Sujet Précédent Sujet Suivant

Redirection des recherches google

Fermé
Signa1 - 20 nov. 2011 à 15:30
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 - 23 nov. 2011 à 13:52
Bonjour,

J'ai un problème : sous Firefox, quand je fais une recherche Google, les liens de résultats me redirigent vers des sites qui me redirigent immédiatement vers la page de résultats...
L'antivirus Avira Antivir ne trouve rien, pouvez-vous m'aider à trouver ce qui cloche ?

Merci d'avance pour votre aide.



A voir également:

45 réponses

Réponse 1 / 45
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 4 795
20 nov. 2011 à 15:31
Bonjour

▶ Télécharge ici : Reload_TDSSKiller

▶ Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan" Clique ici pour l'aide en image

Si TDSS.tdl2 est détecté: l'option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté: assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté: assure toi que Cure est bien cochée.
Si Rootkit.Win32.ZAccess.* est détecté : règle sur "cure" en haut , et "delete" en bas
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
une fois qu'il a terminé , redémarre s'il te le demande pour finir de nettoyer

sinon , ferme TDSSKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.

Tutoriel : http://forums-fec.be/entraide/viewtopic.php?f=55&t=15
0
Réponse 2 / 45
Utilisateur anonyme
Modifié par Xodo le 20/11/2011 à 15:41
Ta page de démarrage quand clique sur internet c'est quoi ?
Car, dans Options internet tu doit écrire l'adresse de ta page de démarrage.
0
Réponse 3 / 45
Signa1
20 nov. 2011 à 15:45
Merci pour votre aide !

Xodo : Ma page de démarrage n'a pas changé depuis que j'ai ce problème (orange.fr sur Firefox, iGoogle sur Internet Explorer).

juju666 : Voici le rapport de TDSSKiller :

