1632 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/25 20:57:45.0921 1632 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/25 20:57:46.0031 1632 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/07/25 20:57:46.0265 1632 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/07/25 20:57:46.0359 1632 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/07/25 20:57:46.0453 1632 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/25 20:57:46.0937 1632 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/25 20:57:47.0062 1632 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/25 20:57:47.0203 1632 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/25 20:57:47.0406 1632 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/25 20:57:47.0453 1632 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/25 20:57:48.0125 1632 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/25 20:57:48.0359 1632 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/25 20:57:48.0500 1632 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/25 20:57:48.0718 1632 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/25 20:57:48.0953 1632 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/25 20:57:49.0375 1632 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
2011/07/25 20:57:49.0515 1632 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/25 20:57:49.0734 1632 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/07/25 20:57:49.0906 1632 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/25 20:57:50.0156 1632 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/25 20:57:50.0359 1632 FilterService (20fe03294ac1429ae88a64c2f754b0d4) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
2011/07/25 20:57:50.0468 1632 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/25 20:57:50.0546 1632 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/25 20:57:50.0687 1632 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/25 20:57:51.0046 1632 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/25 20:57:51.0093 1632 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/25 20:57:51.0218 1632 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/07/25 20:57:51.0437 1632 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/25 20:57:51.0578 1632 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/25 20:57:51.0765 1632 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/25 20:57:52.0062 1632 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/07/25 20:57:52.0140 1632 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/07/25 20:57:52.0359 1632 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/07/25 20:57:52.0484 1632 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/25 20:57:52.0906 1632 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/25 20:57:53.0031 1632 iejocddv (0787f6b8d1d81487ec7988ddb00e30be) C:\WINDOWS\system32\drivers\iejocddv.sys
2011/07/25 20:57:53.0031 1632 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\iejocddv.sys. md5: 0787f6b8d1d81487ec7988ddb00e30be
2011/07/25 20:57:53.0046 1632 iejocddv - detected LockedFile.Multi.Generic (1)
2011/07/25 20:57:53.0265 1632 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/25 20:57:53.0734 1632 IntcAzAudAddService (db01625d8e286cd17b94dcf088713d7f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/25 20:57:54.0250 1632 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/25 20:57:54.0343 1632 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/25 20:57:54.0546 1632 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/25 20:57:54.0640 1632 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/25 20:57:54.0953 1632 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/25 20:57:55.0015 1632 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/25 20:57:55.0296 1632 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/25 20:57:55.0390 1632 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/25 20:57:55.0625 1632 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/25 20:57:55.0765 1632 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/25 20:57:56.0015 1632 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/25 20:57:56.0125 1632 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/25 20:57:56.0468 1632 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/07/25 20:57:56.0718 1632 ltmodem5 (919de7d76d2c0c0139e08b3e7592d62e) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
2011/07/25 20:57:56.0906 1632 lvpopflt (af280405c10f0d20f37670b7432e5c2f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
2011/07/25 20:57:57.0109 1632 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2011/07/25 20:57:57.0234 1632 LVRS (e52f5a2cadcf08d07f559962f807a0a2) C:\WINDOWS\system32\DRIVERS\lvrs.sys
2011/07/25 20:57:57.0656 1632 LVUVC (c3d02260beb2b48dea1efdfca91e4b69) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
2011/07/25 20:57:58.0015 1632 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\WINDOWS\system32\drivers\mbam.sys
2011/07/25 20:57:58.0218 1632 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/25 20:57:58.0328 1632 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/25 20:57:58.0406 1632 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/25 20:57:58.0484 1632 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/25 20:57:58.0734 1632 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/25 20:57:59.0140 1632 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/25 20:57:59.0234 1632 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/25 20:57:59.0437 1632 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/25 20:57:59.0546 1632 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/25 20:57:59.0796 1632 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/25 20:57:59.0875 1632 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/25 20:57:59.0968 1632 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/25 20:58:00.0171 1632 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/25 20:58:00.0343 1632 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/25 20:58:00.0437 1632 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/25 20:58:00.0718 1632 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/25 20:58:00.0828 1632 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/25 20:58:00.0890 1632 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/25 20:58:01.0015 1632 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/25 20:58:01.0203 1632 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/25 20:58:01.0296 1632 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/25 20:58:01.0437 1632 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/25 20:58:01.0593 1632 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/25 20:58:01.0828 1632 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/07/25 20:58:02.0000 1632 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/25 20:58:02.0078 1632 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/25 20:58:02.0359 1632 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/25 20:58:02.0750 1632 nv (cd9ed87b4fc6ec41d3b5be0b923843fc) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/25 20:58:03.0281 1632 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/25 20:58:03.0343 1632 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/25 20:58:03.0468 1632 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/07/25 20:58:03.0703 1632 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/25 20:58:03.0750 1632 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/25 20:58:03.0875 1632 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/25 20:58:04.0109 1632 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/25 20:58:04.0218 1632 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/25 20:58:04.0296 1632 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/25 20:58:04.0968 1632 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/25 20:58:05.0187 1632 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
2011/07/25 20:58:05.0234 1632 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/25 20:58:05.0375 1632 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/25 20:58:05.0578 1632 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/25 20:58:05.0953 1632 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/25 20:58:06.0140 1632 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/25 20:58:06.0265 1632 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/25 20:58:06.0359 1632 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/25 20:58:06.0546 1632 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/25 20:58:06.0609 1632 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/25 20:58:06.0765 1632 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/25 20:58:06.0968 1632 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/25 20:58:07.0125 1632 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/07/25 20:58:07.0328 1632 SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
2011/07/25 20:58:07.0531 1632 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/25 20:58:07.0765 1632 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
2011/07/25 20:58:07.0953 1632 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/25 20:58:08.0203 1632 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/25 20:58:08.0546 1632 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/25 20:58:08.0687 1632 sptd (a199171385be17973fd800fa91f8f78a) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/25 20:58:08.0875 1632 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/25 20:58:08.0984 1632 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/25 20:58:09.0187 1632 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/07/25 20:58:09.0312 1632 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/25 20:58:09.0437 1632 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/25 20:58:09.0593 1632 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/25 20:58:10.0046 1632 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/25 20:58:10.0250 1632 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/25 20:58:10.0453 1632 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/25 20:58:10.0531 1632 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/25 20:58:10.0703 1632 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/25 20:58:11.0046 1632 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/25 20:58:11.0359 1632 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/25 20:58:11.0484 1632 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/07/25 20:58:11.0656 1632 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/25 20:58:11.0875 1632 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/25 20:58:11.0953 1632 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/25 20:58:12.0015 1632 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/25 20:58:12.0171 1632 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/25 20:58:12.0281 1632 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/25 20:58:12.0359 1632 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/25 20:58:12.0437 1632 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/25 20:58:12.0640 1632 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/25 20:58:12.0765 1632 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/25 20:58:12.0843 1632 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/07/25 20:58:12.0906 1632 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/25 20:58:13.0125 1632 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/25 20:58:13.0312 1632 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/25 20:58:13.0671 1632 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/25 20:58:13.0796 1632 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/25 20:58:13.0875 1632 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/25 20:58:14.0000 1632 MBR (0x1B8) (ed345b4f19cd4458c65e81fb64fe0694) \Device\Harddisk0\DR0
2011/07/25 20:58:14.0015 1632 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/07/25 20:58:14.0031 1632 Boot (0x1200) (075f2269468b0b8666c7e37a93cda69d) \Device\Harddisk0\DR0\Partition0
2011/07/25 20:58:14.0078 1632 Boot (0x1200) (1dde6b54f188783d28b6acf3f9b00731) \Device\Harddisk0\DR0\Partition1
2011/07/25 20:58:14.0093 1632 ================================================================================
2011/07/25 20:58:14.0093 1632 Scan finished
2011/07/25 20:58:14.0093 1632 ================================================================================
2011/07/25 20:58:14.0125 1636 Detected object count: 2
2011/07/25 20:58:14.0125 1636 Actual detected object count: 2
2011/07/25 20:58:54.0531 1636 iejocddv (0787f6b8d1d81487ec7988ddb00e30be) C:\WINDOWS\system32\drivers\iejocddv.sys
2011/07/25 20:58:54.0531 1636 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\iejocddv.sys. md5: 0787f6b8d1d81487ec7988ddb00e30be
2011/07/25 20:58:54.0531 1636 C:\WINDOWS\system32\drivers\iejocddv.sys - copied to quarantine
2011/07/25 20:58:54.0531 1636 LockedFile.Multi.Generic(iejocddv) - User select action: Quarantine
2011/07/25 20:58:54.0578 1636 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/07/25 20:58:54.0578 1636 \Device\Harddisk0\DR0 - ok
2011/07/25 20:58:54.0578 1636 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/07/25 20:59:03.0437 1564 Deinitialize success
0
Réponse 8 / 24
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014
25 juil. 2011 à 23:31
Voila le dernier scan, par contre j'ai remarqué qu'en mode sans échec j'avais un certain security solution ou protection (je sais plus) sur le bureau et si j'ai bon souvenir c'est un rogue non ?

