Sujet Précédent Sujet Suivant

Trojan sirefef.O et trojan Dropper sirefef.B

Fermé
ThiBo - 5 nov. 2011 à 13:57
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 - 6 nov. 2011 à 18:39
Bonjour,

j'ai un portable qui a été infecté par trojan sirefef.O et trojan dropper sirefef.B
Une mise a jour de windows defender a permi de s'en débarasser. Il reste des problemes à régler. En autre :
pas de connection à internet alors que je me connecte à mon réseau.
Les restaurations plantent systématiquement
les installations et les désinstallations plantent souvent (ecran bleu puis redemarrage)


J'attends vos conseils.
Merci

Windows Vista / Firefox 6
A voir également:

10 réponses

Réponse 1 / 10
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
5 nov. 2011 à 14:01
Bonjour

▶ Fais un clic droit sur le lien ci dessous, choisi "Enregistrer la cible du lien sous", comme destination : ton Bureau, change son nom (ton_pseudo.exe par exemple) :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

▶ Double-clique sur ComboFix.exe
Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter

▶ ▶ Ne touche à rien (souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

▶ En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.</gras>
▶ Une fois le scan achevé, un rapport va s''afficher : Poste son contenu

Notes:
-> Le rapport se trouve également là : C:\ComboFix.txt
-> tutoriel combofix
0
Réponse 2 / 10
ThiBo
5 nov. 2011 à 14:47
Merci juju666
J'obtiens un message d'erreur : Freeware implementation of XCACLS a cessé de fonctionner
deux propositions :

rechercher ultérieurement une solution en ligne et fermer le programme
ou
fermer le programme

laquelle je choisis
0
Réponse 3 / 10
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
5 nov. 2011 à 14:50
aucune :P

▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan" Clique ici pour l'aide en image

Si TDSS.tdl2 est détecté: l'option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté: assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté: assure toi que Cure est bien cochée.
Si Rootkit.Win32.ZAccess.* est détecté : règle sur "cure" en haut , et "delete" en bas
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
une fois qu'il a terminé , redémarre s'il te le demande pour finir de nettoyer

sinon , ferme TDSSKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.
0
ThiBo
5 nov. 2011 à 15:06
J'ai fermé la fenetre, il est apparu une nouvelle fenetre disant que Rootkit.Win32.ZAccess était présent.
j'ai fermé la fenetre et j'ai lancé le scan, Rootkit.Win32.ZAccess n'a pas été detecté. Voici le rapport:

15:00:13.0744 2632 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
15:00:13.0760 2632 ============================================================
15:00:13.0760 2632 Current date / time: 2011/11/05 15:00:13.0760
15:00:13.0760 2632 SystemInfo:
15:00:13.0760 2632
15:00:13.0760 2632 OS Version: 6.0.6002 ServicePack: 2.0
15:00:13.0760 2632 Product type: Workstation
15:00:13.0760 2632 ComputerName: THIBAUD
15:00:13.0760 2632 UserName: Thibaud
15:00:13.0760 2632 Windows directory: C:\Windows
15:00:13.0760 2632 System windows directory: C:\Windows
15:00:13.0760 2632 Processor architecture: Intel x86
15:00:13.0760 2632 Number of processors: 2
15:00:13.0760 2632 Page size: 0x1000
15:00:13.0760 2632 Boot type: Normal boot
15:00:13.0760 2632 ============================================================
15:00:15.0195 2632 Initialize success
15:00:23.0416 3288 ============================================================
15:00:23.0416 3288 Scan started
15:00:23.0416 3288 Mode: Manual;
15:00:23.0416 3288 ============================================================
15:00:23.0869 3288 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:00:23.0869 3288 ACPI - ok
15:00:23.0947 3288 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
15:00:23.0947 3288 adp94xx - ok
15:00:24.0025 3288 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
15:00:24.0025 3288 adpahci - ok
15:00:24.0087 3288 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
15:00:24.0087 3288 adpu160m - ok
15:00:24.0134 3288 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
15:00:24.0134 3288 adpu320 - ok
15:00:24.0196 3288 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
15:00:24.0212 3288 agp440 - ok
15:00:24.0259 3288 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:00:24.0259 3288 aic78xx - ok
15:00:24.0415 3288 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
15:00:24.0446 3288 aliide - ok
15:00:24.0508 3288 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
15:00:24.0508 3288 amdagp - ok
15:00:24.0602 3288 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
15:00:24.0618 3288 amdide - ok
15:00:24.0664 3288 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
15:00:24.0664 3288 AmdK7 - ok
15:00:24.0742 3288 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
15:00:24.0742 3288 AmdK8 - ok
15:00:25.0039 3288 ApfiltrService (18bff317bdb10c64a35e1ca85f1ec051) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:00:25.0039 3288 ApfiltrService - ok
15:00:25.0164 3288 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
15:00:25.0179 3288 arc - ok
15:00:25.0242 3288 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
15:00:25.0242 3288 arcsas - ok
15:00:25.0335 3288 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:00:25.0335 3288 AsyncMac - ok
15:00:25.0413 3288 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:00:25.0413 3288 atapi - ok
15:00:25.0491 3288 athr (7fa516fc81dd5931f389b56279a27a3e) C:\Windows\system32\DRIVERS\athr.sys
15:00:25.0507 3288 athr - ok
15:00:25.0600 3288 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:00:25.0600 3288 Beep - ok
15:00:25.0663 3288 blbdrive - ok
15:00:25.0725 3288 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:00:25.0725 3288 bowser - ok
15:00:25.0772 3288 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:00:25.0772 3288 BrFiltLo - ok
15:00:25.0803 3288 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:00:25.0803 3288 BrFiltUp - ok
15:00:25.0881 3288 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:00:25.0881 3288 Brserid - ok
15:00:25.0944 3288 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:00:25.0944 3288 BrSerWdm - ok
15:00:26.0006 3288 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:00:26.0006 3288 BrUsbMdm - ok
15:00:26.0053 3288 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:00:26.0053 3288 BrUsbSer - ok
15:00:26.0100 3288 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:00:26.0115 3288 BTHMODEM - ok
15:00:26.0162 3288 Camdrv30 (b626ec900ed64fea808c1763add40c87) C:\Windows\system32\Drivers\camdrv30.sys
15:00:26.0162 3288 Camdrv30 - ok
15:00:26.0287 3288 catchme - ok
15:00:26.0427 3288 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:00:26.0427 3288 cdfs - ok
15:00:26.0536 3288 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:00:26.0536 3288 cdrom - ok
15:00:26.0614 3288 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
15:00:26.0614 3288 circlass - ok
15:00:26.0677 3288 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:00:26.0692 3288 CLFS - ok
15:00:26.0755 3288 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
15:00:26.0755 3288 CmBatt - ok
15:00:26.0833 3288 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
15:00:26.0833 3288 cmdide - ok
15:00:26.0880 3288 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
15:00:26.0880 3288 Compbatt - ok
15:00:26.0942 3288 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
15:00:26.0942 3288 crcdisk - ok
15:00:27.0004 3288 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
15:00:27.0004 3288 Crusoe - ok
15:00:27.0098 3288 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:00:27.0098 3288 DfsC - ok
15:00:27.0176 3288 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:00:27.0176 3288 disk - ok
15:00:27.0223 3288 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
15:00:27.0223 3288 DMICall - ok
15:00:27.0316 3288 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:00:27.0316 3288 drmkaud - ok
15:00:27.0410 3288 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:00:27.0426 3288 DXGKrnl - ok
15:00:27.0472 3288 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:00:27.0472 3288 E1G60 - ok
15:00:27.0550 3288 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:00:27.0550 3288 Ecache - ok
15:00:27.0660 3288 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
15:00:27.0660 3288 elxstor - ok
15:00:27.0784 3288 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:00:27.0784 3288 exfat - ok
15:00:27.0878 3288 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:00:27.0878 3288 fastfat - ok
15:00:27.0940 3288 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
15:00:27.0940 3288 fdc - ok
15:00:28.0003 3288 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:00:28.0003 3288 FileInfo - ok
15:00:28.0050 3288 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:00:28.0050 3288 Filetrace - ok
15:00:28.0112 3288 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
15:00:28.0112 3288 flpydisk - ok
15:00:28.0190 3288 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:00:28.0206 3288 FltMgr - ok
15:00:28.0284 3288 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
15:00:28.0284 3288 Fs_Rec - ok
15:00:28.0346 3288 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
15:00:28.0346 3288 gagp30kx - ok
15:00:28.0408 3288 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\Drivers\GEARAspiWDM.sys
15:00:28.0408 3288 GEARAspiWDM - ok
15:00:28.0502 3288 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
15:00:28.0502 3288 HdAudAddService - ok
15:00:28.0564 3288 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:00:28.0580 3288 HDAudBus - ok
15:00:28.0611 3288 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:00:28.0611 3288 HidBth - ok
15:00:28.0658 3288 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:00:28.0658 3288 HidIr - ok
15:00:28.0752 3288 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:00:28.0752 3288 HidUsb - ok
15:00:28.0814 3288 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
15:00:28.0830 3288 HpCISSs - ok
15:00:28.0876 3288 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:00:28.0876 3288 HSFHWAZL - ok
15:00:28.0954 3288 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
15:00:28.0970 3288 HSF_DPV - ok
15:00:29.0001 3288 HSXHWAZL - ok
15:00:29.0095 3288 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:00:29.0095 3288 HTTP - ok
15:00:29.0204 3288 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
15:00:29.0204 3288 i2omp - ok
15:00:29.0266 3288 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:00:29.0266 3288 i8042prt - ok
15:00:29.0360 3288 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\drivers\iastor.sys
15:00:29.0360 3288 iaStor - ok
15:00:29.0422 3288 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
15:00:29.0422 3288 iaStorV - ok
15:00:29.0578 3288 igfx (62448322731ac1beda52e2b3327046ee) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:00:29.0594 3288 igfx - ok
15:00:29.0641 3288 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:00:29.0641 3288 iirsp - ok
15:00:29.0828 3288 IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys
15:00:29.0844 3288 IntcAzAudAddService - ok
15:00:29.0890 3288 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:00:29.0906 3288 intelide - ok
15:00:29.0984 3288 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:00:29.0984 3288 intelppm - ok
15:00:30.0062 3288 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:00:30.0062 3288 IpFilterDriver - ok
15:00:30.0093 3288 IpInIp - ok
15:00:30.0140 3288 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
15:00:30.0140 3288 IPMIDRV - ok
15:00:30.0202 3288 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:00:30.0202 3288 IPNAT - ok
15:00:30.0265 3288 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:00:30.0265 3288 IRENUM - ok
15:00:30.0327 3288 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
15:00:30.0327 3288 isapnp - ok
15:00:30.0436 3288 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:00:30.0436 3288 iScsiPrt - ok
15:00:30.0483 3288 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:00:30.0483 3288 iteatapi - ok
15:00:30.0530 3288 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:00:30.0530 3288 iteraid - ok
15:00:30.0577 3288 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:00:30.0577 3288 kbdclass - ok
15:00:30.0624 3288 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:00:30.0624 3288 kbdhid - ok
15:00:30.0686 3288 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
15:00:30.0686 3288 KSecDD - ok
15:00:30.0826 3288 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:00:30.0842 3288 lltdio - ok
15:00:30.0904 3288 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
15:00:30.0904 3288 LSI_FC - ok
15:00:30.0951 3288 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
15:00:30.0951 3288 LSI_SAS - ok
15:00:30.0998 3288 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
15:00:30.0998 3288 LSI_SCSI - ok
15:00:31.0045 3288 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:00:31.0045 3288 luafv - ok
15:00:31.0076 3288 lwktqjdm - ok
15:00:31.0107 3288 mdmxsdk - ok
15:00:31.0201 3288 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
15:00:31.0201 3288 megasas - ok
15:00:31.0310 3288 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:00:31.0310 3288 Modem - ok
15:00:31.0388 3288 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:00:31.0404 3288 monitor - ok
15:00:31.0466 3288 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:00:31.0466 3288 mouclass - ok
15:00:31.0513 3288 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:00:31.0513 3288 mouhid - ok