15:41:51.0115 4712 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
15:41:51.0497 4712 ============================================================
15:41:51.0497 4712 Current date / time: 2011/11/20 15:41:51.0497
15:41:51.0497 4712 SystemInfo:
15:41:51.0497 4712
15:41:51.0497 4712 OS Version: 6.1.7601 ServicePack: 1.0
15:41:51.0498 4712 Product type: Workstation
15:41:51.0498 4712 ComputerName: JEAN
15:41:51.0498 4712 UserName: Jean
15:41:51.0498 4712 Windows directory: C:\Windows
15:41:51.0498 4712 System windows directory: C:\Windows
15:41:51.0498 4712 Running under WOW64
15:41:51.0498 4712 Processor architecture: Intel x64
15:41:51.0498 4712 Number of processors: 4
15:41:51.0498 4712 Page size: 0x1000
15:41:51.0498 4712 Boot type: Normal boot
15:41:51.0498 4712 ============================================================
15:41:52.0045 4712 Initialize success
15:41:57.0658 4648 ============================================================
15:41:57.0658 4648 Scan started
15:41:57.0658 4648 Mode: Manual;
15:41:57.0658 4648 ============================================================
15:41:58.0638 4648 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:41:58.0660 4648 1394ohci - ok
15:41:58.0778 4648 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:41:58.0783 4648 ACPI - ok
15:41:58.0886 4648 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:41:58.0891 4648 AcpiPmi - ok
15:41:58.0974 4648 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
15:41:58.0982 4648 adfs - ok
15:41:59.0094 4648 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:41:59.0137 4648 adp94xx - ok
15:41:59.0236 4648 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:41:59.0257 4648 adpahci - ok
15:41:59.0353 4648 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:41:59.0366 4648 adpu320 - ok
15:41:59.0506 4648 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
15:41:59.0513 4648 AFD - ok
15:42:00.0048 4648 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:42:00.0056 4648 agp440 - ok
15:42:00.0158 4648 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:42:00.0164 4648 aliide - ok
15:42:00.0187 4648 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:42:00.0191 4648 amdide - ok
15:42:00.0240 4648 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:42:00.0250 4648 AmdK8 - ok
15:42:00.0513 4648 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
15:42:00.0789 4648 amdkmdag - ok
15:42:00.0908 4648 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
15:42:00.0918 4648 amdkmdap - ok
15:42:00.0955 4648 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:42:00.0962 4648 AmdPPM - ok
15:42:01.0065 4648 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:42:01.0075 4648 amdsata - ok
15:42:01.0115 4648 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:42:01.0125 4648 amdsbs - ok
15:42:01.0152 4648 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:42:01.0159 4648 amdxata - ok
15:42:01.0226 4648 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys
15:42:01.0235 4648 ApfiltrService - ok
15:42:01.0280 4648 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:42:01.0286 4648 AppID - ok
15:42:01.0409 4648 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:42:01.0419 4648 arc - ok
15:42:01.0467 4648 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:42:01.0478 4648 arcsas - ok
15:42:01.0536 4648 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:42:01.0542 4648 ArcSoftKsUFilter - ok
15:42:01.0623 4648 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:42:01.0629 4648 AsyncMac - ok
15:42:01.0730 4648 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:42:01.0737 4648 atapi - ok
15:42:01.0814 4648 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
15:42:01.0923 4648 athr - ok
15:42:02.0074 4648 athur (36322190763845975e0d001e90687bf2) C:\Windows\system32\DRIVERS\athurx.sys
15:42:02.0210 4648 athur - ok
15:42:02.0469 4648 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
15:42:02.0505 4648 atikmdag - ok
15:42:02.0566 4648 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
15:42:02.0572 4648 avgntflt - ok
15:42:02.0662 4648 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
15:42:02.0673 4648 avipbb - ok
15:42:02.0756 4648 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:42:02.0789 4648 b06bdrv - ok
15:42:02.0848 4648 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:42:02.0860 4648 b57nd60a - ok
15:42:02.0904 4648 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:42:02.0908 4648 Beep - ok
15:42:02.0984 4648 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
15:42:02.0991 4648 blbdrive - ok
15:42:03.0121 4648 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:42:03.0129 4648 bowser - ok
15:42:03.0162 4648 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:42:03.0166 4648 BrFiltLo - ok
15:42:03.0197 4648 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:42:03.0201 4648 BrFiltUp - ok
15:42:03.0239 4648 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:42:03.0253 4648 Brserid - ok
15:42:03.0305 4648 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:42:03.0312 4648 BrSerWdm - ok
15:42:03.0341 4648 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:42:03.0346 4648 BrUsbMdm - ok
15:42:03.0379 4648 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:42:03.0384 4648 BrUsbSer - ok
15:42:03.0458 4648 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:42:03.0465 4648 BthEnum - ok
15:42:03.0506 4648 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
15:42:03.0514 4648 BTHMODEM - ok
15:42:03.0553 4648 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:42:03.0561 4648 BthPan - ok
15:42:03.0623 4648 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
15:42:03.0668 4648 BTHPORT - ok
15:42:03.0741 4648 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
15:42:03.0750 4648 BTHUSB - ok
15:42:03.0779 4648 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
15:42:03.0787 4648 btusbflt - ok
15:42:03.0826 4648 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
15:42:03.0834 4648 btwaudio - ok
15:42:03.0865 4648 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
15:42:03.0874 4648 btwavdt - ok
15:42:03.0902 4648 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:42:03.0909 4648 btwl2cap - ok
15:42:03.0935 4648 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys
15:42:03.0940 4648 btwrchid - ok
15:42:03.0964 4648 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:42:03.0970 4648 cdfs - ok
15:42:04.0016 4648 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:42:04.0017 4648 cdrom - ok
15:42:04.0044 4648 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:42:04.0051 4648 circlass - ok
15:42:04.0081 4648 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:42:04.0085 4648 CLFS - ok
15:42:04.0135 4648 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
15:42:04.0139 4648 CmBatt - ok
15:42:04.0193 4648 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:42:04.0199 4648 cmdide - ok
15:42:04.0262 4648 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
15:42:04.0295 4648 CNG - ok
15:42:04.0333 4648 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
15:42:04.0339 4648 Compbatt - ok
15:42:04.0391 4648 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:42:04.0400 4648 CompositeBus - ok
15:42:04.0435 4648 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:42:04.0442 4648 crcdisk - ok
15:42:04.0516 4648 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:42:04.0529 4648 DfsC - ok
15:42:04.0572 4648 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:42:04.0573 4648 discache - ok
15:42:04.0615 4648 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:42:04.0624 4648 Disk - ok
15:42:04.0737 4648 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
15:42:04.0746 4648 Dot4 - ok
15:42:04.0842 4648 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:42:04.0846 4648 Dot4Print - ok
15:42:04.0891 4648 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
15:42:04.0897 4648 dot4usb - ok
15:42:04.0967 4648 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:42:04.0971 4648 drmkaud - ok
15:42:05.0051 4648 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:42:05.0071 4648 DXGKrnl - ok
15:42:05.0197 4648 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:42:05.0357 4648 ebdrv - ok
15:42:05.0463 4648 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:42:05.0495 4648 elxstor - ok
15:42:05.0558 4648 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:42:05.0563 4648 ErrDev - ok
15:42:05.0605 4648 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:42:05.0615 4648 exfat - ok
15:42:05.0630 4648 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:42:05.0639 4648 fastfat - ok
15:42:05.0672 4648 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:42:05.0676 4648 fdc - ok
15:42:05.0707 4648 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:42:05.0713 4648 FileInfo - ok
15:42:05.0737 4648 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:42:05.0742 4648 Filetrace - ok
15:42:05.0769 4648 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:42:05.0774 4648 flpydisk - ok
15:42:05.0833 4648 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:42:05.0855 4648 FltMgr - ok
15:42:05.0894 4648 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:42:05.0902 4648 FsDepends - ok
15:42:05.0941 4648 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys
15:42:05.0949 4648 fssfltr - ok
15:42:05.0977 4648 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:42:05.0983 4648 Fs_Rec - ok
15:42:06.0042 4648 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:42:06.0045 4648 fvevol - ok
15:42:06.0075 4648 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:42:06.0083 4648 gagp30kx - ok
15:42:06.0115 4648 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:42:06.0120 4648 GEARAspiWDM - ok
15:42:06.0152 4648 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:42:06.0158 4648 hcw85cir - ok
15:42:06.0234 4648 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:42:06.0268 4648 HdAudAddService - ok
15:42:06.0298 4648 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:42:06.0300 4648 HDAudBus - ok