2011/07/25 23:23:30.0781 1620 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/25 23:23:31.0093 1620 ================================================================================
2011/07/25 23:23:31.0093 1620 SystemInfo:
2011/07/25 23:23:31.0093 1620
2011/07/25 23:23:31.0093 1620 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/25 23:23:31.0093 1620 Product type: Workstation
2011/07/25 23:23:31.0093 1620 ComputerName: NOM-EB85C523610
2011/07/25 23:23:31.0093 1620 UserName: Administrateur
2011/07/25 23:23:31.0093 1620 Windows directory: C:\WINDOWS
2011/07/25 23:23:31.0093 1620 System windows directory: C:\WINDOWS
2011/07/25 23:23:31.0093 1620 Processor architecture: Intel x86
2011/07/25 23:23:31.0093 1620 Number of processors: 2
2011/07/25 23:23:31.0093 1620 Page size: 0x1000
2011/07/25 23:23:31.0093 1620 Boot type: Safe boot with network
2011/07/25 23:23:31.0093 1620 ================================================================================
2011/07/25 23:23:33.0968 1620 Initialize success
2011/07/25 23:23:39.0359 1692 ================================================================================
2011/07/25 23:23:39.0359 1692 Scan started
2011/07/25 23:23:39.0359 1692 Mode: Manual;
2011/07/25 23:23:39.0359 1692 ================================================================================
2011/07/25 23:23:40.0984 1692 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/25 23:23:41.0093 1692 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/25 23:23:41.0406 1692 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/25 23:23:41.0546 1692 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/25 23:23:42.0250 1692 appdrv01 (f951c27fe54e1b2b5ada9719289b4756) C:\WINDOWS\system32\Drivers\appdrv01.sys
2011/07/25 23:23:42.0609 1692 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/07/25 23:23:43.0171 1692 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/25 23:23:43.0218 1692 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/25 23:23:43.0359 1692 atksgt (72bc628af75c4c3250f2a3bac260265a) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/07/25 23:23:43.0625 1692 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/25 23:23:43.0765 1692 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/25 23:23:43.0875 1692 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/07/25 23:23:44.0109 1692 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/07/25 23:23:44.0203 1692 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/07/25 23:23:44.0343 1692 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/25 23:23:44.0812 1692 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/25 23:23:44.0921 1692 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/25 23:23:45.0078 1692 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/25 23:23:45.0265 1692 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/25 23:23:45.0328 1692 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/25 23:23:46.0109 1692 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/25 23:23:46.0375 1692 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/25 23:23:46.0500 1692 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/25 23:23:46.0578 1692 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/25 23:23:46.0875 1692 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/25 23:23:47.0187 1692 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
2011/07/25 23:23:47.0421 1692 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/25 23:23:47.0515 1692 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/07/25 23:23:47.0843 1692 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/25 23:23:48.0187 1692 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/25 23:23:48.0296 1692 FilterService (20fe03294ac1429ae88a64c2f754b0d4) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
2011/07/25 23:23:48.0343 1692 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/25 23:23:48.0421 1692 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/25 23:23:48.0640 1692 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/25 23:23:48.0859 1692 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/25 23:23:48.0921 1692 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/25 23:23:49.0203 1692 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/07/25 23:23:49.0281 1692 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/25 23:23:49.0500 1692 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/25 23:23:49.0562 1692 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/25 23:23:49.0921 1692 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/07/25 23:23:50.0015 1692 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/07/25 23:23:50.0234 1692 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/07/25 23:23:50.0359 1692 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/25 23:23:50.0750 1692 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/25 23:23:51.0046 1692 iejocddv (0787f6b8d1d81487ec7988ddb00e30be) C:\WINDOWS\system32\drivers\iejocddv.sys
2011/07/25 23:23:51.0046 1692 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\iejocddv.sys. md5: 0787f6b8d1d81487ec7988ddb00e30be
2011/07/25 23:23:51.0062 1692 iejocddv - detected LockedFile.Multi.Generic (1)
2011/07/25 23:23:51.0171 1692 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/25 23:23:51.0656 1692 IntcAzAudAddService (db01625d8e286cd17b94dcf088713d7f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/25 23:23:52.0046 1692 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/25 23:23:52.0171 1692 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/25 23:23:52.0265 1692 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/25 23:23:52.0453 1692 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/25 23:23:52.0578 1692 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/25 23:23:52.0671 1692 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/25 23:23:52.0953 1692 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/25 23:23:53.0062 1692 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/25 23:23:53.0281 1692 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/25 23:23:53.0406 1692 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/25 23:23:53.0468 1692 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/25 23:23:53.0671 1692 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/25 23:23:54.0078 1692 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/07/25 23:23:54.0203 1692 ltmodem5 (919de7d76d2c0c0139e08b3e7592d62e) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
2011/07/25 23:23:54.0343 1692 lvpopflt (af280405c10f0d20f37670b7432e5c2f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
2011/07/25 23:23:54.0578 1692 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2011/07/25 23:23:54.0703 1692 LVRS (e52f5a2cadcf08d07f559962f807a0a2) C:\WINDOWS\system32\DRIVERS\lvrs.sys
2011/07/25 23:23:55.0062 1692 LVUVC (c3d02260beb2b48dea1efdfca91e4b69) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
2011/07/25 23:23:55.0468 1692 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\WINDOWS\system32\drivers\mbam.sys
2011/07/25 23:23:55.0609 1692 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/25 23:23:55.0828 1692 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/25 23:23:55.0875 1692 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/25 23:23:55.0953 1692 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/25 23:23:56.0093 1692 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/25 23:23:56.0375 1692 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/25 23:23:56.0484 1692 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/25 23:23:56.0609 1692 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/25 23:23:56.0828 1692 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/25 23:23:56.0953 1692 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/25 23:23:57.0000 1692 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/25 23:23:57.0093 1692 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/25 23:23:57.0343 1692 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/25 23:23:57.0468 1692 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/25 23:23:57.0562 1692 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/25 23:23:57.0828 1692 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/25 23:23:57.0937 1692 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/25 23:23:58.0109 1692 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/25 23:23:58.0343 1692 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/25 23:23:58.0453 1692 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/25 23:23:58.0546 1692 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/25 23:23:58.0750 1692 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/25 23:23:58.0875 1692 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/25 23:23:59.0125 1692 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/07/25 23:23:59.0250 1692 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/25 23:23:59.0328 1692 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/25 23:23:59.0593 1692 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/25 23:23:59.0953 1692 nv (cd9ed87b4fc6ec41d3b5be0b923843fc) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/25 23:24:00.0265 1692 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/25 23:24:00.0328 1692 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/25 23:24:00.0562 1692 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/07/25 23:24:00.0734 1692 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/25 23:24:00.0890 1692 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/25 23:24:01.0000 1692 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/25 23:24:01.0140 1692 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/25 23:24:01.0421 1692 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/25 23:24:01.0515 1692 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/25 23:24:02.0218 1692 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/25 23:24:02.0375 1692 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
2011/07/25 23:24:02.0546 1692 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/25 23:24:02.0656 1692 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/25 23:24:02.0859 1692 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/25 23:24:03.0703 1692 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/25 23:24:03.0812 1692 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/25 23:24:04.0031 1692 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/25 23:24:04.0140 1692 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/25 23:24:04.0359 1692 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/25 23:24:04.0468 1692 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/25 23:24:04.0703 1692 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/25 23:24:04.0781 1692 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/25 23:24:05.0046 1692 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/07/25 23:24:05.0156 1692 SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
2011/07/25 23:24:05.0453 1692 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/25 23:24:05.0546 1692 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
2011/07/25 23:24:05.0890 1692 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/25 23:24:06.0062 1692 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/25 23:24:06.0328 1692 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/25 23:24:06.0609 1692 sptd (a199171385be17973fd800fa91f8f78a) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/25 23:24:06.0609 1692 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a199171385be17973fd800fa91f8f78a
2011/07/25 23:24:06.0625 1692 sptd - detected LockedFile.Multi.Generic (1)
2011/07/25 23:24:06.0750 1692 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/25 23:24:06.0968 1692 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/25 23:24:07.0078 1692 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/07/25 23:24:07.0296 1692 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/25 23:24:07.0421 1692 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/25 23:24:07.0468 1692 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/25 23:24:08.0015 1692 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/25 23:24:08.0171 1692 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/25 23:24:08.0250 1692 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/25 23:24:08.0437 1692 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/25 23:24:08.0578 1692 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/25 23:24:08.0953 1692 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/25 23:24:09.0281 1692 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/25 23:24:09.0406 1692 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/07/25 23:24:09.0578 1692 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/25 23:24:09.0734 1692 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/25 23:24:09.0828 1692 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/25 23:24:09.0875 1692 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/25 23:24:09.0937 1692 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/25 23:24:10.0109 1692 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/25 23:24:10.0203 1692 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/25 23:24:10.0281 1692 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/25 23:24:10.0390 1692 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/25 23:24:10.0562 1692 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/25 23:24:10.0734 1692 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/07/25 23:24:10.0781 1692 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/25 23:24:11.0000 1692 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/25 23:24:11.0187 1692 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/25 23:24:11.0578 1692 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/25 23:24:11.0781 1692 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/25 23:24:12.0015 1692 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/25 23:24:12.0140 1692 MBR (0x1B8) (0ac6d996bce152aed9600e6d6b797e2e) \Device\Harddisk0\DR0
2011/07/25 23:24:12.0171 1692 Boot (0x1200) (43bce902e8b024d1133c6bc959cc21de) \Device\Harddisk0\DR0\Partition0
2011/07/25 23:24:12.0203 1692 Boot (0x1200) (1dde6b54f188783d28b6acf3f9b00731) \Device\Harddisk0\DR0\Partition1
2011/07/25 23:24:12.0234 1692 ================================================================================
2011/07/25 23:24:12.0234 1692 Scan finished
2011/07/25 23:24:12.0234 1692 ================================================================================
2011/07/25 23:24:12.0265 1684 Detected object count: 2
2011/07/25 23:24:12.0265 1684 Actual detected object count: 2
2011/07/25 23:24:44.0718 1684 iejocddv (0787f6b8d1d81487ec7988ddb00e30be) C:\WINDOWS\system32\drivers\iejocddv.sys
2011/07/25 23:24:44.0718 1684 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\iejocddv.sys. md5: 0787f6b8d1d81487ec7988ddb00e30be
2011/07/25 23:24:44.0718 1684 C:\WINDOWS\system32\drivers\iejocddv.sys - copied to quarantine
2011/07/25 23:24:44.0718 1684 LockedFile.Multi.Generic(iejocddv) - User select action: Quarantine
2011/07/25 23:24:44.0843 1684 sptd (a199171385be17973fd800fa91f8f78a) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/25 23:24:44.0843 1684 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a199171385be17973fd800fa91f8f78a
2011/07/25 23:24:44.0843 1684 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
2011/07/25 23:24:44.0843 1684 LockedFile.Multi.Generic(sptd) - User select action: Quarantine
2011/07/25 23:25:14.0656 1616 Deinitialize success
0
Réponse 9 / 24
Utilisateur anonyme
26 juil. 2011 à 07:02
Voila le dernier scan, par contre j'ai remarqué qu'en mode sans échec j'avais un certain security solution ou protection (je sais plus) sur le bureau et si j'ai bon souvenir c'est un rogue non ?