15:00:31.0560 3288 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:00:31.0560 3288 MountMgr - ok
15:00:31.0653 3288 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
15:00:31.0653 3288 mpio - ok
15:00:31.0887 3288 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:00:31.0887 3288 mpsdrv - ok
15:00:32.0137 3288 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:00:32.0137 3288 Mraid35x - ok
15:00:32.0184 3288 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:00:32.0184 3288 MRxDAV - ok
15:00:32.0246 3288 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:00:32.0246 3288 mrxsmb - ok
15:00:32.0324 3288 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:00:32.0324 3288 mrxsmb10 - ok
15:00:32.0605 3288 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:00:32.0605 3288 mrxsmb20 - ok
15:00:32.0886 3288 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
15:00:32.0886 3288 msahci - ok
15:00:33.0073 3288 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
15:00:33.0073 3288 msdsm - ok
15:00:33.0151 3288 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:00:33.0151 3288 Msfs - ok
15:00:33.0213 3288 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:00:33.0213 3288 msisadrv - ok
15:00:33.0276 3288 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:00:33.0276 3288 MSKSSRV - ok
15:00:33.0338 3288 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:00:33.0338 3288 MSPCLOCK - ok
15:00:33.0369 3288 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:00:33.0369 3288 MSPQM - ok
15:00:33.0432 3288 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:00:33.0432 3288 MsRPC - ok
15:00:33.0478 3288 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:00:33.0478 3288 mssmbios - ok
15:00:33.0525 3288 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:00:33.0525 3288 MSTEE - ok
15:00:33.0588 3288 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:00:33.0588 3288 Mup - ok
15:00:33.0634 3288 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:00:33.0650 3288 NativeWifiP - ok
15:00:33.0712 3288 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:00:33.0712 3288 NDIS - ok
15:00:33.0744 3288 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:00:33.0744 3288 NdisTapi - ok
15:00:33.0790 3288 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:00:33.0790 3288 Ndisuio - ok
15:00:33.0837 3288 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:00:33.0837 3288 NdisWan - ok
15:00:33.0884 3288 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:00:33.0900 3288 NDProxy - ok
15:00:33.0946 3288 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:00:33.0946 3288 NetBIOS - ok
15:00:34.0024 3288 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:00:34.0040 3288 netbt - ok
15:00:34.0087 3288 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:00:34.0087 3288 nfrd960 - ok
15:00:34.0134 3288 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:00:34.0134 3288 Npfs - ok
15:00:34.0180 3288 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:00:34.0180 3288 nsiproxy - ok
15:00:34.0258 3288 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:00:34.0274 3288 Ntfs - ok
15:00:34.0321 3288 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:00:34.0321 3288 ntrigdigi - ok
15:00:34.0368 3288 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
15:00:34.0368 3288 NuidFltr - ok
15:00:34.0399 3288 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:00:34.0399 3288 Null - ok
15:00:34.0446 3288 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
15:00:34.0446 3288 nvraid - ok
15:00:34.0477 3288 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
15:00:34.0477 3288 nvstor - ok
15:00:34.0508 3288 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
15:00:34.0508 3288 nv_agp - ok
15:00:34.0524 3288 NwlnkFlt - ok
15:00:34.0555 3288 NwlnkFwd - ok
15:00:34.0602 3288 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
15:00:34.0602 3288 ohci1394 - ok
15:00:34.0680 3288 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:00:34.0680 3288 Parport - ok
15:00:34.0711 3288 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:00:34.0711 3288 partmgr - ok
15:00:34.0758 3288 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:00:34.0758 3288 Parvdm - ok
15:00:34.0836 3288 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:00:34.0836 3288 pci - ok
15:00:34.0898 3288 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
15:00:34.0898 3288 pciide - ok
15:00:34.0960 3288 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
15:00:34.0960 3288 pcmcia - ok
15:00:35.0007 3288 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:00:35.0023 3288 PEAUTH - ok
15:00:35.0179 3288 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:00:35.0179 3288 PptpMiniport - ok
15:00:35.0226 3288 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
15:00:35.0226 3288 Processor - ok
15:00:35.0272 3288 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:00:35.0272 3288 PSched - ok
15:00:35.0304 3288 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys
15:00:35.0304 3288 PxHelp20 - ok
15:00:35.0397 3288 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
15:00:35.0397 3288 ql2300 - ok
15:00:35.0460 3288 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:00:35.0460 3288 ql40xx - ok
15:00:35.0491 3288 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:00:35.0506 3288 QWAVEdrv - ok
15:00:35.0538 3288 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:00:35.0538 3288 RasAcd - ok
15:00:35.0600 3288 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:00:35.0600 3288 Rasl2tp - ok
15:00:35.0678 3288 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:00:35.0678 3288 RasPppoe - ok
15:00:35.0740 3288 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:00:35.0740 3288 RasSstp - ok
15:00:35.0787 3288 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:00:35.0787 3288 rdbss - ok
15:00:35.0834 3288 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:00:35.0834 3288 RDPCDD - ok
15:00:35.0881 3288 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
15:00:35.0881 3288 rdpdr - ok
15:00:35.0928 3288 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:00:35.0928 3288 RDPENCDD - ok
15:00:36.0006 3288 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
15:00:36.0006 3288 RDPWD - ok
15:00:36.0037 3288 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
15:00:36.0037 3288 regi - ok
15:00:36.0146 3288 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:00:36.0146 3288 rspndr - ok
15:00:36.0193 3288 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:00:36.0193 3288 sbp2port - ok
15:00:36.0271 3288 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:00:36.0271 3288 secdrv - ok
15:00:36.0333 3288 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:00:36.0333 3288 Serenum - ok
15:00:36.0380 3288 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:00:36.0380 3288 Serial - ok
15:00:36.0427 3288 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:00:36.0427 3288 sermouse - ok
15:00:36.0552 3288 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
15:00:36.0552 3288 SFEP - ok
15:00:36.0598 3288 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
15:00:36.0598 3288 sffdisk - ok
15:00:36.0630 3288 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
15:00:36.0630 3288 sffp_mmc - ok
15:00:36.0676 3288 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
15:00:36.0676 3288 sffp_sd - ok
15:00:36.0723 3288 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys
15:00:36.0723 3288 sfloppy - ok
15:00:36.0801 3288 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
15:00:36.0801 3288 sisagp - ok
15:00:36.0879 3288 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
15:00:36.0879 3288 SiSRaid2 - ok
15:00:36.0926 3288 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
15:00:36.0926 3288 SiSRaid4 - ok
15:00:37.0004 3288 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:00:37.0004 3288 Smb - ok
15:00:37.0098 3288 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:00:37.0098 3288 spldr - ok
15:00:37.0160 3288 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys
15:00:37.0160 3288 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
15:00:37.0160 3288 sptd ( LockedFile.Multi.Generic ) - warning
15:00:37.0160 3288 sptd - detected LockedFile.Multi.Generic (1)
15:00:37.0222 3288 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:00:37.0222 3288 srv - ok
15:00:37.0269 3288 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:00:37.0269 3288 srv2 - ok
15:00:37.0300 3288 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:00:37.0300 3288 srvnet - ok
15:00:37.0347 3288 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:00:37.0363 3288 swenum - ok
15:00:37.0394 3288 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:00:37.0410 3288 Symc8xx - ok
15:00:37.0425 3288 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:00:37.0425 3288 Sym_hi - ok
15:00:37.0488 3288 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:00:37.0488 3288 Sym_u3 - ok
15:00:37.0597 3288 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys
15:00:37.0612 3288 Tcpip - ok
15:00:37.0675 3288 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys
15:00:37.0690 3288 Tcpip6 - ok
15:00:37.0722 3288 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys
15:00:37.0722 3288 tcpipreg - ok
15:00:37.0753 3288 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:00:37.0753 3288 TDPIPE - ok
15:00:37.0800 3288 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:00:37.0800 3288 TDTCP - ok
15:00:37.0846 3288 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:00:37.0846 3288 tdx - ok
15:00:37.0893 3288 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:00:37.0893 3288 TermDD - ok
15:00:37.0971 3288 ti21sony (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys
15:00:37.0971 3288 ti21sony - ok
15:00:38.0065 3288 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:00:38.0065 3288 tssecsrv - ok
15:00:38.0112 3288 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:00:38.0112 3288 tunmp - ok
15:00:38.0174 3288 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:00:38.0174 3288 tunnel - ok
15:00:38.0205 3288 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
15:00:38.0205 3288 uagp35 - ok
15:00:38.0252 3288 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:00:38.0268 3288 udfs - ok
15:00:38.0346 3288 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
15:00:38.0346 3288 uliagpkx - ok
15:00:38.0408 3288 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
15:00:38.0408 3288 uliahci - ok
15:00:38.0455 3288 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:00:38.0455 3288 UlSata - ok
15:00:38.0517 3288 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:00:38.0517 3288 ulsata2 - ok
15:00:38.0580 3288 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:00:38.0580 3288 umbus - ok
15:00:38.0626 3288 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:00:38.0626 3288 usbccgp - ok
15:00:38.0704 3288 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:00:38.0704 3288 usbcir - ok
15:00:38.0767 3288 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:00:38.0767 3288 usbehci - ok
