Redirection via la barre d'outil google Résolu/Fermé

Question

Bonjour, 

voilà, j'ai récemment désinstaller de nombreux logiciels volumineux pour liberer de la place sur mon pc, et je pense que c'est suite à ça que mon pare feu a eu une defaillance, ce dernier refusant de se lancer. Le temps que je m'en rende compte je m'etait déja choppé un (ou plusieur?) virus. J'ai donc essayé de relancer le pare-feu mais impossible, en dépit de cela j'ai installer Comodo. Mais j'ai toujours un virus subsistant, apparement du moins, car en fait, je me retrouve souvent, suite à une recherche via la barre d'outil google, redirigé sur un autre moteur de recherche. Je m'explique: Je tape une recherche dans la barre d'outil google (sur IE9), google m'affiche ses résultat, je clique sur celui souhaité, le site s'ouvre, et une fraction de seconde plus tard, je suis redirigé sur un autre moteur de recherche (aléatoire apparement), comprenant les termes que j'ai rentré sur la google toolbar. Ce n'est pas systématique, mais sa arrive regulierement... Le seul site que je me rappelle etre tombé plusieur fois dessus est adiboo.com. J'ai déja reinstaller Google Toolbar mais sa n'a rien changé... AVG et Malwarebyte's n'ont rien trouvé...

Si quelqu'un peut m'aider, j'en serais grandement reconnaissant :)

Configuration: Windows 7 / Internet Explorer 9.0

Malekal_morte- · Answer

Salut,

Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Lire ce qui est écrit au niveau des suppressions/réparation (delete et cure), ne pas supprimer n'importe quoi.
Poste le rapport ici.

hcase · Answer

Je l'ai fais, et il a détecté quelque chose dans tdx.sys (dans win32/driver), et cela me rappelle que pendant un temps, AVG me le detectait comme un virus mais il était incappable de corriger le probleme, et apparement, TDSSKiller à reussi a le neutraliser. Voici le rapport: 