Oui mais on s'en occupera apres avoir eliminé le rootkit.

Tu dois relancer TDsskiller et a la fin de son scan tu choisis l'option Quarantine
Postes le rapport
0
Réponse 10 / 24
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014
26 juil. 2011 à 10:08
Voila le scan et j'avais déjà choisis quarantaine les autres fois, c'est d'ailleurs marqué à la fin du rapport (user select action : quarantine) !

2011/07/26 09:46:52.0234 2784 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/26 09:46:52.0546 2784 ================================================================================
2011/07/26 09:46:52.0546 2784 SystemInfo:
2011/07/26 09:46:52.0546 2784
2011/07/26 09:46:52.0546 2784 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/26 09:46:52.0546 2784 Product type: Workstation
2011/07/26 09:46:52.0546 2784 ComputerName: NOM-EB85C523610
2011/07/26 09:46:52.0546 2784 UserName: Administrateur
2011/07/26 09:46:52.0546 2784 Windows directory: C:\WINDOWS
2011/07/26 09:46:52.0546 2784 System windows directory: C:\WINDOWS
2011/07/26 09:46:52.0546 2784 Processor architecture: Intel x86
2011/07/26 09:46:52.0546 2784 Number of processors: 2
2011/07/26 09:46:52.0546 2784 Page size: 0x1000
2011/07/26 09:46:52.0546 2784 Boot type: Safe boot with network
2011/07/26 09:46:52.0546 2784 ================================================================================
2011/07/26 09:46:55.0718 2784 Initialize success
2011/07/26 09:46:58.0781 2948 ================================================================================
2011/07/26 09:46:58.0781 2948 Scan started
2011/07/26 09:46:58.0781 2948 Mode: Manual;
2011/07/26 09:46:58.0781 2948 ================================================================================
2011/07/26 09:47:00.0625 2948 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/26 09:47:00.0718 2948 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/26 09:47:01.0078 2948 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/26 09:47:01.0234 2948 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/26 09:47:02.0062 2948 appdrv01 (f951c27fe54e1b2b5ada9719289b4756) C:\WINDOWS\system32\Drivers\appdrv01.sys
2011/07/26 09:47:02.0437 2948 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/07/26 09:47:02.0890 2948 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/26 09:47:03.0000 2948 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/26 09:47:03.0250 2948 atksgt (72bc628af75c4c3250f2a3bac260265a) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/07/26 09:47:03.0484 2948 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/26 09:47:03.0593 2948 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/26 09:47:03.0687 2948 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/07/26 09:47:03.0921 2948 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/07/26 09:47:04.0031 2948 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/07/26 09:47:04.0125 2948 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/26 09:47:04.0625 2948 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/26 09:47:04.0734 2948 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/26 09:47:04.0921 2948 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/26 09:47:05.0093 2948 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/26 09:47:05.0187 2948 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/26 09:47:06.0093 2948 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/26 09:47:06.0296 2948 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/26 09:47:06.0421 2948 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/26 09:47:06.0546 2948 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/26 09:47:06.0765 2948 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/26 09:47:07.0093 2948 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
2011/07/26 09:47:07.0328 2948 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/26 09:47:07.0437 2948 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/07/26 09:47:07.0578 2948 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/26 09:47:07.0890 2948 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/26 09:47:08.0015 2948 FilterService (20fe03294ac1429ae88a64c2f754b0d4) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
2011/07/26 09:47:08.0187 2948 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/26 09:47:08.0296 2948 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/26 09:47:08.0406 2948 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/26 09:47:08.0703 2948 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/26 09:47:08.0750 2948 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/26 09:47:09.0000 2948 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/07/26 09:47:09.0171 2948 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/26 09:47:09.0328 2948 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/26 09:47:09.0515 2948 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/26 09:47:09.0796 2948 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/07/26 09:47:09.0906 2948 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/07/26 09:47:10.0109 2948 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/07/26 09:47:10.0234 2948 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/26 09:47:10.0578 2948 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/26 09:47:10.0843 2948 iejocddv (0787f6b8d1d81487ec7988ddb00e30be) C:\WINDOWS\system32\drivers\iejocddv.sys
2011/07/26 09:47:10.0843 2948 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\iejocddv.sys. md5: 0787f6b8d1d81487ec7988ddb00e30be
2011/07/26 09:47:10.0859 2948 iejocddv - detected LockedFile.Multi.Generic (1)
2011/07/26 09:47:10.0937 2948 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/26 09:47:11.0296 2948 IntcAzAudAddService (db01625d8e286cd17b94dcf088713d7f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/26 09:47:11.0640 2948 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/26 09:47:11.0750 2948 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/26 09:47:11.0796 2948 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/26 09:47:12.0015 2948 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/26 09:47:12.0109 2948 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/26 09:47:12.0234 2948 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/26 09:47:12.0468 2948 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/26 09:47:12.0546 2948 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/26 09:47:12.0781 2948 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/26 09:47:12.0890 2948 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/26 09:47:13.0031 2948 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/26 09:47:13.0250 2948 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/26 09:47:13.0609 2948 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/07/26 09:47:13.0796 2948 ltmodem5 (919de7d76d2c0c0139e08b3e7592d62e) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
2011/07/26 09:47:14.0015 2948 lvpopflt (af280405c10f0d20f37670b7432e5c2f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
2011/07/26 09:47:14.0203 2948 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2011/07/26 09:47:14.0437 2948 LVRS (e52f5a2cadcf08d07f559962f807a0a2) C:\WINDOWS\system32\DRIVERS\lvrs.sys
2011/07/26 09:47:14.0781 2948 LVUVC (c3d02260beb2b48dea1efdfca91e4b69) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
2011/07/26 09:47:15.0156 2948 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\WINDOWS\system32\drivers\mbam.sys
2011/07/26 09:47:15.0343 2948 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/26 09:47:15.0515 2948 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/26 09:47:15.0609 2948 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/26 09:47:15.0781 2948 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/26 09:47:15.0953 2948 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/26 09:47:16.0218 2948 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/26 09:47:16.0343 2948 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/26 09:47:16.0437 2948 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/26 09:47:16.0640 2948 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/26 09:47:16.0765 2948 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/26 09:47:16.0812 2948 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/26 09:47:17.0031 2948 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/26 09:47:17.0140 2948 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/26 09:47:17.0328 2948 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/26 09:47:17.0453 2948 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/26 09:47:17.0640 2948 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/26 09:47:17.0812 2948 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/26 09:47:17.0984 2948 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/26 09:47:18.0078 2948 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/26 09:47:18.0234 2948 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/26 09:47:18.0406 2948 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/26 09:47:18.0484 2948 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/26 09:47:18.0609 2948 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/26 09:47:18.0843 2948 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/07/26 09:47:18.0984 2948 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/26 09:47:19.0171 2948 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/26 09:47:19.0312 2948 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/26 09:47:19.0703 2948 nv (cd9ed87b4fc6ec41d3b5be0b923843fc) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/26 09:47:20.0078 2948 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/26 09:47:20.0250 2948 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/26 09:47:20.0390 2948 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/07/26 09:47:20.0578 2948 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/26 09:47:20.0671 2948 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/26 09:47:20.0796 2948 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/26 09:47:20.0984 2948 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/26 09:47:21.0234 2948 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/26 09:47:21.0359 2948 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/26 09:47:22.0015 2948 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/26 09:47:22.0328 2948 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
2011/07/26 09:47:22.0625 2948 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/26 09:47:22.0781 2948 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/26 09:47:22.0921 2948 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/26 09:47:23.0765 2948 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/26 09:47:23.0937 2948 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/26 09:47:24.0093 2948 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/26 09:47:24.0265 2948 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/26 09:47:24.0343 2948 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/26 09:47:24.0562 2948 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/26 09:47:24.0671 2948 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/26 09:47:24.0890 2948 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/26 09:47:25.0078 2948 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/07/26 09:47:25.0312 2948 SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
2011/07/26 09:47:25.0531 2948 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/26 09:47:25.0703 2948 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
2011/07/26 09:47:25.0937 2948 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/26 09:47:26.0234 2948 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/26 09:47:26.0500 2948 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/26 09:47:26.0656 2948 sptd (a199171385be17973fd800fa91f8f78a) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/26 09:47:26.0656 2948 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a199171385be17973fd800fa91f8f78a
2011/07/26 09:47:26.0671 2948 sptd - detected LockedFile.Multi.Generic (1)
2011/07/26 09:47:26.0859 2948 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/26 09:47:26.0984 2948 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/26 09:47:27.0062 2948 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/07/26 09:47:27.0312 2948 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/26 09:47:27.0421 2948 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/26 09:47:27.0484 2948 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/26 09:47:27.0968 2948 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/26 09:47:28.0203 2948 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/26 09:47:28.0343 2948 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/26 09:47:28.0468 2948 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/26 09:47:28.0593 2948 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/26 09:47:28.0968 2948 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/26 09:47:29.0203 2948 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/26 09:47:29.0421 2948 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/07/26 09:47:29.0562 2948 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/26 09:47:29.0656 2948 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/26 09:47:29.0828 2948 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/26 09:47:29.0921 2948 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/26 09:47:30.0031 2948 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/26 09:47:30.0234 2948 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/26 09:47:30.0328 2948 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/26 09:47:30.0406 2948 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/26 09:47:30.0562 2948 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/26 09:47:30.0703 2948 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/26 09:47:30.0796 2948 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/07/26 09:47:30.0890 2948 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/26 09:47:31.0187 2948 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/26 09:47:31.0328 2948 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/26 09:47:31.0718 2948 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/26 09:47:31.0843 2948 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/26 09:47:31.0906 2948 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/26 09:47:32.0046 2948 MBR (0x1B8) (0ac6d996bce152aed9600e6d6b797e2e) \Device\Harddisk0\DR0
2011/07/26 09:47:32.0078 2948 MBR (0x1B8) (286aa8bb4fced9b685a4e240c93b4512) \Device\Harddisk1\DR3
2011/07/26 09:47:32.0296 2948 Boot (0x1200) (44839bee49b5d74cd6ee718dce955cc6) \Device\Harddisk0\DR0\Partition0
2011/07/26 09:47:32.0328 2948 Boot (0x1200) (1dde6b54f188783d28b6acf3f9b00731) \Device\Harddisk0\DR0\Partition1
2011/07/26 09:47:32.0359 2948 ================================================================================
2011/07/26 09:47:32.0359 2948 Scan finished
2011/07/26 09:47:32.0359 2948 ================================================================================
2011/07/26 09:47:32.0390 2936 Detected object count: 2
2011/07/26 09:47:32.0390 2936 Actual detected object count: 2
2011/07/26 09:48:26.0765 2936 iejocddv (0787f6b8d1d81487ec7988ddb00e30be) C:\WINDOWS\system32\drivers\iejocddv.sys
2011/07/26 09:48:26.0765 2936 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\iejocddv.sys. md5: 0787f6b8d1d81487ec7988ddb00e30be