15:42:06.0336 4648 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
15:42:06.0342 4648 HECIx64 - ok
15:42:06.0385 4648 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:42:06.0390 4648 HidBatt - ok
15:42:06.0434 4648 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
15:42:06.0441 4648 HidBth - ok
15:42:06.0483 4648 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:42:06.0491 4648 HidIr - ok
15:42:06.0550 4648 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:42:06.0555 4648 HidUsb - ok
15:42:06.0625 4648 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:42:06.0635 4648 HpSAMD - ok
15:42:06.0732 4648 HTCAND64 (cf44b25ae808765d7308f412ad492ddb) C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:42:06.0738 4648 HTCAND64 - ok
15:42:06.0806 4648 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:42:06.0815 4648 HTTP - ok
15:42:06.0868 4648 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:42:06.0869 4648 hwpolicy - ok
15:42:06.0916 4648 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:42:06.0927 4648 i8042prt - ok
15:42:06.0983 4648 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
15:42:06.0987 4648 iaStor - ok
15:42:07.0064 4648 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:42:07.0084 4648 iaStorV - ok
15:42:07.0300 4648 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:42:07.0550 4648 igfx - ok
15:42:07.0632 4648 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:42:07.0641 4648 iirsp - ok
15:42:07.0695 4648 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
15:42:07.0704 4648 Impcd - ok
15:42:07.0797 4648 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
15:42:07.0822 4648 IntcAzAudAddService - ok
15:42:07.0860 4648 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
15:42:07.0871 4648 IntcDAud - ok
15:42:07.0921 4648 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:42:07.0925 4648 intelide - ok
15:42:07.0961 4648 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
15:42:07.0962 4648 intelppm - ok
15:42:08.0024 4648 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:42:08.0031 4648 IpFilterDriver - ok
15:42:08.0082 4648 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:42:08.0090 4648 IPMIDRV - ok
15:42:08.0131 4648 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:42:08.0138 4648 IPNAT - ok
15:42:08.0243 4648 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:42:08.0248 4648 IRENUM - ok
15:42:08.0309 4648 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:42:08.0315 4648 isapnp - ok
15:42:08.0379 4648 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:42:08.0401 4648 iScsiPrt - ok
15:42:08.0425 4648 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:42:08.0432 4648 kbdclass - ok
15:42:08.0485 4648 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:42:08.0491 4648 kbdhid - ok
15:42:08.0549 4648 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
15:42:08.0558 4648 KSecDD - ok
15:42:08.0617 4648 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
15:42:08.0631 4648 KSecPkg - ok
15:42:08.0695 4648 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:42:08.0700 4648 ksthunk - ok
15:42:08.0763 4648 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:42:08.0772 4648 lltdio - ok
15:42:08.0835 4648 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:42:08.0843 4648 LSI_FC - ok
15:42:08.0876 4648 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:42:08.0884 4648 LSI_SAS - ok
15:42:08.0916 4648 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:42:08.0923 4648 LSI_SAS2 - ok
15:42:08.0960 4648 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:42:08.0968 4648 LSI_SCSI - ok
15:42:08.0993 4648 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:42:08.0994 4648 luafv - ok
15:42:09.0033 4648 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:42:09.0039 4648 megasas - ok
15:42:09.0075 4648 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:42:09.0086 4648 MegaSR - ok
15:42:09.0119 4648 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:42:09.0124 4648 Modem - ok
15:42:09.0148 4648 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:42:09.0149 4648 monitor - ok
15:42:09.0212 4648 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:42:09.0221 4648 mouclass - ok
15:42:09.0239 4648 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:42:09.0245 4648 mouhid - ok
15:42:09.0300 4648 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:42:09.0302 4648 mountmgr - ok
15:42:09.0362 4648 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:42:09.0374 4648 mpio - ok
15:42:09.0412 4648 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:42:09.0419 4648 mpsdrv - ok
15:42:09.0478 4648 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:42:09.0487 4648 MRxDAV - ok
15:42:09.0547 4648 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:42:09.0557 4648 mrxsmb - ok
15:42:09.0616 4648 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:42:09.0629 4648 mrxsmb10 - ok
15:42:09.0650 4648 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:42:09.0659 4648 mrxsmb20 - ok
15:42:09.0713 4648 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:42:09.0720 4648 msahci - ok
15:42:09.0792 4648 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:42:09.0801 4648 msdsm - ok
15:42:09.0854 4648 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:42:09.0859 4648 Msfs - ok
15:42:09.0883 4648 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:42:09.0887 4648 mshidkmdf - ok
15:42:09.0943 4648 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:42:09.0949 4648 msisadrv - ok
15:42:09.0984 4648 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:42:09.0988 4648 MSKSSRV - ok
15:42:10.0013 4648 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:42:10.0017 4648 MSPCLOCK - ok
15:42:10.0041 4648 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:42:10.0045 4648 MSPQM - ok
15:42:10.0107 4648 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:42:10.0119 4648 MsRPC - ok
15:42:10.0181 4648 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:42:10.0182 4648 mssmbios - ok
15:42:10.0217 4648 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:42:10.0220 4648 MSTEE - ok
15:42:10.0252 4648 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:42:10.0258 4648 MTConfig - ok
15:42:10.0299 4648 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:42:10.0307 4648 Mup - ok
15:42:10.0338 4648 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:42:10.0358 4648 NativeWifiP - ok
15:42:10.0437 4648 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:42:10.0452 4648 NDIS - ok
15:42:10.0488 4648 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:42:10.0493 4648 NdisCap - ok
15:42:10.0513 4648 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:42:10.0519 4648 NdisTapi - ok
15:42:10.0577 4648 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:42:10.0585 4648 Ndisuio - ok
15:42:10.0654 4648 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:42:10.0665 4648 NdisWan - ok
15:42:10.0718 4648 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:42:10.0725 4648 NDProxy - ok
15:42:10.0765 4648 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:42:10.0772 4648 NetBIOS - ok
15:42:10.0827 4648 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:42:10.0831 4648 NetBT - ok
15:42:10.0895 4648 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:42:10.0901 4648 nfrd960 - ok
15:42:10.0939 4648 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:42:10.0945 4648 Npfs - ok
15:42:10.0964 4648 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:42:10.0965 4648 nsiproxy - ok
15:42:11.0063 4648 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:42:11.0161 4648 Ntfs - ok
15:42:11.0243 4648 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:42:11.0247 4648 Null - ok
15:42:11.0321 4648 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:42:11.0332 4648 nvraid - ok
15:42:11.0380 4648 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:42:11.0389 4648 nvstor - ok
15:42:11.0409 4648 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:42:11.0418 4648 nv_agp - ok
15:42:11.0469 4648 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:42:11.0476 4648 ohci1394 - ok
15:42:11.0537 4648 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
15:42:11.0544 4648 Parport - ok
15:42:11.0600 4648 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:42:11.0611 4648 partmgr - ok
15:42:11.0678 4648 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:42:11.0680 4648 pci - ok
15:42:11.0746 4648 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:42:11.0752 4648 pciide - ok
15:42:11.0791 4648 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:42:11.0804 4648 pcmcia - ok
15:42:11.0848 4648 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:42:11.0857 4648 pcw - ok
15:42:11.0894 4648 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:42:11.0938 4648 PEAUTH - ok
15:42:12.0121 4648 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:42:12.0131 4648 PptpMiniport - ok
15:42:12.0167 4648 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:42:12.0176 4648 Processor - ok
15:42:12.0242 4648 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:42:12.0244 4648 Psched - ok
15:42:12.0284 4648 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:42:12.0292 4648 PxHlpa64 - ok
15:42:12.0366 4648 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:42:12.0447 4648 ql2300 - ok
15:42:12.0494 4648 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:42:12.0504 4648 ql40xx - ok
15:42:12.0543 4648 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:42:12.0549 4648 QWAVEdrv - ok
15:42:12.0578 4648 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:42:12.0582 4648 RasAcd - ok
15:42:12.0619 4648 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:42:12.0625 4648 RasAgileVpn - ok
15:42:12.0689 4648 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:42:12.0701 4648 Rasl2tp - ok
15:42:12.0747 4648 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:42:12.0753 4648 RasPppoe - ok
15:42:12.0777 4648 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:42:12.0784 4648 RasSstp - ok