15:00:38.0845 3288 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:00:38.0845 3288 usbhub - ok
15:00:38.0876 3288 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
15:00:38.0876 3288 usbohci - ok
15:00:38.0938 3288 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:00:38.0938 3288 usbprint - ok
15:00:39.0001 3288 UsbSagCom (83610e5275ecf5337912d19e49210a5a) C:\Windows\system32\DRIVERS\UsbSagCom.sys
15:00:39.0001 3288 UsbSagCom - ok
15:00:39.0063 3288 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:00:39.0063 3288 usbscan - ok
15:00:39.0126 3288 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:00:39.0126 3288 USBSTOR - ok
15:00:39.0172 3288 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:00:39.0172 3288 usbuhci - ok
15:00:39.0313 3288 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
15:00:39.0313 3288 vga - ok
15:00:39.0360 3288 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:00:39.0360 3288 VgaSave - ok
15:00:39.0406 3288 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
15:00:39.0406 3288 viaagp - ok
15:00:39.0438 3288 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
15:00:39.0438 3288 ViaC7 - ok
15:00:39.0484 3288 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
15:00:39.0484 3288 viaide - ok
15:00:39.0516 3288 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:00:39.0516 3288 volmgr - ok
15:00:39.0578 3288 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:00:39.0594 3288 volmgrx - ok
15:00:39.0656 3288 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:00:39.0656 3288 volsnap - ok
15:00:39.0734 3288 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
15:00:39.0734 3288 vsmraid - ok
15:00:39.0812 3288 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:00:39.0812 3288 WacomPen - ok
15:00:39.0874 3288 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:00:39.0874 3288 Wanarp - ok
15:00:39.0874 3288 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:00:39.0874 3288 Wanarpv6 - ok
15:00:39.0937 3288 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
15:00:39.0937 3288 Wd - ok
15:00:39.0999 3288 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:00:39.0999 3288 Wdf01000 - ok
15:00:40.0108 3288 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
15:00:40.0124 3288 WimFltr - ok
15:00:40.0171 3288 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
15:00:40.0186 3288 winachsf - ok
15:00:40.0311 3288 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
15:00:40.0311 3288 WmiAcpi - ok
15:00:40.0405 3288 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:00:40.0405 3288 WpdUsb - ok
15:00:40.0467 3288 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:00:40.0467 3288 ws2ifsl - ok
15:00:40.0545 3288 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:00:40.0545 3288 WUDFRd - ok
15:00:40.0654 3288 yukonwlh (2d07e65ed0023bb10b13a912b27dfb1a) C:\Windows\system32\DRIVERS\yk60x86.sys
15:00:40.0654 3288 yukonwlh - ok
15:00:40.0686 3288 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:00:40.0701 3288 \Device\Harddisk0\DR0 - ok
15:00:40.0701 3288 MBR (0x1B8) (c60c9205f30d2f079cda338e8aaf7849) \Device\Harddisk3\DR4
15:00:42.0542 3288 \Device\Harddisk3\DR4 - ok
15:00:42.0604 3288 Boot (0x1200) (fda5e3b55cd03b0987587df734882a48) \Device\Harddisk0\DR0\Partition0
15:00:42.0604 3288 \Device\Harddisk0\DR0\Partition0 - ok
15:00:42.0604 3288 ============================================================
15:00:42.0604 3288 Scan finished
15:00:42.0604 3288 ============================================================
15:00:42.0636 3212 Detected object count: 1
15:00:42.0636 3212 Actual detected object count: 1
15:01:08.0875 3212 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:01:08.0875 3212 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:01:14.0413 1952 ============================================================
15:01:14.0413 1952 Scan started
15:01:14.0413 1952 Mode: Manual;
15:01:14.0413 1952 ============================================================
15:01:14.0678 1952 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:01:14.0694 1952 ACPI - ok
15:01:14.0740 1952 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
15:01:14.0740 1952 adp94xx - ok
15:01:14.0772 1952 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
15:01:14.0772 1952 adpahci - ok
15:01:14.0803 1952 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
15:01:14.0803 1952 adpu160m - ok
15:01:14.0834 1952 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
15:01:14.0834 1952 adpu320 - ok
15:01:14.0881 1952 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
15:01:14.0881 1952 agp440 - ok
15:01:14.0912 1952 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:01:14.0912 1952 aic78xx - ok
15:01:14.0943 1952 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
15:01:14.0959 1952 aliide - ok
15:01:14.0990 1952 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
15:01:14.0990 1952 amdagp - ok
15:01:15.0006 1952 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
15:01:15.0006 1952 amdide - ok
15:01:15.0037 1952 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
15:01:15.0037 1952 AmdK7 - ok
15:01:15.0084 1952 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
15:01:15.0084 1952 AmdK8 - ok
15:01:15.0130 1952 ApfiltrService (18bff317bdb10c64a35e1ca85f1ec051) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:01:15.0130 1952 ApfiltrService - ok
15:01:15.0208 1952 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
15:01:15.0208 1952 arc - ok
15:01:15.0255 1952 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
15:01:15.0255 1952 arcsas - ok
15:01:15.0302 1952 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:01:15.0302 1952 AsyncMac - ok
15:01:15.0364 1952 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:01:15.0364 1952 atapi - ok
15:01:15.0427 1952 athr (7fa516fc81dd5931f389b56279a27a3e) C:\Windows\system32\DRIVERS\athr.sys
15:01:15.0442 1952 athr - ok
15:01:15.0505 1952 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:01:15.0505 1952 Beep - ok
15:01:15.0536 1952 blbdrive - ok
15:01:15.0598 1952 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:01:15.0598 1952 bowser - ok
15:01:15.0645 1952 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:01:15.0645 1952 BrFiltLo - ok
15:01:15.0676 1952 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:01:15.0676 1952 BrFiltUp - ok
15:01:15.0708 1952 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:01:15.0708 1952 Brserid - ok
15:01:15.0739 1952 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:01:15.0739 1952 BrSerWdm - ok
15:01:15.0754 1952 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:01:15.0754 1952 BrUsbMdm - ok
15:01:15.0770 1952 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:01:15.0770 1952 BrUsbSer - ok
15:01:15.0801 1952 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:01:15.0801 1952 BTHMODEM - ok
15:01:15.0864 1952 Camdrv30 (b626ec900ed64fea808c1763add40c87) C:\Windows\system32\Drivers\camdrv30.sys
15:01:15.0864 1952 Camdrv30 - ok
15:01:15.0973 1952 catchme - ok
15:01:16.0035 1952 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:01:16.0035 1952 cdfs - ok
15:01:16.0098 1952 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:01:16.0098 1952 cdrom - ok
15:01:16.0144 1952 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
15:01:16.0144 1952 circlass - ok
15:01:16.0207 1952 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:01:16.0207 1952 CLFS - ok
15:01:16.0300 1952 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
15:01:16.0300 1952 CmBatt - ok
15:01:16.0347 1952 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
15:01:16.0347 1952 cmdide - ok
15:01:16.0425 1952 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
15:01:16.0425 1952 Compbatt - ok
15:01:16.0456 1952 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
15:01:16.0456 1952 crcdisk - ok
15:01:16.0519 1952 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
15:01:16.0519 1952 Crusoe - ok
15:01:16.0628 1952 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:01:16.0628 1952 DfsC - ok
15:01:16.0690 1952 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:01:16.0690 1952 disk - ok
15:01:16.0706 1952 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
15:01:16.0706 1952 DMICall - ok
15:01:16.0768 1952 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:01:16.0768 1952 drmkaud - ok
15:01:16.0831 1952 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:01:16.0831 1952 DXGKrnl - ok
15:01:16.0878 1952 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:01:16.0878 1952 E1G60 - ok
15:01:16.0924 1952 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:01:16.0924 1952 Ecache - ok
15:01:16.0971 1952 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
15:01:16.0971 1952 elxstor - ok
15:01:17.0096 1952 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:01:17.0096 1952 exfat - ok
15:01:17.0158 1952 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:01:17.0158 1952 fastfat - ok
15:01:17.0205 1952 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
15:01:17.0205 1952 fdc - ok
15:01:17.0268 1952 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:01:17.0283 1952 FileInfo - ok
15:01:17.0314 1952 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:01:17.0314 1952 Filetrace - ok
15:01:17.0377 1952 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
15:01:17.0377 1952 flpydisk - ok
15:01:17.0455 1952 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:01:17.0455 1952 FltMgr - ok
15:01:17.0548 1952 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
15:01:17.0548 1952 Fs_Rec - ok
15:01:17.0611 1952 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
15:01:17.0611 1952 gagp30kx - ok
15:01:17.0673 1952 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\Drivers\GEARAspiWDM.sys
15:01:17.0673 1952 GEARAspiWDM - ok
15:01:17.0767 1952 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
15:01:17.0767 1952 HdAudAddService - ok
15:01:17.0814 1952 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:01:17.0814 1952 HDAudBus - ok
15:01:17.0876 1952 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:01:17.0876 1952 HidBth - ok
15:01:17.0892 1952 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:01:17.0892 1952 HidIr - ok
15:01:17.0970 1952 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:01:17.0970 1952 HidUsb - ok
15:01:18.0016 1952 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
15:01:18.0016 1952 HpCISSs - ok
15:01:18.0079 1952 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:01:18.0079 1952 HSFHWAZL - ok
15:01:18.0157 1952 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
15:01:18.0172 1952 HSF_DPV - ok
15:01:18.0204 1952 HSXHWAZL - ok
15:01:18.0266 1952 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:01:18.0266 1952 HTTP - ok
15:01:18.0344 1952 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
15:01:18.0344 1952 i2omp - ok
15:01:18.0406 1952 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:01:18.0406 1952 i8042prt - ok
15:01:18.0453 1952 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\drivers\iastor.sys
15:01:18.0453 1952 iaStor - ok