2011/07/26 09:48:26.0765 2936 C:\WINDOWS\system32\drivers\iejocddv.sys - copied to quarantine
2011/07/26 09:48:26.0765 2936 LockedFile.Multi.Generic(iejocddv) - User select action: Quarantine
2011/07/26 09:48:26.0875 2936 sptd (a199171385be17973fd800fa91f8f78a) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/26 09:48:26.0875 2936 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a199171385be17973fd800fa91f8f78a
2011/07/26 09:48:26.0890 2936 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
2011/07/26 09:48:26.0890 2936 LockedFile.Multi.Generic(sptd) - User select action: Quarantine
2011/07/26 09:48:40.0843 3300 ================================================================================
2011/07/26 09:48:40.0843 3300 Scan started
2011/07/26 09:48:40.0843 3300 Mode: Manual;
2011/07/26 09:48:40.0843 3300 ================================================================================
2011/07/26 09:48:41.0265 3300 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/26 09:48:41.0406 3300 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/26 09:48:41.0734 3300 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/26 09:48:41.0828 3300 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/26 09:48:42.0468 3300 appdrv01 (f951c27fe54e1b2b5ada9719289b4756) C:\WINDOWS\system32\Drivers\appdrv01.sys
2011/07/26 09:48:42.0656 3300 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/07/26 09:48:43.0109 3300 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/26 09:48:43.0187 3300 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/26 09:48:43.0484 3300 atksgt (72bc628af75c4c3250f2a3bac260265a) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/07/26 09:48:43.0640 3300 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/26 09:48:43.0828 3300 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/26 09:48:43.0921 3300 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/07/26 09:48:44.0171 3300 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/07/26 09:48:44.0281 3300 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/07/26 09:48:44.0375 3300 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/26 09:48:44.0750 3300 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/26 09:48:44.0843 3300 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/26 09:48:44.0984 3300 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/26 09:48:45.0156 3300 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/26 09:48:45.0265 3300 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/26 09:48:46.0140 3300 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/26 09:48:46.0390 3300 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/26 09:48:46.0500 3300 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/26 09:48:46.0703 3300 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/26 09:48:46.0875 3300 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/26 09:48:47.0296 3300 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
2011/07/26 09:48:47.0468 3300 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/26 09:48:47.0609 3300 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/07/26 09:48:47.0828 3300 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/26 09:48:48.0125 3300 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/26 09:48:48.0234 3300 FilterService (20fe03294ac1429ae88a64c2f754b0d4) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
2011/07/26 09:48:48.0296 3300 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/26 09:48:48.0390 3300 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/26 09:48:48.0500 3300 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/26 09:48:48.0781 3300 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/26 09:48:48.0875 3300 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/26 09:48:49.0062 3300 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/07/26 09:48:49.0312 3300 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/26 09:48:49.0406 3300 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/26 09:48:49.0625 3300 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/26 09:48:49.0843 3300 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/07/26 09:48:50.0062 3300 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/07/26 09:48:50.0218 3300 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/07/26 09:48:50.0343 3300 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/26 09:48:50.0734 3300 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/26 09:48:50.0968 3300 iejocddv (0787f6b8d1d81487ec7988ddb00e30be) C:\WINDOWS\system32\drivers\iejocddv.sys
2011/07/26 09:48:50.0968 3300 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\iejocddv.sys. md5: 0787f6b8d1d81487ec7988ddb00e30be
2011/07/26 09:48:50.0984 3300 iejocddv - detected LockedFile.Multi.Generic (1)
2011/07/26 09:48:51.0093 3300 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/26 09:48:51.0531 3300 IntcAzAudAddService (db01625d8e286cd17b94dcf088713d7f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/26 09:48:51.0640 3300 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/26 09:48:51.0734 3300 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/26 09:48:51.0796 3300 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/26 09:48:51.0984 3300 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/26 09:48:52.0109 3300 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/26 09:48:52.0250 3300 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/26 09:48:52.0312 3300 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/26 09:48:52.0484 3300 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/26 09:48:52.0656 3300 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/26 09:48:52.0859 3300 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/26 09:48:52.0921 3300 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/26 09:48:53.0000 3300 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/26 09:48:53.0359 3300 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/07/26 09:48:53.0578 3300 ltmodem5 (919de7d76d2c0c0139e08b3e7592d62e) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
2011/07/26 09:48:53.0734 3300 lvpopflt (af280405c10f0d20f37670b7432e5c2f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
2011/07/26 09:48:53.0828 3300 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2011/07/26 09:48:54.0031 3300 LVRS (e52f5a2cadcf08d07f559962f807a0a2) C:\WINDOWS\system32\DRIVERS\lvrs.sys
2011/07/26 09:48:54.0375 3300 LVUVC (c3d02260beb2b48dea1efdfca91e4b69) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
2011/07/26 09:48:54.0500 3300 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\WINDOWS\system32\drivers\mbam.sys
2011/07/26 09:48:54.0750 3300 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/26 09:48:54.0859 3300 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/26 09:48:54.0890 3300 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/26 09:48:54.0968 3300 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/26 09:48:55.0171 3300 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/26 09:48:55.0296 3300 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/26 09:48:55.0421 3300 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/26 09:48:55.0625 3300 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/26 09:48:55.0734 3300 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/26 09:48:55.0921 3300 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/26 09:48:55.0968 3300 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/26 09:48:56.0078 3300 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/26 09:48:56.0187 3300 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/26 09:48:56.0390 3300 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/26 09:48:56.0484 3300 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/26 09:48:56.0718 3300 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/26 09:48:56.0796 3300 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/26 09:48:56.0968 3300 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/26 09:48:57.0062 3300 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/26 09:48:57.0218 3300 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/26 09:48:57.0421 3300 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/26 09:48:57.0515 3300 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/26 09:48:57.0578 3300 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/26 09:48:57.0875 3300 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/07/26 09:48:57.0984 3300 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/26 09:48:58.0046 3300 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/26 09:48:58.0328 3300 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/26 09:48:58.0671 3300 nv (cd9ed87b4fc6ec41d3b5be0b923843fc) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/26 09:48:58.0796 3300 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/26 09:48:59.0031 3300 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/26 09:48:59.0140 3300 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/07/26 09:48:59.0234 3300 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/26 09:48:59.0437 3300 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/26 09:48:59.0531 3300 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/26 09:48:59.0687 3300 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/26 09:48:59.0937 3300 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/26 09:49:00.0078 3300 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/26 09:49:00.0953 3300 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/26 09:49:01.0078 3300 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
2011/07/26 09:49:01.0234 3300 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/26 09:49:01.0312 3300 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/26 09:49:01.0484 3300 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/26 09:49:02.0218 3300 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/26 09:49:02.0375 3300 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/26 09:49:02.0531 3300 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/26 09:49:02.0640 3300 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/26 09:49:02.0796 3300 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/26 09:49:02.0937 3300 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/26 09:49:03.0031 3300 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/26 09:49:03.0265 3300 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/26 09:49:03.0406 3300 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/07/26 09:49:03.0593 3300 SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
2011/07/26 09:49:03.0781 3300 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/26 09:49:03.0984 3300 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
2011/07/26 09:49:04.0281 3300 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/26 09:49:04.0562 3300 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/26 09:49:04.0921 3300 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/26 09:49:05.0031 3300 sptd (a199171385be17973fd800fa91f8f78a) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/26 09:49:05.0031 3300 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a199171385be17973fd800fa91f8f78a
2011/07/26 09:49:05.0046 3300 sptd - detected LockedFile.Multi.Generic (1)
2011/07/26 09:49:05.0234 3300 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/26 09:49:05.0375 3300 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/26 09:49:05.0578 3300 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/07/26 09:49:05.0750 3300 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/26 09:49:05.0921 3300 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/26 09:49:06.0015 3300 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/26 09:49:06.0656 3300 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/26 09:49:06.0859 3300 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/26 09:49:07.0031 3300 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/26 09:49:07.0234 3300 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/26 09:49:07.0328 3300 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/26 09:49:07.0671 3300 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/26 09:49:07.0859 3300 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/26 09:49:08.0093 3300 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/07/26 09:49:08.0234 3300 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/26 09:49:08.0328 3300 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/26 09:49:08.0515 3300 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/26 09:49:08.0562 3300 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/26 09:49:08.0671 3300 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/26 09:49:08.0796 3300 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/26 09:49:08.0921 3300 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/26 09:49:09.0046 3300 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/26 09:49:09.0187 3300 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/26 09:49:09.0265 3300 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/26 09:49:09.0406 3300 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/07/26 09:49:09.0531 3300 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/26 09:49:09.0703 3300 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/26 09:49:09.0890 3300 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/26 09:49:10.0296 3300 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/26 09:49:10.0421 3300 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/26 09:49:10.0484 3300 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/26 09:49:10.0609 3300 MBR (0x1B8) (0ac6d996bce152aed9600e6d6b797e2e) \Device\Harddisk0\DR0
2011/07/26 09:49:10.0656 3300 MBR (0x1B8) (286aa8bb4fced9b685a4e240c93b4512) \Device\Harddisk1\DR3
2011/07/26 09:49:10.0859 3300 Boot (0x1200) (44839bee49b5d74cd6ee718dce955cc6) \Device\Harddisk0\DR0\Partition0
2011/07/26 09:49:10.0890 3300 Boot (0x1200) (1dde6b54f188783d28b6acf3f9b00731) \Device\Harddisk0\DR0\Partition1
2011/07/26 09:49:10.0921 3300 ================================================================================
2011/07/26 09:49:10.0921 3300 Scan finished
2011/07/26 09:49:10.0921 3300 ================================================================================
2011/07/26 09:49:10.0953 3292 Detected object count: 2
2011/07/26 09:49:10.0953 3292 Actual detected object count: 2
2011/07/26 09:49:19.0062 3292 iejocddv (0787f6b8d1d81487ec7988ddb00e30be) C:\WINDOWS\system32\drivers\iejocddv.sys
2011/07/26 09:49:19.0062 3292 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\iejocddv.sys. md5: 0787f6b8d1d81487ec7988ddb00e30be
2011/07/26 09:49:19.0078 3292 C:\WINDOWS\system32\drivers\iejocddv.sys - copied to quarantine
2011/07/26 09:49:19.0078 3292 LockedFile.Multi.Generic(iejocddv) - User select action: Quarantine
2011/07/26 09:49:19.0234 3292 sptd (a199171385be17973fd800fa91f8f78a) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/26 09:49:19.0234 3292 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a199171385be17973fd800fa91f8f78a
2011/07/26 09:49:19.0250 3292 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
2011/07/26 09:49:19.0250 3292 LockedFile.Multi.Generic(sptd) - User select action: Quarantine
2011/07/26 09:49:41.0968 2780 Deinitialize success
0
Réponse 11 / 24
Utilisateur anonyme
26 juil. 2011 à 16:26
* Télécharge OTL sur ton bureau.