15:42:12.0842 4648 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:42:12.0864 4648 rdbss - ok
15:42:12.0918 4648 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
15:42:12.0923 4648 rdpbus - ok
15:42:12.0951 4648 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:42:12.0952 4648 RDPCDD - ok
15:42:12.0976 4648 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:42:12.0977 4648 RDPENCDD - ok
15:42:13.0005 4648 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:42:13.0006 4648 RDPREFMP - ok
15:42:13.0059 4648 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:42:13.0070 4648 RDPWD - ok
15:42:13.0139 4648 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:42:13.0152 4648 rdyboost - ok
15:42:13.0213 4648 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:42:13.0221 4648 RFCOMM - ok
15:42:13.0261 4648 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
15:42:13.0262 4648 rimspci - ok
15:42:13.0296 4648 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
15:42:13.0297 4648 risdsnpe - ok
15:42:13.0348 4648 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:42:13.0355 4648 rspndr - ok
15:42:13.0393 4648 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
15:42:13.0401 4648 RTHDMIAzAudService - ok
15:42:13.0554 4648 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:42:13.0564 4648 sbp2port - ok
15:42:13.0631 4648 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:42:13.0639 4648 scfilter - ok
15:42:13.0710 4648 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
15:42:13.0720 4648 sdbus - ok
15:42:13.0764 4648 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:42:13.0769 4648 secdrv - ok
15:42:13.0806 4648 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
15:42:13.0810 4648 Serenum - ok
15:42:13.0835 4648 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
15:42:13.0841 4648 Serial - ok
15:42:13.0895 4648 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:42:13.0900 4648 sermouse - ok
15:42:13.0975 4648 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
15:42:13.0979 4648 SFEP - ok
15:42:14.0038 4648 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:42:14.0043 4648 sffdisk - ok
15:42:14.0073 4648 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:42:14.0078 4648 sffp_mmc - ok
15:42:14.0100 4648 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:42:14.0104 4648 sffp_sd - ok
15:42:14.0141 4648 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:42:14.0145 4648 sfloppy - ok
15:42:14.0247 4648 SIS163u - ok
15:42:14.0300 4648 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:42:14.0307 4648 SiSRaid2 - ok
15:42:14.0339 4648 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:42:14.0347 4648 SiSRaid4 - ok
15:42:14.0387 4648 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:42:14.0395 4648 Smb - ok
15:42:14.0446 4648 speedfan - ok
15:42:14.0479 4648 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:42:14.0484 4648 spldr - ok
15:42:14.0644 4648 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
15:42:14.0644 4648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
15:42:14.0659 4648 sptd ( LockedFile.Multi.Generic ) - warning
15:42:14.0660 4648 sptd - detected LockedFile.Multi.Generic (1)
15:42:14.0726 4648 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:42:14.0761 4648 srv - ok
15:42:14.0906 4648 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:42:14.0937 4648 srv2 - ok
15:42:15.0004 4648 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:42:15.0014 4648 srvnet - ok
15:42:15.0070 4648 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:42:15.0076 4648 stexstor - ok
15:42:15.0141 4648 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
15:42:15.0145 4648 StillCam - ok
15:42:15.0206 4648 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:42:15.0211 4648 swenum - ok
15:42:15.0345 4648 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:42:15.0453 4648 Tcpip - ok
15:42:15.0567 4648 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:42:15.0578 4648 TCPIP6 - ok
15:42:15.0628 4648 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:42:15.0634 4648 tcpipreg - ok
15:42:15.0683 4648 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:42:15.0687 4648 TDPIPE - ok
15:42:15.0713 4648 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:42:15.0718 4648 TDTCP - ok
15:42:15.0767 4648 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:42:15.0774 4648 tdx - ok
15:42:15.0833 4648 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:42:15.0842 4648 TermDD - ok
15:42:15.0934 4648 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:42:15.0939 4648 tssecsrv - ok
15:42:16.0018 4648 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:42:16.0026 4648 TsUsbFlt - ok
15:42:16.0087 4648 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:42:16.0095 4648 tunnel - ok
15:42:16.0214 4648 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS
15:42:16.0221 4648 TVICHW64 - ok
15:42:16.0272 4648 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:42:16.0280 4648 uagp35 - ok
15:42:16.0353 4648 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:42:16.0370 4648 udfs - ok
15:42:16.0436 4648 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:42:16.0446 4648 uliagpkx - ok
15:42:16.0510 4648 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
15:42:16.0518 4648 umbus - ok
15:42:16.0551 4648 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
15:42:16.0556 4648 UmPass - ok
15:42:16.0633 4648 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:42:16.0641 4648 USBAAPL64 - ok
15:42:16.0694 4648 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:42:16.0702 4648 usbccgp - ok
15:42:16.0751 4648 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:42:16.0766 4648 usbcir - ok
15:42:16.0803 4648 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:42:16.0810 4648 usbehci - ok
15:42:16.0847 4648 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:42:16.0869 4648 usbhub - ok
15:42:16.0923 4648 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:42:16.0928 4648 usbohci - ok
15:42:16.0966 4648 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:42:16.0971 4648 usbprint - ok
15:42:17.0002 4648 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:42:17.0009 4648 usbscan - ok
15:42:17.0055 4648 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:42:17.0064 4648 USBSTOR - ok
15:42:17.0113 4648 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:42:17.0119 4648 usbuhci - ok
15:42:17.0173 4648 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:42:17.0184 4648 usbvideo - ok
15:42:17.0379 4648 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:42:17.0386 4648 vdrvroot - ok
15:42:17.0452 4648 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:42:17.0458 4648 vga - ok
15:42:17.0486 4648 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:42:17.0491 4648 VgaSave - ok
15:42:17.0548 4648 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:42:17.0561 4648 vhdmp - ok
15:42:17.0629 4648 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:42:17.0635 4648 viaide - ok
15:42:17.0694 4648 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:42:17.0702 4648 volmgr - ok
15:42:17.0768 4648 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:42:17.0773 4648 volmgrx - ok
15:42:17.0834 4648 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:42:17.0849 4648 volsnap - ok
15:42:17.0886 4648 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:42:17.0895 4648 vsmraid - ok
15:42:18.0010 4648 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:42:18.0017 4648 vwifibus - ok
15:42:18.0044 4648 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:42:18.0052 4648 vwififlt - ok
15:42:18.0105 4648 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:42:18.0110 4648 WacomPen - ok
15:42:18.0172 4648 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:42:18.0182 4648 WANARP - ok
15:42:18.0195 4648 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:42:18.0197 4648 Wanarpv6 - ok
15:42:18.0321 4648 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:42:18.0328 4648 Wd - ok
15:42:18.0387 4648 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:42:18.0420 4648 Wdf01000 - ok
15:42:18.0477 4648 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:42:18.0481 4648 WfpLwf - ok
15:42:18.0501 4648 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:42:18.0506 4648 WIMMount - ok
15:42:18.0663 4648 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:42:18.0672 4648 WinUsb - ok
15:42:18.0769 4648 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:42:18.0773 4648 WmiAcpi - ok
15:42:18.0858 4648 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:42:18.0863 4648 ws2ifsl - ok
15:42:18.0931 4648 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
15:42:18.0937 4648 WSDPrintDevice - ok
15:42:19.0039 4648 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:42:19.0048 4648 WudfPf - ok
15:42:19.0080 4648 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:42:19.0091 4648 WUDFRd - ok
15:42:19.0155 4648 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
15:42:19.0159 4648 yukonw7 - ok
15:42:19.0208 4648 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:42:19.0224 4648 \Device\Harddisk0\DR0 - ok
15:42:19.0228 4648 Boot (0x1200) (b0c30b7d38e347aa3af01c796042eba9) \Device\Harddisk0\DR0\Partition0
15:42:19.0229 4648 \Device\Harddisk0\DR0\Partition0 - ok
15:42:19.0248 4648 Boot (0x1200) (b174cd5e3eeec78c72f6efb09bb45cf2) \Device\Harddisk0\DR0\Partition1
15:42:19.0249 4648 \Device\Harddisk0\DR0\Partition1 - ok
15:42:19.0250 4648 ============================================================
15:42:19.0250 4648 Scan finished
15:42:19.0250 4648 ============================================================
15:42:19.0260 5016 Detected object count: 1
15:42:19.0260 5016 Actual detected object count: 1
15:42:29.0735 5016 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:42:29.0735 5016 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
0
Réponse 4 / 45
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 4 795
20 nov. 2011 à 15:50
Hum bizarre ...