15:01:18.0531 1952 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
15:01:18.0531 1952 iaStorV - ok
15:01:18.0640 1952 igfx (62448322731ac1beda52e2b3327046ee) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:01:18.0656 1952 igfx - ok
15:01:18.0703 1952 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:01:18.0718 1952 iirsp - ok
15:01:18.0859 1952 IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys
15:01:18.0874 1952 IntcAzAudAddService - ok
15:01:18.0921 1952 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:01:18.0921 1952 intelide - ok
15:01:18.0968 1952 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:01:18.0968 1952 intelppm - ok
15:01:18.0999 1952 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:01:19.0015 1952 IpFilterDriver - ok
15:01:19.0046 1952 IpInIp - ok
15:01:19.0124 1952 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
15:01:19.0124 1952 IPMIDRV - ok
15:01:19.0171 1952 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:01:19.0171 1952 IPNAT - ok
15:01:19.0233 1952 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:01:19.0249 1952 IRENUM - ok
15:01:19.0296 1952 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
15:01:19.0296 1952 isapnp - ok
15:01:19.0327 1952 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:01:19.0327 1952 iScsiPrt - ok
15:01:19.0389 1952 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:01:19.0389 1952 iteatapi - ok
15:01:19.0436 1952 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:01:19.0436 1952 iteraid - ok
15:01:19.0498 1952 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:01:19.0498 1952 kbdclass - ok
15:01:19.0545 1952 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:01:19.0545 1952 kbdhid - ok
15:01:19.0608 1952 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
15:01:19.0623 1952 KSecDD - ok
15:01:19.0686 1952 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:01:19.0686 1952 lltdio - ok
15:01:19.0732 1952 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
15:01:19.0732 1952 LSI_FC - ok
15:01:19.0764 1952 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
15:01:19.0764 1952 LSI_SAS - ok
15:01:19.0795 1952 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
15:01:19.0795 1952 LSI_SCSI - ok
15:01:19.0842 1952 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:01:19.0842 1952 luafv - ok
15:01:19.0857 1952 lwktqjdm - ok
15:01:19.0888 1952 mdmxsdk - ok
15:01:19.0920 1952 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
15:01:19.0920 1952 megasas - ok
15:01:19.0966 1952 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:01:19.0966 1952 Modem - ok
15:01:20.0029 1952 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:01:20.0029 1952 monitor - ok
15:01:20.0044 1952 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:01:20.0044 1952 mouclass - ok
15:01:20.0076 1952 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:01:20.0076 1952 mouhid - ok
15:01:20.0122 1952 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:01:20.0122 1952 MountMgr - ok
15:01:20.0169 1952 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
15:01:20.0169 1952 mpio - ok
15:01:20.0200 1952 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:01:20.0200 1952 mpsdrv - ok
15:01:20.0247 1952 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:01:20.0247 1952 Mraid35x - ok
15:01:20.0294 1952 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:01:20.0294 1952 MRxDAV - ok
15:01:20.0372 1952 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:01:20.0372 1952 mrxsmb - ok
15:01:20.0403 1952 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:01:20.0403 1952 mrxsmb10 - ok
15:01:20.0481 1952 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:01:20.0497 1952 mrxsmb20 - ok
15:01:20.0544 1952 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
15:01:20.0544 1952 msahci - ok
15:01:20.0622 1952 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
15:01:20.0622 1952 msdsm - ok
15:01:20.0700 1952 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:01:20.0700 1952 Msfs - ok
15:01:20.0762 1952 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:01:20.0762 1952 msisadrv - ok
15:01:20.0824 1952 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:01:20.0824 1952 MSKSSRV - ok
15:01:20.0840 1952 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:01:20.0840 1952 MSPCLOCK - ok
15:01:20.0902 1952 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:01:20.0902 1952 MSPQM - ok
15:01:20.0965 1952 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:01:20.0965 1952 MsRPC - ok
15:01:21.0058 1952 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:01:21.0058 1952 mssmbios - ok
15:01:21.0121 1952 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:01:21.0121 1952 MSTEE - ok
15:01:21.0199 1952 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:01:21.0199 1952 Mup - ok
15:01:21.0261 1952 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:01:21.0261 1952 NativeWifiP - ok
15:01:21.0324 1952 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:01:21.0339 1952 NDIS - ok
15:01:21.0386 1952 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:01:21.0386 1952 NdisTapi - ok
15:01:21.0433 1952 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:01:21.0433 1952 Ndisuio - ok
15:01:21.0480 1952 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:01:21.0480 1952 NdisWan - ok
15:01:21.0526 1952 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:01:21.0526 1952 NDProxy - ok
15:01:21.0558 1952 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:01:21.0573 1952 NetBIOS - ok
15:01:21.0636 1952 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:01:21.0636 1952 netbt - ok
15:01:21.0714 1952 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:01:21.0714 1952 nfrd960 - ok
15:01:21.0760 1952 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:01:21.0760 1952 Npfs - ok
15:01:21.0823 1952 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:01:21.0838 1952 nsiproxy - ok
15:01:21.0916 1952 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:01:21.0932 1952 Ntfs - ok
15:01:21.0979 1952 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:01:21.0979 1952 ntrigdigi - ok
15:01:22.0026 1952 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
15:01:22.0026 1952 NuidFltr - ok
15:01:22.0072 1952 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:01:22.0072 1952 Null - ok
15:01:22.0135 1952 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
15:01:22.0135 1952 nvraid - ok
15:01:22.0166 1952 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
15:01:22.0166 1952 nvstor - ok
15:01:22.0213 1952 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
15:01:22.0213 1952 nv_agp - ok
15:01:22.0260 1952 NwlnkFlt - ok
15:01:22.0275 1952 NwlnkFwd - ok
15:01:22.0322 1952 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
15:01:22.0322 1952 ohci1394 - ok
15:01:22.0384 1952 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:01:22.0384 1952 Parport - ok
15:01:22.0416 1952 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:01:22.0416 1952 partmgr - ok
15:01:22.0509 1952 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:01:22.0509 1952 Parvdm - ok
15:01:22.0572 1952 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:01:22.0572 1952 pci - ok
15:01:22.0681 1952 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
15:01:22.0681 1952 pciide - ok
15:01:22.0743 1952 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
15:01:22.0743 1952 pcmcia - ok
15:01:22.0837 1952 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:01:22.0837 1952 PEAUTH - ok
15:01:22.0977 1952 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:01:22.0977 1952 PptpMiniport - ok
15:01:23.0040 1952 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
15:01:23.0040 1952 Processor - ok
15:01:23.0102 1952 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:01:23.0102 1952 PSched - ok
15:01:23.0164 1952 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys
15:01:23.0164 1952 PxHelp20 - ok
15:01:23.0258 1952 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
15:01:23.0258 1952 ql2300 - ok
15:01:23.0320 1952 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:01:23.0320 1952 ql40xx - ok
15:01:23.0383 1952 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:01:23.0383 1952 QWAVEdrv - ok
15:01:23.0445 1952 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:01:23.0445 1952 RasAcd - ok
15:01:23.0508 1952 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:01:23.0508 1952 Rasl2tp - ok
15:01:23.0554 1952 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:01:23.0554 1952 RasPppoe - ok
15:01:23.0601 1952 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:01:23.0601 1952 RasSstp - ok
15:01:23.0664 1952 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:01:23.0664 1952 rdbss - ok
15:01:23.0695 1952 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:01:23.0695 1952 RDPCDD - ok
15:01:23.0742 1952 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
15:01:23.0757 1952 rdpdr - ok
15:01:23.0773 1952 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:01:23.0773 1952 RDPENCDD - ok
15:01:23.0835 1952 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
15:01:23.0835 1952 RDPWD - ok
15:01:23.0882 1952 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
15:01:23.0882 1952 regi - ok
15:01:23.0944 1952 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:01:23.0944 1952 rspndr - ok
15:01:23.0976 1952 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:01:23.0976 1952 sbp2port - ok
15:01:24.0022 1952 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:01:24.0022 1952 secdrv - ok
15:01:24.0069 1952 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:01:24.0069 1952 Serenum - ok
15:01:24.0116 1952 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:01:24.0116 1952 Serial - ok
15:01:24.0163 1952 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:01:24.0163 1952 sermouse - ok
15:01:24.0272 1952 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
15:01:24.0272 1952 SFEP - ok
15:01:24.0303 1952 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
15:01:24.0303 1952 sffdisk - ok
15:01:24.0350 1952 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
15:01:24.0350 1952 sffp_mmc - ok
15:01:24.0381 1952 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
15:01:24.0397 1952 sffp_sd - ok
15:01:24.0428 1952 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys
15:01:24.0428 1952 sfloppy - ok
15:01:24.0490 1952 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
15:01:24.0490 1952 sisagp - ok
15:01:24.0553 1952 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
15:01:24.0553 1952 SiSRaid2 - ok
15:01:24.0600 1952 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
15:01:24.0600 1952 SiSRaid4 - ok
15:01:24.0678 1952 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:01:24.0678 1952 Smb - ok
1
0
Réponse 4 / 10
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
5 nov. 2011 à 15:09
refais combofix alors.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
ThiBo
5 nov. 2011 à 16:41
Merci 666 fois, (bientôt 1000 ?)
Je ne vois pas mes posts (j'ai déjà essayé de poster 2 fois le rapport de scan)