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"


netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
userinit.exe
wininit.exe
iejocddv.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
nslookup www.google.fr /c
SAVEMBR:0
CREATERESTOREPOINT



* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Héberge le ou les rapports sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles , puis copie/colle le ou les liens fournit dans ta prochaine réponse sur le forum

PS:Tu peux retrouver les rapports dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

0
Réponse 12 / 24
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014
Modifié par kiwi3 le 26/07/2011 à 20:24
Scan effectué voila les deux rapports. Par contre, je l'ai réalisé en MSE sinon le fichier iejocddv.sys fait encore buguer le scan.

OTL : http://www.cijoint.fr/cjlink.php?file=cj201107/cijTqVwkEy.zip
Extras : http://www.cijoint.fr/cjlink.php?file=cj201107/cijw4oC8qT.zip
0
Réponse 13 / 24
Utilisateur anonyme
26 juil. 2011 à 20:50
Pense a sauvegarder le script a l'aide du bloc note sur ton bureau car en mode sans échec tu n'as pas accès a internet

* Redémarrer le PC.
* Au démarrage du PC, après la première image (celle du BIOS), tapoter la touche F8 jusqu'à l'apparition du menu des options avancées.
* Ensuite à l'aide des flèches du clavier, sélectionner "Mode sans échec" et valider par Entrer
* Note : Sur certains ordinateurs, c'est la touche F5 qu'il convient d'utiliser.


Une fois en mode sans echec relançes OTL , clic droit executer en tant qu'administrateur , Copies et colles le contenue de cette citation (en commençant bien à :OTL , les : inclus devant OTL) dans la partie inférieure d'OTL sous "Personalisation" et cette fois ci clic CORRECTION:

:OTL
O4 - HKCU\..\Run: [Security Solution 2011] C:\Documents and Settings\LocalService\Application Data\Security Solution\securitymanager.exe (iF© Systems)
[2011/07/11 19:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\Loaris
[2006/03/02 18:09:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\keyboard1.dat
[2011/02/25 17:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2006/03/06 14:09:44 | 000,000,514 | ---- | M] () -- C:\Installer.exe
[2011/07/11 19:01:13 | 000,401,920 | ---- | M] () MD5=BF7AC24217142859538EDB8C8DE6BB09 -- C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Téléchargements\explorer.exe
DRV - (iejocddv) -- C:\WINDOWS\System32\drivers\iejocddv.sys ()
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Reg Error: Key error.)
[2011/07/07 09:31:12 | 000,000,000 | ---D | C] -- C:\04c7deedcd55c90cc7d8a36824
[2011/07/25 20:53:39 | 000,001,943 | ---- | M] () -- C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Bureau\Security Solution.lnk
[2011/07/25 20:53:39 | 000,001,791 | ---- | M] () -- C:\Security Solution.lnk
[2011/07/25 20:53:33 | 004,771,843 | ---- | M] (iF© Systems) -- C:\WINDOWS\76D9750B.exe
[2011/07/06 21:16:03 | 000,101,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\iejocddv.sys


:Services
iejocddv

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Security Solution 2011"=-

:files
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:551BED5F
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4220A65C
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:30C46519
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8599F087
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:981349EA
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AB6C1D7
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:81F83028
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9398DBB4
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:680DD2F1
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:848CC150
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1F04E8D
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F880DE59
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:994AEA06
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1198CD34

:commands
[EmptyTemp]
[EmptyFlash]
[CREATERESTOREPOINT]
[ResetHosts]
[Reboot]


===>Copie_colle le contenu du rapport texte qui apparrait au redemarrage du pc .
0
Réponse 14 / 24
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014
27 juil. 2011 à 23:42
Voila le scan :


All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Documents and Settings\LocalService\Application Data\Security Solution\securitymanager.exe moved successfully.
C:\Program Files\Loaris\Trojan Remover 1.2\updates folder moved successfully.
C:\Program Files\Loaris\Trojan Remover 1.2 folder moved successfully.
C:\Program Files\Loaris folder moved successfully.
C:\WINDOWS\keyboard1.dat moved successfully.
C:\Documents and Settings\All Users\Application Data\Trymedia\stats folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Trymedia\Promos\Tryicons folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Trymedia\Promos folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Trymedia\licenses folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Trymedia\data folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Trymedia folder moved successfully.
C:\Installer.exe moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Téléchargements\explorer.exe moved successfully.
Service iejocddv stopped successfully!
Service iejocddv deleted successfully!
File move failed. C:\WINDOWS\system32\drivers\iejocddv.sys scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\prxConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.
C:\Program Files\Messenger_Plus_Live_France\prxtbMes2.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\ not found.
C:\04c7deedcd55c90cc7d8a36824\Graphics folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\3082 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\3076 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\2070 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\2052 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1055 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1053 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1049 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1046 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1045 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1044 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1043 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1042 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1041 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1040 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1038 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1037 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1036 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1035 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1033 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1032 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1031 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1030 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1029 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1028 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824\1025 folder moved successfully.
C:\04c7deedcd55c90cc7d8a36824 folder moved successfully.
C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Bureau\Security Solution.lnk moved successfully.
C:\Security Solution.lnk moved successfully.
C:\WINDOWS\76D9750B.exe moved successfully.
File move failed. C:\WINDOWS\system32\drivers\iejocddv.sys scheduled to be moved on reboot.
========== SERVICES/DRIVERS ==========
Error: No service named iejocddv was found to stop!
Unable to delete service\driver key iejocddv.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Security Solution 2011 deleted successfully.
========== FILES ==========
ADS C:\Documents and Settings\All Users\Application Data\TEMP:551BED5F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:4220A65C deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:30C46519 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:8599F087 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:981349EA deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:8AB6C1D7 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:81F83028 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:9398DBB4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:680DD2F1 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:848CC150 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:E1F04E8D deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:F880DE59 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:994AEA06 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:1198CD34 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Administrateur.NOM-EB85C523610
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 2925887 bytes
->Apple Safari cache emptied: 14336 bytes