18:59:47.0919 4492	TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
18:59:48.0063 4492	============================================================
18:59:48.0063 4492	Current date / time: 2011/11/27 18:59:48.0063
18:59:48.0063 4492	SystemInfo:
18:59:48.0063 4492	
18:59:48.0063 4492	OS Version: 6.1.7600 ServicePack: 0.0
18:59:48.0063 4492	Product type: Workstation
18:59:48.0063 4492	ComputerName: MAROON-PC
18:59:48.0063 4492	UserName: Maroon
18:59:48.0063 4492	Windows directory: C:\Windows
18:59:48.0063 4492	System windows directory: C:\Windows
18:59:48.0063 4492	Processor architecture: Intel x86
18:59:48.0063 4492	Number of processors: 4
18:59:48.0063 4492	Page size: 0x1000
18:59:48.0063 4492	Boot type: Normal boot
18:59:48.0063 4492	============================================================
18:59:50.0325 4492	Initialize success
19:03:32.0469 6316	============================================================
19:03:32.0469 6316	Scan started
19:03:32.0469 6316	Mode: Manual; 
19:03:32.0469 6316	============================================================
19:03:35.0097 6316	1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
19:03:35.0100 6316	1394ohci - ok
19:03:35.0116 6316	ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
19:03:35.0119 6316	ACPI - ok
19:03:35.0144 6316	AcpiPmi         (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
19:03:35.0147 6316	AcpiPmi - ok
19:03:35.0214 6316	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:03:35.0219 6316	adp94xx - ok
19:03:35.0241 6316	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:03:35.0245 6316	adpahci - ok
19:03:35.0259 6316	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:03:35.0261 6316	adpu320 - ok
19:03:35.0295 6316	AFD             (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
19:03:35.0301 6316	AFD - ok
19:03:35.0313 6316	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
19:03:35.0315 6316	agp440 - ok
19:03:35.0335 6316	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:03:35.0338 6316	aic78xx - ok
19:03:35.0367 6316	AirDisplay      (33788786018c2f99b1a7cc5122fe749a) C:\Windows\system32\DRIVERS\AVVideoCard.sys
19:03:35.0432 6316	AirDisplay - ok
19:03:35.0488 6316	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
19:03:35.0490 6316	aliide - ok
19:03:35.0517 6316	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
19:03:35.0519 6316	amdagp - ok
19:03:35.0530 6316	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
19:03:35.0532 6316	amdide - ok
19:03:35.0544 6316	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:03:35.0546 6316	AmdK8 - ok
19:03:35.0569 6316	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:03:35.0574 6316	AmdPPM - ok
19:03:35.0618 6316	amdsata         (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
19:03:35.0620 6316	amdsata - ok
19:03:35.0633 6316	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:03:35.0636 6316	amdsbs - ok
19:03:35.0647 6316	amdxata         (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
19:03:35.0649 6316	amdxata - ok
19:03:35.0668 6316	AppID           (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
19:03:35.0670 6316	AppID - ok
19:03:35.0702 6316	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:03:35.0704 6316	arc - ok
19:03:35.0745 6316	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:03:35.0747 6316	arcsas - ok
19:03:35.0776 6316	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:03:35.0777 6316	AsyncMac - ok
19:03:35.0785 6316	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
19:03:35.0786 6316	atapi - ok
19:03:35.0838 6316	AVGIDSDriver    (f6878b90a8a9795116bce335238e65af) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
19:03:35.0840 6316	AVGIDSDriver - ok
19:03:35.0852 6316	AVGIDSEH        (19a08a6728a6e02099d64268218cd799) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
19:03:35.0854 6316	AVGIDSEH - ok
19:03:35.0888 6316	AVGIDSFilter    (f8927ab1dd086edeff2924a64dc89869) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
19:03:35.0890 6316	AVGIDSFilter - ok
19:03:35.0932 6316	AVGIDSShim      (dadca567891033dcf2ec4a3f9da46ae4) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
19:03:35.0933 6316	AVGIDSShim - ok
19:03:35.0958 6316	Avgldx86        (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
19:03:35.0962 6316	Avgldx86 - ok
19:03:36.0010 6316	Avgmfx86        (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
19:03:36.0012 6316	Avgmfx86 - ok
19:03:36.0066 6316	Avgrkx86        (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
19:03:36.0068 6316	Avgrkx86 - ok
19:03:36.0116 6316	Avgtdix         (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
19:03:36.0121 6316	Avgtdix - ok
19:03:36.0146 6316	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:03:36.0153 6316	b06bdrv - ok
19:03:36.0180 6316	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:03:36.0184 6316	b57nd60x - ok
19:03:36.0214 6316	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:03:36.0218 6316	Beep - ok
19:03:36.0249 6316	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:03:36.0252 6316	blbdrive - ok
19:03:36.0316 6316	bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
19:03:36.0325 6316	bowser - ok
19:03:36.0365 6316	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:03:36.0370 6316	BrFiltLo - ok
19:03:36.0481 6316	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:03:36.0555 6316	BrFiltUp - ok