Je n'ai toujours pas internet, et l'ordinateur ne redemarrage qu'en mode sans echec, mais acce"pte la prise en charge du réseau

Voici le rapport

ComboFix 11-11-05.02 - Thibaud 05/11/2011 15:11:36.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2038.1113 [GMT 1:00]
Lancé depuis: c:\users\Thibaud\Desktop\ThiBo.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\assembly\GAC_MSIL\desktop.ini
c:\windows\system32\
c:\windows\system32\icsxml
c:\windows\system32\icsxml\cmnicfg.xml
c:\windows\system32\icsxml\ipcfg.xml
c:\windows\system32\icsxml\osinfo.xml
c:\windows\system32\icsxml\potscfg.xml
c:\windows\system32\icsxml\pppcfg.xml
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-10-05 au 2011-11-05 ))))))))))))))))))))))))))))))))))))
.
.
2011-11-02 18:03 . 2011-11-04 20:14 -------- d-----w- c:\program files\Glary Utilities
2011-11-01 14:32 . 2011-11-02 17:46 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-01 14:31 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-10-29 20:50 . 2011-10-29 20:50 -------- d-----w- c:\program files\Avira
2011-10-27 22:26 . 2011-10-27 22:26 1206 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-10-27 22:16 . 2011-10-27 22:26 -------- d-----w- c:\program files\Electronic Arts
2011-10-26 20:27 . 2011-10-26 20:27 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-10-26 10:02 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-14 21:39 . 2011-09-30 21:28 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-14 21:38 . 2011-09-14 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-10-14 21:38 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-14 21:37 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-14 21:37 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-14 21:37 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-01 14:53 . 2007-11-07 18:42 242452 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-10-30 10:33 . 2011-07-21 16:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 14:11 . 2009-07-15 14:20 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-09-09 14:01 . 2011-07-21 16:47 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-06-11 15:51 . 2008-12-13 16:54 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-20 141848]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-09-19 311296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-14 19:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 lwktqjdm;lwktqjdm;c:\windows\system32\drivers\lwktqjdm.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Camdrv30;Philips ToUcam XS;c:\windows\system32\Drivers\camdrv30.sys [2001-08-17 171264]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-10 30192]
R3 UsbSagCom;Mobile Device Full USB Driver;c:\windows\system32\DRIVERS\UsbSagCom.sys [2007-06-29 51712]
R3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
R3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
R3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-09-28 292128]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-17 87328]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 722288]
R3 WMSvc;Service de gestion Web;c:\windows\system32\inetsrv\wmsvc.exe [2008-01-19 11264]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - 45834435
*Deregistered* - 45834435
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2011-11-02 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-11-02 08:07]
.
2011-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-36718210-2133206323-2169372817-1005Core.job
- c:\users\Thibaud\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-15 10:41]
.
2011-11-05 c:\windows\Tasks\User_Feed_Synchronization-{1FD144E1-E759-4922-A6AD-95C1FAA871C0}.job
- c:\windows\system32\msfeedssync.exe [2011-10-14 21:29]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://isearch.babylon.com/?babsrc=HP_ss&affID=18474&mntrId=025bea72000000000000001dd97aaaad
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
TCP: Interfaces\{DA0E36A1-C44E-41D1-8CD7-89A30586BEC4}: NameServer = 212.27.40.240
FF - ProfilePath - c:\users\Thibaud\AppData\Roaming\Mozilla\Firefox\Profiles\3hzeywdz.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://zinkwink.com/?tmp=redir_bho_bing&prt=corsairzwbho&keywords=
FF - prefs.js: network.proxy.type - 4
FF - user.js: keyword.URL - hxxp://zinkwink.com/?tmp=redir_bho_bing&prt=corsairzwbho&keywords=
FF - user.js: keyword.enabled - 1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{B4FBA8C3-2083-4ED8-A35B-148478739826} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-05 15:20
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
.
c:\users\Thibaud\AppData\Roaming\Mozilla\Firefox\Profiles\3hzeywdz.default\user.js.BAK 131 bytes
.
Scan terminé avec succès
Fichiers cachés: 1
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000003d
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-11-05 15:24:42
ComboFix-quarantined-files.txt 2011-11-05 14:24
.
Avant-CF: 6 841 384 960 octets libres
Après-CF: 7 074 873 344 octets libres
.
- - End Of File - - D842AD749CE07B8AEBB64B84BAC62C2F
0
Réponse 6 / 10
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
5 nov. 2011 à 17:56
Pas de trace d'un rootkit 0 access !