User: Administrateur.NOM-EB85C523610.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrateur.NOM-EB85C523610.001
->Temp folder emptied: 2529860 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 1302614 bytes

User: All Users

User: Compaq_Propritaire

User: Compaq_Propriétaire
->Temp folder emptied: 65572 bytes
->Temporary Internet Files folder emptied: 751173 bytes
->Java cache emptied: 678525 bytes
->FireFox cache emptied: 395387517 bytes
->Google Chrome cache emptied: 6182154 bytes
->Apple Safari cache emptied: 81169408 bytes
->Flash cache emptied: 1930187 bytes

User: Compaq_Propriétaire.NOM-EB85C523610
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 294871 bytes
->Java cache emptied: 13591900 bytes
->FireFox cache emptied: 59964647 bytes
->Flash cache emptied: 1919411 bytes

User: Compaq_PropriÚtaire
->Temporary Internet Files folder emptied: 33170 bytes

User: Compaq_Propri?taire

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 13451 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 86614417 bytes
->Java cache emptied: 14859 bytes
->Flash cache emptied: 97046 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 39138 bytes
%systemroot%\System32 .tmp files removed: 6852448 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 29349053 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 660,00 mb


[EMPTYFLASH]

User: Administrateur

User: Administrateur.NOM-EB85C523610

User: Administrateur.NOM-EB85C523610.000

User: Administrateur.NOM-EB85C523610.001

User: All Users

User: Compaq_Propritaire

User: Compaq_Propriétaire
->Flash cache emptied: 0 bytes

User: Compaq_Propriétaire.NOM-EB85C523610
->Flash cache emptied: 0 bytes

User: Compaq_PropriÚtaire

User: Compaq_Propri?taire

User: Default User

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.26.1 log created on 07272011_004030
0
Réponse 15 / 24
Utilisateur anonyme
28 juil. 2011 à 16:34
Tres bien

Tu peux me refaire ceci=>https://forums.commentcamarche.net/forum/affich-22721771-svchost-exe-met-l-uc-a-100#22
0
Réponse 16 / 24
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014
28 juil. 2011 à 21:13
Voila le scan :

OTL logfile created on: 28/07/2011 20:12:30 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Compaq_Propriétaire\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1022,41 Mb Total Physical Memory | 789,01 Mb Available Physical Memory | 77,17% Memory free
2,40 Gb Paging File | 2,32 Gb Available in Paging File | 96,43% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 180,30 Gb Total Space | 26,30 Gb Free Space | 14,59% Space Free | Partition Type: NTFS
Drive D: | 5,99 Gb Total Space | 2,46 Gb Free Space | 41,14% Space Free | Partition Type: FAT32

Computer Name: NOM-EB85C523610 | User Name: Administrateur | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - C:\Documents and Settings\Compaq_Propriétaire\Bureau\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (AppMgmt) -- File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (appdrvrem01) Application Driver Auto Removal Service (01) -- C:\WINDOWS\System32\appdrvrem01.exe (Protection Technology)
SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (LVPrcSrv) -- C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (odserv) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (AMService) -- C:\WINDOWS\System32\setup.exe (Microsoft Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (a2AntiMalware) -- C:\Program Files\a-squared Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (iejocddv) -- C:\WINDOWS\System32\drivers\iejocddv.sys ()
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (appdrv01) Application Driver (01) -- C:\WINDOWS\system32\drivers\appdrv01.sys (Protection Technology)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech HD Webcam C270(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (ltmodem5) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys (LT)
DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (SBKUPNT) -- C:\WINDOWS\system32\drivers\SBKUPNT.SYS ()


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 11:00:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 11:01:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/21 20:31:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/20 12:23:40 | 000,000,000 | ---D | M]

[2010/06/09 15:41:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Application Data\Mozilla\Extensions
[2011/07/06 21:58:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Application Data\Mozilla\Firefox\Profiles\vx5cdh8o.default\extensions
[2011/07/08 10:34:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/08/06 20:05:39 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/02/14 01:00:17 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/04/19 07:12:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/02 07:57:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/07/08 10:34:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2009/07/11 21:14:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/06/21 20:31:33 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/09/04 02:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/03/24 11:10:44 | 000,114,688 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll
[2011/06/21 20:31:25 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/06/21 20:31:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/06/21 20:31:25 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/06/21 20:31:25 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/08/27 22:30:32 | 000,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2009/08/27 22:30:33 | 000,001,963 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.xml
[2011/06/21 20:31:25 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/06/21 20:31:25 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/07/27 23:50:39 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Security Solution] File not found
O4 - HKLM..\RunOnce: [FsVdInstReboot] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnce: [FsVdUnReboot] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Pages liées - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Pages similaires - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/11/23 23:21:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "maconfservice"
MsConfig - Services: "idsvc"
MsConfig - Services: "a2AntiMalware"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]FBSearch[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: iejocddv - C:\WINDOWS\System32\drivers\iejocddv.sys ()
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: iejocddv - C:\WINDOWS\System32\drivers\iejocddv.sys ()
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {3F7924B9-D148-3141-87B1-68F36043A940} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Error creating restore point.