Nous allons effectuer un diagnostic de ton PC:

Télécharge ZHPDiag

▶ Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et "Exécuter ZHPDiag"

▶ Clique sur l'icône représentant un tournevis vert et coche tout, puis sur l'icone représentant une loupe (« Lancer le diagnostic »)

▶ Durant le scan, accepte l'installation de SigCheck

▶ Une fois le scan aux 100%, ferme ZHPDiag. Héberge le rapport ZHPDiag.txt présent sur ton bureau.

Voici comment procéder

▶ Rends toi sur pjjoint.malekal.com
▶ Clique sur le bouton Parcourir
▶ Sélectionne le fichier que tu veux héberger et clique sur Ouvrir
▶ Clique sur le bouton Envoyer
▶ Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015

▶ Copie le lien dans ta prochaine réponse.

Tutoriel : http://forums-fec.be/entraide/viewtopic.php?f=55&t=13

A bientôt.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 45
Signa1
20 nov. 2011 à 16:49
Rebonjour,

Le scan ZHPdiag a pris un peu de temps, voici le lien vers le résultat :

http://pjjoint.malekal.com/files.php?id=ZHPDiag_j6p7d14u10c14t13d10y5p8r13s15o5p5y7w15w5j10b10p15p8
0
Réponse 6 / 45
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 4 795
20 nov. 2011 à 17:02
▶ Copie tout le texte présent dans la balise code ci-dessous ( tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C ) 

[HKLM\Software\Freecorder]    => Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1392B8D2-5C05-419F-A8F6-B9F15A596612}]    => Conduit Freecorder Toolbar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612}]    => Conduit Freecorder Toolbar
[HKLM\Software\WOW6432Node\Classes\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612}]    => Conduit Freecorder Toolbar
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392B8D2-5C05-419F-A8F6-B9F15A596612}]    => Conduit Freecorder Toolbar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}]    => Toolbar.Conduit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecorder    => Toolbar.Conduit
O17 - HKLM\System\CCS\Services\Tcpip\..\{D61CA8A8-A9C5-4B05-8B5C-1FF6CD0702CA}: DhcpDomain = rooms.iriga    => ZHPHosts Unknown Domain
O17 - HKLM\System\CS1\Services\Tcpip\..\{D61CA8A8-A9C5-4B05-8B5C-1FF6CD0702CA}: DhcpDomain = rooms.iriga    => ZHPHosts Unknown Domain
O17 - HKLM\System\CS2\Services\Tcpip\..\{D61CA8A8-A9C5-4B05-8B5C-1FF6CD0702CA}: DhcpDomain = rooms.iriga    => ZHPHosts Unknown Domain
EMPTYTEMP
EMPTYFLASH


▶ Puis Lance ZHPFix depuis le raccourci du bureau .

▶ Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ).

▶ Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitre.

▶ Vérifie que toutes les lignes que je t''ai demandé de copier (et seulement elles) sont dans la fenêtre.

▶ Clique sur le bouton « GO » pour lancer le nettoyage

▶ Copie/Colle le rapport à l''écran dans ton prochain message

Note : le rapport se trouve aussi dans C:\ZHP sous le nom de ZHPFix[Rx].txt (où X correspond au numéro du lancement de ZHPFix)

Tutoriel : http://forums-fec.be/entraide/viewtopic.php?f=55&t=12
0
Réponse 7 / 45
Signa1
20 nov. 2011 à 17:12
Voici le rapport ZHPFix :



Rapport de ZHPFix 1.12.3371 par Nicolas Coolman, Update du 18/11/2011
Fichier d'export Registre :
Run by Jean at 20/11/2011 17:10:13
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
ABSENT Key: HKLM\Software\Freecorder
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
SUPPRIME Key: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

========== Valeur(s) du Registre ==========
ABSENT TCPIP:

========== Dossier(s) ==========
SUPPRIME Folder: c:\programdata\microsoft\windows\start menu\programs\freecorder
SUPPRIME Temporaires Windows: : 88
SUPPRIME Flash Cookies: 65

========== Fichier(s) ==========
SUPPRIME Temporaires Windows: : 446
SUPPRIME Flash Cookies: 26


========== Récapitulatif ==========
6 : Clé(s) du Registre
1 : Valeur(s) du Registre
3 : Dossier(s)
2 : Fichier(s)


End of clean in 00mn 19s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 20/11/2011 17:10:13 [1488]
0
Réponse 8 / 45
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 4 795
20 nov. 2011 à 17:14
bien navigue un peu voir si y'a du changement.
0
Réponse 9 / 45
Signa1
20 nov. 2011 à 17:17
J'ai toujours des redirections...
0
Réponse 10 / 45
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 4 795
20 nov. 2011 à 17:18
▶ Fais un clic droit sur le lien ci dessous, choisi "Enregistrer la cible du lien sous", comme destination : ton Bureau, change son nom (ton_pseudo.exe par exemple) :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

▶ Double-clique sur ComboFix.exe

♦ Ne touche à rien (souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

▶ En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.</gras>
▶ Une fois le scan achevé, un rapport va s''afficher : Poste son contenu

Notes:
♦ Le rapport se trouve également là : C:\ComboFix.txt
tutoriel combofix
0
Réponse 11 / 45
Utilisateur anonyme
20 nov. 2011 à 17:35
Bon, et bien bonne chance !
0
Réponse 12 / 45
Signa1
20 nov. 2011 à 18:39
Rebonjour,

Voici le rapport Combofix.txt :