Relance ComboFix !
0
ThiBo
6 nov. 2011 à 02:49
Hello,
1 je ne dois pas poster correctement car je ne vois pas mes posts.
Dois-je répondre au sujet ou ajouter un commentaire ,
J'espere que cette fois je fais ce qu'il faut

J'ai relancé combofix, le rapport du scan est ci-de"ssous. Les problemes sont toujours la.
Pas de connection internet, demarrage en mode sans echec uniquement


ComboFix 11-11-05.02 - Thibaud 06/11/2011 1:59.2.2 - x86 NETWORK
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2038.1548 [GMT 1:00]
Lancé depuis: c:\users\Thibaud\Desktop\ThiBo.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-10-06 au 2011-11-06 ))))))))))))))))))))))))))))))))))))
.
.
2011-11-05 16:03 . 2011-11-05 16:19 -------- d-----w- C:\ThiBo
2011-11-02 18:03 . 2011-11-04 20:14 -------- d-----w- c:\program files\Glary Utilities
2011-11-01 14:32 . 2011-11-02 17:46 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-01 14:31 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-10-29 20:50 . 2011-10-29 20:50 -------- d-----w- c:\program files\Avira
2011-10-27 22:26 . 2011-10-27 22:26 1206 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-10-27 22:16 . 2011-10-27 22:26 -------- d-----w- c:\program files\Electronic Arts
2011-10-26 20:27 . 2011-10-26 20:27 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-10-26 10:02 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-14 21:39 . 2011-09-30 21:28 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-14 21:38 . 2011-09-14 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-10-14 21:38 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-14 21:37 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-14 21:37 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-14 21:37 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-01 14:53 . 2007-11-07 18:42 242452 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-10-30 10:33 . 2011-07-21 16:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 14:11 . 2009-07-15 14:20 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-09-09 14:01 . 2011-07-21 16:47 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-06-11 15:51 . 2008-12-13 16:54 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-20 141848]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-09-19 311296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-14 19:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R1 lwktqjdm;lwktqjdm;c:\windows\system32\drivers\lwktqjdm.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
R3 Camdrv30;Philips ToUcam XS;c:\windows\system32\Drivers\camdrv30.sys [2001-08-17 171264]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-10 30192]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
R3 UsbSagCom;Mobile Device Full USB Driver;c:\windows\system32\DRIVERS\UsbSagCom.sys [2007-06-29 51712]
R3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
R3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
R3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-09-28 292128]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-17 87328]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 722288]
R3 WMSvc;Service de gestion Web;c:\windows\system32\inetsrv\wmsvc.exe [2008-01-19 11264]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2011-11-02 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-11-02 08:07]
.
2011-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-36718210-2133206323-2169372817-1005Core.job
- c:\users\Thibaud\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-15 10:41]
.
2011-11-05 c:\windows\Tasks\User_Feed_Synchronization-{1FD144E1-E759-4922-A6AD-95C1FAA871C0}.job
- c:\windows\system32\msfeedssync.exe [2011-10-14 21:29]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://isearch.babylon.com/?babsrc=HP_ss&affID=18474&mntrId=025bea72000000000000001dd97aaaad
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
TCP: Interfaces\{DA0E36A1-C44E-41D1-8CD7-89A30586BEC4}: NameServer = 212.27.40.240
FF - ProfilePath - c:\users\Thibaud\AppData\Roaming\Mozilla\Firefox\Profiles\3hzeywdz.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://zinkwink.com/?tmp=redir_bho_bing&prt=corsairzwbho&keywords=
FF - prefs.js: network.proxy.type - 4
FF - user.js: keyword.URL - hxxp://zinkwink.com/?tmp=redir_bho_bing&prt=corsairzwbho&keywords=
FF - user.js: keyword.enabled - 1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-06 02:09
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000003d
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-11-06 02:12:06
ComboFix-quarantined-files.txt 2011-11-06 01:12
ComboFix2.txt 2011-11-05 16:19
ComboFix3.txt 2011-11-05 14:24
.
Avant-CF: 13 877 927 936 octets libres
Après-CF: 13 810 892 800 octets libres
.
- - End Of File - - E884B14C70BE0E6FDCDA27F3038DAEBC
0
Réponse 7 / 10
ThiBo
6 nov. 2011 à 02:35
Hello,
Les problemes sont toujours la

Voici le rapport du scan.