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/07/28 00:16:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
[2011/07/27 00:40:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/25 20:58:54 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/07/25 20:57:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Application Data\DivX
[2011/07/25 20:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Security Solution
[2011/07/25 20:42:29 | 000,000,000 | ---D | C] -- C:\tdsskiller
[2011/07/25 20:06:00 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/07/25 19:54:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/07/25 19:06:30 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/07/25 19:06:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Menu Démarrer\Programmes\Outils d'administration
[2011/07/25 19:06:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Mes documents\Mes vidéos
[2011/07/25 17:25:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/07/25 17:25:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/07/25 17:25:55 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/07/25 17:25:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/07/25 17:25:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/07/25 17:23:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/07/25 13:09:35 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2011/07/25 07:15:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\lM02300KeBiA02300
[2011/07/24 20:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/07/24 20:27:29 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/07/24 20:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Borland Shared
[2011/07/20 17:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\cC02300CdLfO02300
[2011/07/20 14:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Application Data\Malwarebytes
[2011/07/15 14:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\kJ02300PlPgM02300
[2011/07/15 08:01:20 | 000,000,000 | ---D | C] -- C:\2b20f815c485039d1f65fa2c
[2011/07/12 11:20:54 | 000,083,816 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe
[2011/07/12 11:20:54 | 000,073,064 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll
[2011/07/11 18:49:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\kG02300MhCeP02300
[2011/07/08 10:34:38 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/07/08 10:34:27 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/07/08 10:34:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/07/08 10:34:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/07/07 18:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[2011/07/07 18:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\SDHelper (Spybot - Search & Destroy)
[2011/07/07 18:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[2011/07/07 18:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2011/07/07 09:14:10 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/07 09:14:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/07/07 09:14:03 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/07 09:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/06 23:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic
[2011/07/06 21:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\mJ02300EcKjE02300
[2011/07/06 21:13:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\HPQ
[2011/07/05 12:39:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2011/07/05 12:39:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/07/28 20:13:22 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/07/28 20:09:23 | 000,000,592 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\common.data
[2011/07/28 20:08:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/28 20:05:00 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7580AE29-9C51-4DFE-B39E-42CCCB4F7A48}.job
[2011/07/28 20:00:01 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2011/07/28 14:34:00 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/07/28 09:30:46 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Safari.lnk
[2011/07/28 00:16:26 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2011/07/27 23:50:39 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/07/25 20:32:46 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/25 20:04:38 | 000,002,946 | ---- | M] () -- C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Bureau\Aide et support.lnk
[2011/07/25 14:34:29 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2011/07/25 14:31:23 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2011/07/22 18:34:22 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/20 12:50:31 | 000,000,208 | ---- | M] () -- C:\WINDOWS\24BB3820
[2011/07/19 16:57:40 | 000,000,208 | ---- | M] () -- C:\WINDOWS\695E243B
[2011/07/18 21:46:15 | 000,000,208 | ---- | M] () -- C:\WINDOWS\125F5219
[2011/07/18 16:48:34 | 000,000,208 | ---- | M] () -- C:\WINDOWS\5475B975
[2011/07/17 10:16:22 | 000,000,208 | ---- | M] () -- C:\WINDOWS\1F6D0078
[2011/07/16 11:11:45 | 000,000,208 | ---- | M] () -- C:\WINDOWS\111E9C29
[2011/07/15 14:56:14 | 000,294,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/13 13:21:14 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2011/07/12 15:50:16 | 000,000,208 | ---- | M] () -- C:\WINDOWS\6980796C
[2011/07/12 12:49:59 | 000,000,208 | ---- | M] () -- C:\WINDOWS\7BD8CE81
[2011/07/12 11:20:54 | 000,083,816 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe
[2011/07/12 11:20:54 | 000,073,064 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll
[2011/07/10 21:40:07 | 000,000,208 | ---- | M] () -- C:\WINDOWS\1EC10B9B
[2011/07/09 21:42:00 | 000,000,208 | ---- | M] () -- C:\WINDOWS\5F9E7B50
[2011/07/08 14:58:36 | 000,000,208 | ---- | M] () -- C:\WINDOWS\28A68B82
[2011/07/08 03:18:20 | 000,628,568 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/07/08 03:18:20 | 000,551,778 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/08 03:18:20 | 000,120,630 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/07/08 03:18:20 | 000,101,188 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/07 23:45:22 | 000,000,208 | ---- | M] () -- C:\WINDOWS\5D3885C0
[2011/07/07 17:44:45 | 000,000,208 | ---- | M] () -- C:\WINDOWS\3F32A78A
[2011/07/07 15:20:28 | 000,000,208 | ---- | M] () -- C:\WINDOWS\76D9750B
[2011/07/06 21:16:03 | 000,101,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\iejocddv.sys
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/07/28 00:16:26 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2011/07/26 19:47:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/07/25 19:59:21 | 000,000,592 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\common.data
[2011/07/25 17:25:55 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/25 17:25:55 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/25 17:25:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/25 17:25:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/25 17:25:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/07/25 14:31:23 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2011/07/24 20:14:13 | 000,013,030 | ---- | C] () -- C:\PDOXUSRS.NET
[2011/07/24 20:12:07 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\BDEADMIN.CPL
[2011/07/23 07:38:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/20 12:50:31 | 000,000,208 | ---- | C] () -- C:\WINDOWS\24BB3820
[2011/07/19 16:57:40 | 000,000,208 | ---- | C] () -- C:\WINDOWS\695E243B
[2011/07/18 21:46:14 | 000,000,208 | ---- | C] () -- C:\WINDOWS\125F5219
[2011/07/18 16:48:34 | 000,000,208 | ---- | C] () -- C:\WINDOWS\5475B975
[2011/07/17 10:16:22 | 000,000,208 | ---- | C] () -- C:\WINDOWS\1F6D0078
[2011/07/16 11:11:45 | 000,000,208 | ---- | C] () -- C:\WINDOWS\111E9C29
[2011/07/12 15:50:16 | 000,000,208 | ---- | C] () -- C:\WINDOWS\6980796C
[2011/07/12 12:49:59 | 000,000,208 | ---- | C] () -- C:\WINDOWS\7BD8CE81
[2011/07/10 21:40:07 | 000,000,208 | ---- | C] () -- C:\WINDOWS\1EC10B9B
[2011/07/09 21:41:58 | 000,000,208 | ---- | C] () -- C:\WINDOWS\5F9E7B50
[2011/07/08 14:58:36 | 000,000,208 | ---- | C] () -- C:\WINDOWS\28A68B82
[2011/07/07 23:45:22 | 000,000,208 | ---- | C] () -- C:\WINDOWS\5D3885C0
[2011/07/07 17:44:45 | 000,000,208 | ---- | C] () -- C:\WINDOWS\3F32A78A
[2011/07/07 15:20:28 | 000,000,208 | ---- | C] () -- C:\WINDOWS\76D9750B
[2011/07/06 21:15:26 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\iejocddv.sys
[2011/06/18 07:50:23 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/03/11 18:25:15 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2011/03/11 18:25:15 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2011/03/11 18:25:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2011/03/11 18:25:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2010/12/22 21:22:30 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2010/11/21 16:39:15 | 000,070,543 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2010/11/21 16:39:15 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2010/11/20 01:27:39 | 001,179,388 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-531052898-3203154861-1614378856-1008-0.dat
[2010/11/20 01:27:30 | 000,287,970 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/09/02 17:36:07 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/06/09 15:39:33 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Administrateur.NOM-EB85C523610.001\Local Settings\Application Data\fusioncache.dat
[2010/05/14 23:56:06 | 010,830,680 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 23:56:06 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/14 23:55:58 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/14 23:47:00 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/07 18:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 18:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/04/15 18:43:43 | 000,008,802 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini
[2010/04/15 18:43:43 | 000,007,763 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini
[2010/04/15 18:43:43 | 000,007,207 | ---- | C] () -- C:\WINDOWS\Disktool.INI
[2010/04/15 18:43:43 | 000,006,565 | ---- | C] () -- C:\WINDOWS\fwupgrade.ini
[2010/04/15 18:43:43 | 000,003,677 | ---- | C] () -- C:\WINDOWS\SoundCon.INI
[2010/04/15 18:27:15 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/02/08 11:42:48 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/02/08 11:42:47 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/12/31 11:43:54 | 000,131,584 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2009/11/24 21:06:02 | 000,056,984 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/07/18 16:33:53 | 000,014,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\SBKUPNT.SYS
[2009/07/18 16:33:53 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\DEVLOAD.EXE
[2009/07/18 16:33:19 | 000,002,799 | ---- | C] () -- C:\WINDOWS\SKLANG.INI
[2009/02/03 23:19:54 | 000,163,845 | ---- | C] () -- C:\WINDOWS\Audio Converter Pro Uninstaller.exe
[2008/12/03 20:12:16 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2008/09/24 17:56:41 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2008/07/17 21:31:13 | 000,015,397 | ---- | C] () -- C:\Program Files\settings.dat
[2008/04/25 22:25:06 | 000,105,220 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2008/03/29 00:34:03 | 000,000,041 | -H-- | C] () -- C:\WINDOWS\dpre2160.dat
[2008/02/12 14:30:52 | 000,000,060 | ---- | C] () -- C:\WINDOWS\game.ini
[2008/01/03 11:59:07 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2007/12/15 23:56:05 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\dpre7602.dat
[2007/09/21 13:10:24 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/09/03 12:03:24 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2007/09/02 11:08:05 | 000,000,030 | ---- | C] () -- C:\WINDOWS\SWPRODPB.INI
[2007/08/28 17:20:05 | 000,000,091 | ---- | C] () -- C:\WINDOWS\fpxpress.ini
[2007/08/02 11:28:35 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007/07/28 17:17:34 | 000,000,023 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2007/06/22 12:12:45 | 000,070,543 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2007/06/22 12:12:44 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat.temp
[2007/02/24 18:49:34 | 000,000,537 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2007/02/07 13:30:00 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2007/02/07 13:25:10 | 000,000,347 | ---- | C] () -- C:\WINDOWS\MPW.INI
[2006/11/28 19:14:05 | 000,000,387 | ---- | C] () -- C:\WINDOWS\3DBELOTE2.INI
[2006/09/16 06:55:04 | 000,016,384 | ---- | C] () -- C:\WINDOWS\FSRunCmd.exe
[2006/04/15 10:50:52 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2006/04/08 20:40:59 | 000,088,064 | ---- | C] () -- C:\WINDOWS\AMUninst01c.exe
[2006/03/14 20:15:04 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2006/03/14 16:27:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\keyboard21.dat
[2006/03/08 09:22:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\keyboard11.dat
[2006/03/02 19:50:33 | 000,005,847 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/03/02 18:09:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\gimmygames.dat
[2006/02/28 14:01:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\winsysupd121.dat
[2006/02/18 11:29:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\winsysupd91.dat
[2006/02/18 11:29:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\gimmygames91.dat
[2006/02/18 11:28:29 | 000,000,202 | ---- | C] () -- C:\WINDOWS\enuee.dll
[2006/02/18 11:28:29 | 000,000,053 | ---- | C] () -- C:\WINDOWS\boebbc.dat
[2006/02/14 19:06:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2006/01/13 14:22:16 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/23 10:07:59 | 000,000,334 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/12/21 12:52:56 | 000,000,007 | ---- | C] () -- C:\WINDOWS\dqtex03.ini
[2005/12/14 16:16:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2005/12/14 16:01:54 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/08/21 18:47:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/05/10 00:52:32 | 000,022,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2005/01/03 13:41:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/03 13:20:37 | 000,015,909 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/01/03 13:20:29 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/01/03 13:13:03 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/01/03 13:13:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/01/03 13:13:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/01/03 13:13:03 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/01/03 13:13:02 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/01/03 13:13:01 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/01/03 13:11:23 | 000,000,081 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/01/03 13:07:43 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/01/03 12:51:38 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/01/03 12:47:22 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/11/23 23:29:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/11/23 23:26:54 | 000,628,568 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/11/23 23:26:54 | 000,551,778 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/11/23 23:26:54 | 000,120,630 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/11/23 23:26:54 | 000,101,188 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/11/23 23:25:00 | 000,294,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/11/23 23:21:24 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/11/23 23:19:12 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/05 20:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/05 20:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/05 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/05 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/05 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/05 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/05 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/05 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/05 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/05 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/27 06:17:16 | 000,000,659 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2001/09/19 19:18:01 | 000,009,542 | ---- | C] () -- C:\WINDOWS\Zmodeler.ini
[2001/08/24 07:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/24 07:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2005/01/03 13:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/07/06 23:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic
[2009/01/26 22:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apowersoft
[2007/07/07 10:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2005/01/03 13:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2005/12/23 11:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2009/07/09 22:34:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/10/28 21:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
[2007/09/03 14:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2006/01/28 11:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOONTY
[2011/07/22 09:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cC02300CdLfO02300
[2010/10/01 13:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010/02/08 01:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/12/29 11:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2008/11/22 16:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/06/15 17:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2008/09/18 21:05:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
[2008/05/22 14:43:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fashion Solitaire 1.2
[2009/11/09 23:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2008/09/21 21:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FloodLightGames
[2011/07/13 17:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fOh06511gHhAo06511
[2009/04/05 18:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/07/09 10:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2008/02/15 17:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2007/06/22 12:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2008/11/11 13:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/11/11 13:11:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2005/01/03 13:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009/07/09 23:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iPodtoComputer
[2008/09/19 14:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2011/07/13 17:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kG02300MhCeP02300
[2011/07/20 17:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kJ02300PlPgM02300
[2011/03/12 19:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KONAMI
[2008/02/15 17:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/07/25 13:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\lM02300KeBiA02300
[2010/09/01 23:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2010/09/01 20:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2010/06/11 15:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2009/03/12 23:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/17 13:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/02/06 22:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/10/18 11:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2009/01/27 10:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Application
[2008/10/19 21:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microgaming
[2011/01/22 17:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/07/15 08:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2011/07/11 13:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\mJ02300EcKjE02300
[2010/06/17 13:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/06/15 20:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS(2)
[2010/04/15 18:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2005/12/26 13:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2008/10/03 22:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2005/01/03 13:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/02/03 23:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2011/02/25 17:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rumbic Studio
[2005/01/03 12:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2006/01/13 14:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2010/12/11 01:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2008/06/06 22:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/05/09 18:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2011/07/24 21:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/03/31 07:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2009/07/11 20:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2011/02/19 21:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/09/25 13:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TERMINAL Studio
[2006/08/08 17:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2007/03/06 11:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2009/07/11 12:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2008/11/14 23:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2008/03/27 09:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2009/03/13 19:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/10 13:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/20 00:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/08 13:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/07/24 20:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[2009/02/04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2011/07/28 00:07:49 | 000,073,584 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.4.0.80\SetupAdmin.exe
[2010/02/02 18:49:20 | 000,079,144 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
[2010/04/10 13:22:27 | 000,079,144 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe
[2010/06/23 19:57:09 | 000,071,992 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
[2010/09/23 11:18:15 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2010/12/14 14:54:53 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011/03/28 12:31:57 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.20.27\SetupAdmin.exe
[2011/04/19 13:23:48 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2011/07/28 00:18:11 | 000,073,584 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer
0
Réponse 17 / 24
Utilisateur anonyme
28 juil. 2011 à 22:15
En premier fais Avenger (postes son rapport) et ensuite refais un rapport OTL (Heberges le rapport OTL afin que je puisse l'avoir au complet)