ComboFix 11-11-20.01 - Jean 20/11/2011 17:35:03.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3950.2105 [GMT 1:00]
Lancé depuis: c:\users\Jean\Desktop\Signa1.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_COMSysApp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-10-20 au 2011-11-20 ))))))))))))))))))))))))))))))))))))
.
.
2011-11-20 17:07 . 2011-11-20 17:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-20 15:39 . 2011-11-20 15:39 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-11-20 14:57 . 2011-11-20 16:10 -------- d-----w- C:\ZHP
2011-11-20 14:57 . 2011-11-20 15:39 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-11-19 19:06 . 2011-11-19 21:59 -------- d-----w- c:\users\Jean\AppData\Roaming\vlc
2011-11-18 16:32 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CD27080F-881A-4EB5-B89A-FD5F50FBEF97}\mpengine.dll
2011-11-18 16:23 . 2011-11-18 16:23 -------- d-----w- c:\windows\Options
2011-11-18 16:23 . 2010-01-05 18:23 1847296 ----a-w- c:\windows\system32\drivers\athurx.sys
2011-11-18 16:23 . 2010-01-05 18:23 1847296 ----a-r- c:\windows\system32\athurx.sys
2011-11-18 16:22 . 2011-11-18 16:22 -------- d-----w- c:\programdata\TP-LINK
2011-11-15 19:12 . 2011-11-15 19:12 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-11-15 16:58 . 2011-11-15 16:58 -------- d-----w- c:\program files\CCleaner
2011-11-15 07:31 . 2011-11-15 07:31 -------- d-----w- c:\windows\system32\Macromed
2011-11-13 13:18 . 2011-11-13 13:18 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-11-13 13:18 . 2011-11-13 13:18 -------- d-----w- c:\programdata\Hitman Pro
2011-11-13 13:09 . 2006-06-19 12:01 69632 ----a-w- c:\windows\SysWow64\ztvcabinet.dll
2011-11-13 13:09 . 2006-05-25 14:52 162304 ----a-w- c:\windows\SysWow64\ztvunrar36.dll
2011-11-13 13:09 . 2005-08-26 00:50 77312 ----a-w- c:\windows\SysWow64\ztvunace26.dll
2011-11-13 13:09 . 2003-02-02 19:06 153088 ----a-w- c:\windows\SysWow64\UNRAR3.dll
2011-11-13 13:09 . 2002-03-06 00:00 75264 ----a-w- c:\windows\SysWow64\unacev2.dll
2011-11-13 00:45 . 2011-11-13 00:45 -------- d-----w- c:\users\Jean\AppData\Roaming\Malwarebytes
2011-11-13 00:45 . 2011-11-13 00:45 -------- d-----w- c:\programdata\Malwarebytes
2011-11-13 00:45 . 2011-11-13 00:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-09 11:44 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 11:44 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 11:44 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 11:44 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-11-03 14:55 . 2004-10-04 15:57 61440 ----a-w- c:\windows\SysWow64\W32N50.dll
2011-11-03 14:55 . 2004-10-04 15:57 16292 ----a-w- c:\windows\SysWow64\PCANDIS5.SYS
2011-11-03 14:55 . 2004-10-04 15:57 15577 ----a-w- c:\windows\SysWow64\PCANDIS3.VXD
2011-11-03 14:55 . 2011-11-03 14:55 -------- d-----w- c:\program files (x86)\NETGEAR
2011-11-03 13:48 . 2011-11-12 21:42 -------- d-----w- c:\users\Jean\AppData\Local\MetaGeek,_LLC
2011-11-03 13:45 . 2011-11-03 13:45 -------- d-----w- c:\program files\MetaGeek
2011-10-25 11:29 . 2011-01-20 22:41 -------- d-----w- c:\program files\Thomson-WLG-1500-WinXP.Vista.Win7
2011-10-25 11:29 . 2005-01-07 15:14 39424 ----a-w- c:\windows\system32\unwlsdrv.exe
2011-10-21 19:52 . 2011-10-21 19:52 -------- d-----w- C:\SPLASH.SYS
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-15 07:31 . 2011-05-17 06:46 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-03 04:06 . 2010-06-14 19:51 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-01 13:21 . 2010-11-04 06:04 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-09-01 13:21 . 2010-06-14 19:24 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-09-01 05:24 . 2011-10-12 22:54 2309120 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-12 22:54 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-12 22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-12 22:54 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-12 22:54 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-12 22:54 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-08-30 21:05 . 2011-08-30 21:05 96104 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-30 21:05 . 2011-08-30 21:05 85864 ----a-w- c:\windows\system32\dnssd.dll
2011-08-30 21:05 . 2011-08-30 21:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-30 21:05 . 2011-08-30 21:05 212840 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-30 21:05 . 2011-08-30 21:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-08-30 21:05 . 2011-08-30 21:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-08-30 21:05 . 2011-08-30 21:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-08-30 21:05 . 2011-08-30 21:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-08-27 05:37 . 2011-10-12 06:45 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-12 06:45 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-12 06:45 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:26 . 2011-10-12 06:45 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-01-21 597792]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-02-17 26624]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-09-07 40376]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
"Mobile Connectivity Suite"="c:\program files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-11-19 598016]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-17 133104]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-06-19 1038088]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys [x]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TVICHW64;TVICHW64;c:\windows\system32\DRIVERS\TVICHW64.SYS [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;Prise en charge de l'impression WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-04-20 1021840]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'
.
2011-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-17 05:41]
.
2011-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-17 05:41]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"combofix"="c:\signa1\CF32560.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.55.55
FF - ProfilePath - c:\users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\bdgsdqpc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
c:\program files (x86)\Common Files\Teleca Shared\logger.exe
c:\program files (x86)\Common Files\Teleca Shared\Generic.exe
c:\program files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
c:\program files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
c:\program files (x86)\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
c:\program files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
c:\program files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
c:\program files\Sony\VAIO Care\listener.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
.
**************************************************************************
.
Heure de fin: 2011-11-20 18:34:53 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-11-20 17:34
.
Avant-CF: 202 297 356 288 octets libres
Après-CF: 201 650 208 768 octets libres
.
- - End Of File - - BA81BAA65912C61C97E17321B2941C77
0
Réponse 13 / 45
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 4 795
20 nov. 2011 à 18:42
fais analyser le fichier suivant sur virustotal :
c:\signa1\CF32560.3XE
0
Réponse 14 / 45
Signa1
20 nov. 2011 à 18:47
Aucun résultat (Result: 0/ 42 (0.0%)) :

http://www.virustotal.com/file-scan/report.html?id=db06c3534964e3fc79d2763144ba53742d7fa250ca336f4a0fe724b75aaff386-1321810809
0
Réponse 15 / 45
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 4 795
20 nov. 2011 à 20:07
Mmmmh ...

▶ Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu''administrateur)

▶ Lance OTL
▶ Sous Personnalisation, copie-colle ce qu''il y a dans le cadre ci-dessous : 
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c

▶ Clique sur le bouton Analyse.
▶ Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
0
Réponse 16 / 45
Signa1
20 nov. 2011 à 20:48
Voici le lien vers OTL.txt :
http://pjjoint.malekal.com/files.php?id=o9k11f10e7s6r15h78v8c15r14s11g13o7p5t10q11z15f9z7

Et celui vers Extras.txt :
http://pjjoint.malekal.com/files.php?id=8u15g7q13m9v9t15m6s7q8d9b14h14k98d11g14y12f12v14
0
Réponse 17 / 45
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 4 795
20 nov. 2011 à 21:03
Y'a plus d'infection selon l'OTL.

▶ ▶ Désactive tes protections
▶ Télécharge ici : MBR_Repair (par gen-hackman)
▶ Enregistre-le sur ton bureau ,
▶ Lance-le , choisis "Verify"

MBR_Verify.txt se mettra sur ton bureau, poste ici son contenu
0
Réponse 18 / 45
Signa1
20 nov. 2011 à 21:08
Voici le contenu de MBR_Verify.txt :

¤¤¤¤¤¤¤¤¤ MBR_Repair | Verify ¤¤¤¤¤¤¤¤¤¤

Utilisateur : Jean (Administrateurs)
Ordinateur : JEAN

Système d'exploitation : Windows 7 Home Premium (64 bits)

Scan : 21:07:00 | 20/11/2011

Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Sony Corporation
System Product Name: VPCEB1M1E
Logical Drives Mask: 0x0000007c

Analysis of file "MBR.bin":
Could not open file (2)!
0
Réponse 19 / 45
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 4 795
20 nov. 2011 à 21:08
pas bon signe ça

▶ Télécharger, sur le Bureau, MBRCheck (par a_d_13) en cliquant sur l''un de ces liens:

* http://www.geekstogo.com/forum/files/file/441-mbrcheck/
* https://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe
* http://www.kernelmode.info/MBRCheck.exe

▶ Fermer tout et cliquer sur MBRCheck.exe

▶ Un rapport s''ouvre en fin de scan et sera automatiquement enregistré sur le Bureau. Il sera du type MBRCheck_AA.JJ.MM_hh.mm.ss.txt -> poste son contenu
0
Réponse 20 / 45
Signa1
20 nov. 2011 à 21:13
Ok, voici le résultat :



MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Sony Corporation
System Product Name: VPCEB1M1E
Logical Drives Mask: 0x0000007c