ComboFix 11-11-05.02 - Thibaud 06/11/2011 1:59.2.2 - x86 NETWORK
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2038.1548 [GMT 1:00]
Lancé depuis: c:\users\Thibaud\Desktop\ThiBo.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-10-06 au 2011-11-06 ))))))))))))))))))))))))))))))))))))
.
.
2011-11-05 16:03 . 2011-11-05 16:19 -------- d-----w- C:\ThiBo
2011-11-02 18:03 . 2011-11-04 20:14 -------- d-----w- c:\program files\Glary Utilities
2011-11-01 14:32 . 2011-11-02 17:46 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-01 14:31 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-10-29 20:50 . 2011-10-29 20:50 -------- d-----w- c:\program files\Avira
2011-10-27 22:26 . 2011-10-27 22:26 1206 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-10-27 22:16 . 2011-10-27 22:26 -------- d-----w- c:\program files\Electronic Arts
2011-10-26 20:27 . 2011-10-26 20:27 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-10-26 10:02 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-14 21:39 . 2011-09-30 21:28 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-14 21:38 . 2011-09-14 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-10-14 21:38 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-14 21:37 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-14 21:37 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-14 21:37 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-01 14:53 . 2007-11-07 18:42 242452 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-10-30 10:33 . 2011-07-21 16:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 14:11 . 2009-07-15 14:20 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-09-09 14:01 . 2011-07-21 16:47 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-06-11 15:51 . 2008-12-13 16:54 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-20 141848]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-09-19 311296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-14 19:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R1 lwktqjdm;lwktqjdm;c:\windows\system32\drivers\lwktqjdm.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
R3 Camdrv30;Philips ToUcam XS;c:\windows\system32\Drivers\camdrv30.sys [2001-08-17 171264]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-10 30192]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
R3 UsbSagCom;Mobile Device Full USB Driver;c:\windows\system32\DRIVERS\UsbSagCom.sys [2007-06-29 51712]
R3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
R3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
R3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-09-28 292128]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-17 87328]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 722288]
R3 WMSvc;Service de gestion Web;c:\windows\system32\inetsrv\wmsvc.exe [2008-01-19 11264]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2011-11-02 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-11-02 08:07]
.
2011-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-36718210-2133206323-2169372817-1005Core.job
- c:\users\Thibaud\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-15 10:41]
.
2011-11-05 c:\windows\Tasks\User_Feed_Synchronization-{1FD144E1-E759-4922-A6AD-95C1FAA871C0}.job
- c:\windows\system32\msfeedssync.exe [2011-10-14 21:29]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://isearch.babylon.com/?babsrc=HP_ss&affID=18474&mntrId=025bea72000000000000001dd97aaaad
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
TCP: Interfaces\{DA0E36A1-C44E-41D1-8CD7-89A30586BEC4}: NameServer = 212.27.40.240
FF - ProfilePath - c:\users\Thibaud\AppData\Roaming\Mozilla\Firefox\Profiles\3hzeywdz.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://zinkwink.com/?tmp=redir_bho_bing&prt=corsairzwbho&keywords=
FF - prefs.js: network.proxy.type - 4
FF - user.js: keyword.URL - hxxp://zinkwink.com/?tmp=redir_bho_bing&prt=corsairzwbho&keywords=
FF - user.js: keyword.enabled - 1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-06 02:09
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000003d
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-11-06 02:12:06
ComboFix-quarantined-files.txt 2011-11-06 01:12
ComboFix2.txt 2011-11-05 16:19
ComboFix3.txt 2011-11-05 14:24
.
Avant-CF: 13 877 927 936 octets libres
Après-CF: 13 810 892 800 octets libres
.
- - End Of File - - E884B14C70BE0E6FDCDA27F3038DAEBC
0
Réponse 8 / 10
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
6 nov. 2011 à 09:32
Salut.

Étrange soucis.

Réparons les fichiers système :

▶ Ouvre ton menu démarrer

-> Si tu es sur XP, ouvre exécuter, tape cmd et valide par pression sur la touche Enter

-> Sur Vista/Seven, dans le champ "Recherche" tape cmd , sur le résultat qui apparait, clic droit > exécuter en tant qu'administrateur

▶ Dans la fenêtre noire, tape sfc /scannow et laisse Windows réparer les fichiers.
0
ThiBo
6 nov. 2011 à 10:38
Bonjour,

Les problèmes ne sont pas finis, un message d'erreur apparait avant l'exécution :

Tentative d'opération non autorisée sur une clé du registre marquée pour suppression
0
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
6 nov. 2011 à 10:40
redémarre le pc, c'est du au passage de combofix.
0
ThiBo
6 nov. 2011 à 11:05
Après 88% de vérification le mesage suivant apparait

la protection des ressources Windows n'a pas réussi à effectuer l'opération demandée
0
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
6 nov. 2011 à 11:07
t avais lancé cmd en admin ???
0
ThiBo
6 nov. 2011 à 11:11
Oui, j'ai lancé en mode administrateur.
D'ailleurs dans le menu de la fenêtre Windows c'est marqué:
Administrateur : C:\Windows\System32\cmd.exe
0
Réponse 9 / 10
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
6 nov. 2011 à 11:27
▶ Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu''administrateur)

▶ Lance OTL
▶ Sous Personnalisation, copie-colle ce qu''il y a dans le cadre ci-dessous : 
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c

▶ Clique sur le bouton Analyse.
▶ Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
0
ThiBo
6 nov. 2011 à 16:07
Voici les liens :

Le rapport Extras.txt

http://pjjoint.malekal.com/files.php?id=k9m8h14q8b7f13f11b12u12g11i11v12c5l10h5b12o10k13v10e12



et le rapport OTL

http://pjjoint.malekal.com/files.php?id=l13b9h11k7n9z9d7r10o8g8h14b8j12v10r9u6r6p9k7t14


999 mercis déjà et j'attends la suite
0
Réponse 10 / 10
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 4 796
6 nov. 2011 à 18:39
Re,

Après une bonne petite sieste :>

'ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.


▶ Copie/colle les lignes suivantes en gras et place les dans la zone "personnalisation" :


:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.babylon.com/?babsrc=HP_ss&affID=18474&mntrId=025bea72000000000000001dd97aaaad
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://zinkwink.com/?tmp=redir_bho_bing&prt=corsairzwbho&keywords="
FF - prefs.js..network.proxy.type: 4

FF - user.js..keyword.URL: "http://zinkwink.com/?tmp=redir_bho_bing&prt=corsairzwbho&keywords="
FF - user.js..keyword.enabled: 1
[2011/10/26 21:22:31 | 000,003,915 | ---- | M] () -- C:\Users\Thibaud\AppData\Roaming\Mozilla\Firefox\Profiles\3hzeywdz.default\searchplugins\sweetim.xml
[2011/09/09 16:23:22 | 000,000,000 | ---D | M] ("Babylon Spelling and Proofreading") -- C:\Program Files\mozilla firefox\extensions\adapter@babylontc.com
[2011/09/09 16:23:18 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files\mozilla firefox\extensions\ffxtlbr@babylon.com
[2011/09/09 16:23:20 | 000,000,000 | ---D | M] (Babylon OCR) -- C:\Program Files\mozilla firefox\extensions\ocr@babylon.com
[2011/10/26 21:22:21 | 000,002,336 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/05/01 19:07:30 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
[2011/11/04 21:14:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Babylon
[2008/04/14 23:57:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Trymedia
[2011/08/17 13:29:53 | 000,000,000 | ---D | M] -- C:\Users\Thibaud\AppData\Roaming\OfferBox
[2011/09/09 15:12:22 | 000,000,000 | ---D | M] -- C:\Users\Thibaud\AppData\Roaming\OpenCandy
[2011/09/09 15:12:27 | 000,416,160 | ---- | M] () -- C:\Users\Thibaud\AppData\Roaming\OpenCandy\OpenCandy_25CE0EF969954A4DAB2A4F02028F2367\LatestDLMgr.exe
[2011/08/01 23:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Users\Thibaud\AppData\Roaming\OpenCandy\OpenCandy_25CE0EF969954A4DAB2A4F02028F2367\pcspeedup.exe
[2011/09/09 15:14:23 | 001,952,496 | ---- | M] () -- C:\Users\Thibaud\AppData\Roaming\OpenCandy\OpenCandy_25CE0EF969954A4DAB2A4F02028F2367\pcspeedup_p5v1.exe

:commands
[emptytemp]


▶ Clique sur « Correction » et laisse l''outil travailler. L''ordinateur redémarre.

▶ Copie/colle la totalité du rapport dans ta prochaine réponse.
0

Discussions similaires

Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses
Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses
Comment éliminer manuellement virus trojan?
ballag -
RClog -

12 réponses