1. Télécharge http://www.geekstogo.com/forum/files/file/393-the-avenger-by-swandog46/ par Swandog46 sur ton Bureau.

* Décompresse le fichier
* avenger.exe sur le bureau

2. Copie le contenu en gras ci-dessous (CTRL+C),


Drivers to delete:
iejocddv

Files to delete:
C:\WINDOWS\System32\drivers\iejocddv.sys




Note: Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur.
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.

3. Maintenant, lance The Avenger par clic droit, exécuter en tant qu'administrateur.

* Faites un clic droit sur la fenêtre sous "Input Script There":, Et choisissez Coller.A présent du dois avoir le script dans la fenétre blanche d' Avenger.
* Clique sur Exécuter
* Réponds "Yes" quand demandé.

4. The Avenger va automatiquement faire ce qui suit:

* Il va Redémarrer le système.
* Pendant le redémarrage, il apparaitra brièvement une fenêtre de commande de windows noire sur le bureau, c'est normal.
* Après le redémarrage, il crée un fichier log qui s'ouvrira, faisant apparaitre les actions exécutées par The Avenger. Ce fichier log se trouve ici : C:\avenger.txt

5. Pour finir copie/colle le contenu du ficher c:\avenger.txt dans ta prochaine réponse.

Tuto :
http://www.oxygenepc.com/forum/the-avenger-t594.html
0
Réponse 18 / 24
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014
28 juil. 2011 à 23:06
Voila le rapport des deux scan :

Avenger :

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Driver "iejocddv" deleted successfully.
File "C:\WINDOWS\System32\drivers\iejocddv.sys" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.


Puis voici celui réalisé après avec OTL :
http://www.cijoint.fr/cjlink.php?file=cj201107/cijz8ZbVoZ.zip
0
Réponse 19 / 24
Utilisateur anonyme
29 juil. 2011 à 07:13
Bon on est arrivé a faire sauté le rootkit par contre fais attention a surfer correctement parce que enre les deux derniers rapport des nouvelles infections sont venus se loger

relançe OTL , clic droit executer en tant qu'administrateur , Copies et colles le contenue de cette citation (en commençant bien à :OTL , les : inclus devant OTL) dans la partie inférieure d'OTL sous "Personalisation" et cette fois ci clic CORRECTION:

:OTL
FF - prefs.js..keyword.URL: "http://ww1.toolbarhome.com"
[2011/01/15 22:05:33 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\llqxnuhh.default\searchplugins\web-search.xml
O1 - Hosts: ::1 localhost => Infection Hosts (Hosts.Redirection)
[2011/07/18 18:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\OpenCandy
[2011/07/18 18:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenCandy
[2011/07/23 07:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\cacaoweb
FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.11
[2008/09/26 18:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\iWin
[2011/07/18 18:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenCandy
[2011/07/23 08:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\PriceGong
[2011/07/18 13:42:27 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenCandy\OpenCandy_C916B74DD9024E5882DDC037F2FC6DB2\LatestDLMgr.exe
[2011/07/06 01:04:54 | 028,957,544 | ---- | M] (TuneUp Media, Inc.) -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenCandy\OpenCandy_C916B74DD9024E5882DDC037F2FC6DB2\TuneUpInst-2.1.1-cmp183.exe
IE - HKCU\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - Reg Error: Key error. File not found
[2008/11/11 13:10:39 | 000,002,143 | ---- | M] () -- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\llqxnuhh.default\searchplugins\MyStart Search.xml
[2011/07/13 13:21:14 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat

:files
C:\WINDOWS\System\hpsysdrv.dat

:commands
[EmptyTemp]
[EmptyFlash]
[CREATERESTOREPOINT]
[ResetHosts]
[Reboot]


===>Copie_colle le contenu du rapport texte qui apparrait au redemarrage du pc .
0
Réponse 20 / 24
kiwi3 Messages postés 24 Date d'inscription lundi 25 juillet 2011 Statut Membre Dernière intervention 12 septembre 2014
29 juil. 2011 à 11:37
Voila :

All processes killed
========== OTL ==========
Prefs.js: "http://ww1.toolbarhome.com" removed from keyword.URL
C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\llqxnuhh.default\searchplugins\web-search.xml moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\OpenCandy folder moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenCandy\OpenCandy_C916B74DD9024E5882DDC037F2FC6DB2 folder moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenCandy folder moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\cacaoweb folder moved successfully.
Prefs.js: cacaoweb@cacaoweb.org:1.0.11 removed from extensions.enabledItems
C:\Documents and Settings\Compaq_Propriétaire\Application Data\iWin\JewelQuest3 folder moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\iWin\jewelquest2 folder moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\iWin folder moved successfully.
Folder C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenCandy\ not found.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\PriceGong\Data folder moved successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\PriceGong folder moved successfully.
File C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenCandy\OpenCandy_C916B74DD9024E5882DDC037F2FC6DB2\LatestDLMgr.exe not found.
File C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenCandy\OpenCandy_C916B74DD9024E5882DDC037F2FC6DB2\TuneUpInst-2.1.1-cmp183.exe not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\llqxnuhh.default\searchplugins\MyStart Search.xml moved successfully.
C:\WINDOWS\system\hpsysdrv.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System\hpsysdrv.dat not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrateur.NOM-EB85C523610
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes

User: Administrateur.NOM-EB85C523610.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrateur.NOM-EB85C523610.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: All Users

User: Compaq_Propritaire

User: Compaq_Propriétaire
->Temp folder emptied: 5094630 bytes
->Temporary Internet Files folder emptied: 767557 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 242199480 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 16384 bytes
->Flash cache emptied: 470 bytes

User: Compaq_Propriétaire.NOM-EB85C523610
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Compaq_PropriÚtaire
->Temporary Internet Files folder emptied: 0 bytes

User: Compaq_Propri?taire

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66083 bytes
->Temporary Internet Files folder emptied: 33237 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65536 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 237,00 mb


[EMPTYFLASH]

User: Administrateur

User: Administrateur.NOM-EB85C523610

User: Administrateur.NOM-EB85C523610.000

User: Administrateur.NOM-EB85C523610.001

User: All Users

User: Compaq_Propritaire

User: Compaq_Propriétaire
->Flash cache emptied: 0 bytes

User: Compaq_Propriétaire.NOM-EB85C523610
->Flash cache emptied: 0 bytes

User: Compaq_PropriÚtaire

User: Compaq_Propri?taire

User: Default User

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point (0)
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.26.1 log created on 07292011_110344

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
0

Discussions similaires

taxe foncière pour locataire
Cryséis -
irongege -

1 réponse
1Go en Mo ou 100 Mo en Go comment convertir
Utilisateur anonyme -
marie -

6 réponses
100 mo internet, équivalent en nombre d'heures
sara ! 75014 -
ictus -

15 réponses
C'est quoi UC ?
crvenazvezda -
mothman974 -

7 réponses
100 mo d'internet en gros c quoi ?
jess4 -
MPMP10 -

4 réponses