Kernel Drivers (total 199):
0x03013000 \SystemRoot\system32\ntoskrnl.exe
0x035FC000 \SystemRoot\system32\hal.dll
0x00B9C000 \SystemRoot\system32\kdcom.dll
0x00C18000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C67000 \SystemRoot\system32\PSHED.dll
0x00C7B000 \SystemRoot\system32\CLFS.SYS
0x00CD9000 \SystemRoot\system32\CI.dll
0x00E20000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EC4000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00ED3000 \SystemRoot\System32\Drivers\spfy.sys
0x00E00000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x00D99000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x01081000 \SystemRoot\system32\drivers\ACPI.sys
0x010D8000 \SystemRoot\system32\drivers\msisadrv.sys
0x010E2000 \SystemRoot\system32\drivers\vdrvroot.sys
0x010EF000 \SystemRoot\system32\drivers\pci.sys
0x01122000 \SystemRoot\System32\drivers\partmgr.sys
0x01137000 \SystemRoot\system32\drivers\compbatt.sys
0x01140000 \SystemRoot\system32\drivers\BATTC.SYS
0x0114C000 \SystemRoot\system32\drivers\volmgr.sys
0x01161000 \SystemRoot\System32\drivers\volmgrx.sys
0x011BD000 \SystemRoot\System32\drivers\mountmgr.sys
0x012B9000 \SystemRoot\system32\drivers\iaStor.sys
0x014C1000 \SystemRoot\system32\drivers\amdxata.sys
0x014CC000 \SystemRoot\system32\drivers\fltmgr.sys
0x01518000 \SystemRoot\system32\drivers\fileinfo.sys
0x0152C000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01651000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01538000 \SystemRoot\System32\Drivers\msrpc.sys
0x01600000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01200000 \SystemRoot\System32\Drivers\cng.sys
0x0161B000 \SystemRoot\System32\drivers\pcw.sys
0x0162C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0183F000 \SystemRoot\system32\drivers\ndis.sys
0x01932000 \SystemRoot\system32\drivers\NETIO.SYS
0x01992000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01A10000 \SystemRoot\System32\drivers\tcpip.sys
0x01C14000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01C5E000 \SystemRoot\system32\drivers\volsnap.sys
0x01CAA000 \SystemRoot\System32\Drivers\spldr.sys
0x01CB2000 \SystemRoot\SysWOW64\speedfan.sys
0x01CB9000 \SystemRoot\System32\drivers\rdyboost.sys
0x01CF3000 \SystemRoot\System32\Drivers\mup.sys
0x01D05000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01D0E000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01D48000 \SystemRoot\system32\drivers\disk.sys
0x01D5E000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x04620000 \SystemRoot\system32\drivers\cdrom.sys
0x0464A000 \SystemRoot\System32\Drivers\Null.SYS
0x04653000 \SystemRoot\System32\Drivers\Beep.SYS
0x0465A000 \SystemRoot\System32\drivers\vga.sys
0x04668000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x0468D000 \SystemRoot\System32\drivers\watchdog.sys
0x0469D000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x046A6000 \SystemRoot\system32\drivers\rdpencdd.sys
0x046AF000 \SystemRoot\system32\drivers\rdprefmp.sys
0x046B8000 \SystemRoot\System32\Drivers\Msfs.SYS
0x046C3000 \SystemRoot\System32\Drivers\Npfs.SYS
0x046D4000 \SystemRoot\system32\DRIVERS\tdx.sys
0x046F6000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x04703000 \SystemRoot\system32\drivers\afd.sys
0x0478C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x047D1000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x047DA000 \SystemRoot\system32\DRIVERS\pacer.sys
0x01D9C000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x01DB2000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01DC1000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x01DDC000 \SystemRoot\system32\drivers\termdd.sys
0x01596000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x01DF0000 \SystemRoot\system32\drivers\nsiproxy.sys
0x01A00000 \SystemRoot\system32\drivers\mssmbios.sys
0x019BD000 \SystemRoot\System32\drivers\discache.sys
0x019CC000 \SystemRoot\System32\Drivers\dfsc.sys
0x019EA000 \SystemRoot\system32\drivers\blbdrive.sys
0x01800000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x01272000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x01000000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x04C03000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x052AF000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x053A3000 \SystemRoot\System32\drivers\dxgmms1.sys
0x01036000 \SystemRoot\system32\drivers\HDAudBus.sys
0x053E9000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x01824000 \SystemRoot\system32\drivers\usbehci.sys
0x048D6000 \SystemRoot\system32\drivers\USBPORT.SYS
0x05401000 \SystemRoot\system32\DRIVERS\athrx.sys
0x0557E000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x0558B000 \SystemRoot\system32\drivers\sdbus.sys
0x055AB000 \SystemRoot\system32\drivers\rimssne64.sys
0x055CB000 \SystemRoot\system32\drivers\risdsne64.sys
0x0492C000 \SystemRoot\system32\DRIVERS\yk62x64.sys
0x04991000 \SystemRoot\system32\drivers\i8042prt.sys
0x055E3000 \SystemRoot\system32\drivers\kbdclass.sys
0x049AF000 \SystemRoot\system32\drivers\Apfiltr.sys
0x04800000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x055F2000 \SystemRoot\system32\drivers\SFEP.sys
0x0480F000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x0481C000 \SystemRoot\System32\Drivers\ab42l6er.SYS
0x04861000 \SystemRoot\system32\drivers\intelppm.sys
0x055F5000 \SystemRoot\system32\drivers\CmBatt.sys
0x04877000 \SystemRoot\system32\drivers\CompositeBus.sys
0x04887000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x0489D000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x048C1000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x00DC8000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x01636000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x01298000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0105A000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x055FA000 \SystemRoot\system32\drivers\swenum.sys
0x056E4000 \SystemRoot\system32\drivers\ks.sys
0x05727000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05739000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05793000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x057A8000 \SystemRoot\system32\drivers\RtHDMIVX.sys
0x05600000 \SystemRoot\system32\drivers\portcls.sys
0x0563D000 \SystemRoot\system32\drivers\drmk.sys
0x0565F000 \SystemRoot\system32\drivers\ksthunk.sys
0x06216000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x06431000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0644E000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x06450000 \SystemRoot\System32\Drivers\usbvideo.sys
0x0647E000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
0x06488000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x06496000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x064AF000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x064B8000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00000000 \SystemRoot\System32\win32k.sys
0x064C5000 \SystemRoot\System32\drivers\Dxapi.sys
0x064D1000 \SystemRoot\System32\Drivers\crashdmp.sys
0x04400000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x064DF000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x064F2000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004A0000 \SystemRoot\System32\TSDDD.dll
0x00640000 \SystemRoot\System32\cdd.dll
0x00970000 \SystemRoot\System32\ATMFD.DLL
0x06500000 \SystemRoot\system32\drivers\luafv.sys
0x06523000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x06542000 \SystemRoot\system32\drivers\WudfPf.sys
0x06563000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x06578000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x065CB000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x065DE000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x07A21000 \SystemRoot\system32\drivers\HTTP.sys
0x07AEA000 \SystemRoot\system32\DRIVERS\bowser.sys
0x07B08000 \SystemRoot\System32\drivers\mpsdrv.sys
0x07B20000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x07B4D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x07B9B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07BBF000 \SystemRoot\System32\Drivers\adfs.SYS
0x080F9000 \SystemRoot\system32\drivers\peauth.sys
0x0819F000 \SystemRoot\System32\Drivers\secdrv.SYS
0x081AA000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x081DB000 \SystemRoot\System32\drivers\tcpipreg.sys
0x08000000 \SystemRoot\System32\DRIVERS\srv2.sys
0x094F8000 \SystemRoot\System32\DRIVERS\srv.sys
0x09590000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x09471000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
0x09479000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x09484000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x0949F000 \SystemRoot\System32\Drivers\fastfat.SYS
0x773C0000 \Windows\System32\ntdll.dll
0x483D0000 \Windows\System32\smss.exe
0xFF6E0000 \Windows\System32\apisetschema.dll
0xFFB50000 \Windows\System32\autochk.exe
0xFF630000 \Windows\System32\comdlg32.dll
0xFF520000 \Windows\System32\msctf.dll
0xFF4D0000 \Windows\System32\ws2_32.dll
0xFF4A0000 \Windows\System32\imm32.dll
0x772C0000 \Windows\System32\user32.dll
0xFF430000 \Windows\System32\gdi32.dll
0xFF390000 \Windows\System32\msvcrt.dll
0xFE600000 \Windows\System32\shell32.dll
0xFE5F0000 \Windows\System32\lpk.dll
0xFE570000 \Windows\System32\shlwapi.dll
0xFE440000 \Windows\System32\rpcrt4.dll
0x770B0000 \Windows\System32\iertutil.dll
0xFE360000 \Windows\System32\oleaut32.dll
0xFE340000 \Windows\System32\sechost.dll
0x76F50000 \Windows\System32\wininet.dll
0xFE2A0000 \Windows\System32\clbcatq.dll
0xFE0C0000 \Windows\System32\setupapi.dll
0xFDFF0000 \Windows\System32\usp10.dll
0x76E00000 \Windows\System32\urlmon.dll
0x77590000 \Windows\System32\psapi.dll
0x76CE0000 \Windows\System32\kernel32.dll
0xFDFD0000 \Windows\System32\imagehlp.dll
0xFDFC0000 \Windows\System32\nsi.dll
0xFDF40000 \Windows\System32\difxapi.dll
0x77580000 \Windows\System32\normaliz.dll
0xFDE60000 \Windows\System32\advapi32.dll
0xFDE00000 \Windows\System32\Wldap32.dll
0xFDBF0000 \Windows\System32\ole32.dll
0xFDBB0000 \Windows\System32\cfgmgr32.dll
0xFDB40000 \Windows\System32\KernelBase.dll
0xFDB00000 \Windows\System32\wintrust.dll
0xFD990000 \Windows\System32\crypt32.dll
0xFD8F0000 \Windows\System32\comctl32.dll
0xFD8D0000 \Windows\System32\devobj.dll
0xFD8C0000 \Windows\System32\msasn1.dll
0x74F20000 \Windows\SysWOW64\normaliz.dll

Processes (total 103):
0 System Idle Process
4 System
332 C:\Windows\System32\smss.exe
508 csrss.exe
572 C:\Windows\System32\wininit.exe
596 csrss.exe
628 C:\Windows\System32\services.exe
644 C:\Windows\System32\lsass.exe
652 C:\Windows\System32\lsm.exe
732 C:\Windows\System32\winlogon.exe
808 C:\Windows\System32\svchost.exe
892 C:\Windows\System32\svchost.exe
940 C:\Windows\System32\atiesrxx.exe
116 C:\Windows\System32\svchost.exe
408 C:\Windows\System32\svchost.exe
528 C:\Windows\System32\svchost.exe
1052 C:\Windows\System32\svchost.exe
1148 C:\Windows\System32\svchost.exe
1392 C:\Windows\System32\atieclxx.exe
1492 C:\Windows\System32\spoolsv.exe
1520 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1568 C:\Windows\System32\svchost.exe
1700 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1728 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1784 C:\Program Files\Bonjour\mDNSResponder.exe
1820 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
1884 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
1924 C:\Windows\System32\conhost.exe
1960 C:\Windows\SysWOW64\svchost.exe
1228 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1208 C:\Windows\System32\svchost.exe
2024 C:\Windows\System32\taskhost.exe
2064 C:\Windows\System32\dwm.exe
2072 C:\Windows\System32\taskeng.exe
2132 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2140 C:\Windows\System32\taskeng.exe
2232 C:\Windows\explorer.exe
2412 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
2592 C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
2616 C:\Windows\System32\svchost.exe
2656 C:\Windows\System32\svchost.exe
2700 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
2744 C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
2780 C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
2808 C:\Windows\System32\svchost.exe
2868 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2884 C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
2896 dllhost.exe
2976 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
3028 C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
3084 WmiPrvSE.exe
3552 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3692 C:\Windows\System32\SearchIndexer.exe
3760 C:\Program Files\Sony\VAIO Power Management\SPMService.exe
3796 C:\Windows\System32\svchost.exe
3852 C:\Windows\System32\svchost.exe
120 WUDFHost.exe
1176 C:\Windows\System32\svchost.exe
3056 C:\Program Files\Apoint\Apoint.exe
4112 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
4236 C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
4364 C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
4528 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
4660 C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
4736 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
4752 C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe
4836 C:\Program Files\Apoint\ApMsgFwd.exe
4844 C:\Program Files (x86)\iTunes\iTunesHelper.exe
4872 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4932 C:\Program Files\Apoint\ApntEx.exe
4948 C:\Windows\System32\conhost.exe
4980 C:\Program Files\Apoint\Apvfb.exe
5032 C:\Windows\System32\taskeng.exe
5040 C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
1852 C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
4376 C:\Program Files\iPod\bin\iPodService.exe
2668 C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
4800 C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
1248 C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
256 C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
4212 C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\dbgout.exe
3900 C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
4720 C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
2880 C:\Program Files\Sony\VAIO Care\VCPerfService.exe
5540 C:\Program Files\Sony\VAIO Care\listener.exe
5768 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
1360 C:\Program Files\Windows Media Player\wmpnetwk.exe
5680 C:\Program Files\Sony\VAIO Care\VCsystray.exe
5820 C:\Program Files\Sony\VAIO Care\VCService.exe
5828 C:\Program Files\Sony\VAIO Care\VCAgent.exe
5928 C:\Windows\System32\vds.exe
6044 C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
2060 C:\Program Files\Sony\VAIO Care\Admload.exe
5388 C:\Windows\System32\audiodg.exe
4592 C:\Program Files (x86)\Internet Explorer\iexplore.exe
5564 C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
3656 C:\Windows\System32\SearchProtocolHost.exe
4252 C:\Windows\System32\SearchFilterHost.exe
4712 C:\Windows\System32\SearchProtocolHost.exe
1076 dllhost.exe
3164 dllhost.exe
4288 C:\Users\Jean\Desktop\MBRCheck.exe
3304 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002'a6100000 (NTFS)

PhysicalDrive0 Model Number: WDCWD5000BEVT-26A0RT0, Rev: 01.01A01

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
0

Discussions similaires

Prélèvement Google Ireland Limited
jaffa1961 -
gill34051 -

32 réponses