19:03:36.0734 6316	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:03:36.0739 6316	Brserid - ok
19:03:36.0760 6316	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:03:36.0827 6316	BrSerWdm - ok
19:03:36.0913 6316	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:03:36.0927 6316	BrUsbMdm - ok
19:03:36.0969 6316	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:03:36.0971 6316	BrUsbSer - ok
19:03:37.0237 6316	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:03:37.0243 6316	BTHMODEM - ok
19:03:37.0452 6316	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:03:37.0455 6316	cdfs - ok
19:03:37.0554 6316	cdrom           (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
19:03:37.0558 6316	cdrom - ok
19:03:37.0792 6316	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:03:37.0962 6316	circlass - ok
19:03:38.0001 6316	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:03:38.0029 6316	CLFS - ok
19:03:38.0132 6316	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:03:38.0134 6316	CmBatt - ok
19:03:38.0207 6316	cmdGuard        (544747035c7fa83d9e9d0a13f6e58bc4) C:\Windows\system32\DRIVERS\cmdguard.sys
19:03:38.0213 6316	cmdGuard - ok
19:03:38.0239 6316	cmdHlp          (7faba2d3b4912b8762d1fec63ad12525) C:\Windows\system32\DRIVERS\cmdhlp.sys
19:03:38.0240 6316	cmdHlp - ok
19:03:38.0266 6316	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
19:03:38.0267 6316	cmdide - ok
19:03:38.0290 6316	CNG             (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
19:03:38.0295 6316	CNG - ok
19:03:38.0317 6316	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:03:38.0331 6316	Compbatt - ok
19:03:38.0368 6316	CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:03:38.0370 6316	CompositeBus - ok
19:03:38.0393 6316	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:03:38.0397 6316	crcdisk - ok
19:03:38.0437 6316	CSC             (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
19:03:38.0442 6316	CSC - ok
19:03:38.0489 6316	DfsC            (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
19:03:38.0491 6316	DfsC - ok
19:03:38.0514 6316	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:03:38.0516 6316	discache - ok
19:03:38.0547 6316	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:03:38.0549 6316	Disk - ok
19:03:38.0585 6316	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:03:38.0587 6316	drmkaud - ok
19:03:38.0632 6316	DXGKrnl         (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
19:03:38.0640 6316	DXGKrnl - ok
19:03:38.0704 6316	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:03:38.0756 6316	ebdrv - ok
19:03:38.0820 6316	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:03:38.0826 6316	elxstor - ok
19:03:38.0834 6316	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
19:03:38.0836 6316	ErrDev - ok
19:03:38.0865 6316	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:03:38.0868 6316	exfat - ok
19:03:38.0877 6316	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:03:38.0880 6316	fastfat - ok
19:03:38.0891 6316	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:03:38.0894 6316	fdc - ok
19:03:38.0909 6316	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:03:38.0911 6316	FileInfo - ok
19:03:38.0920 6316	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:03:38.0922 6316	Filetrace - ok
19:03:38.0950 6316	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:03:38.0952 6316	flpydisk - ok
19:03:38.0968 6316	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:03:38.0972 6316	FltMgr - ok
19:03:38.0994 6316	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:03:38.0996 6316	FsDepends - ok
19:03:39.0004 6316	Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
19:03:39.0006 6316	Fs_Rec - ok
19:03:39.0031 6316	fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
19:03:39.0034 6316	fvevol - ok
19:03:39.0050 6316	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:03:39.0052 6316	gagp30kx - ok
19:03:39.0104 6316	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:03:39.0106 6316	GEARAspiWDM - ok
19:03:39.0164 6316	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:03:39.0168 6316	hcw85cir - ok
19:03:39.0184 6316	HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
19:03:39.0189 6316	HdAudAddService - ok
19:03:39.0209 6316	HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:03:39.0211 6316	HDAudBus - ok
19:03:39.0227 6316	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:03:39.0229 6316	HidBatt - ok
19:03:39.0239 6316	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:03:39.0241 6316	HidBth - ok
19:03:39.0275 6316	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:03:39.0277 6316	HidIr - ok
19:03:39.0298 6316	HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
19:03:39.0299 6316	HidUsb - ok
19:03:39.0338 6316	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:03:39.0340 6316	HpSAMD - ok
19:03:39.0418 6316	HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
19:03:39.0425 6316	HTTP - ok
19:03:39.0445 6316	hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
19:03:39.0447 6316	hwpolicy - ok
19:03:39.0497 6316	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
19:03:39.0499 6316	i8042prt - ok
19:03:39.0540 6316	iaStorV         (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
19:03:39.0545 6316	iaStorV - ok
19:03:39.0594 6316	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:03:39.0596 6316	iirsp - ok
19:03:39.0648 6316	inspect         (aa686b40a4f837bc66ad3183b2bbd981) C:\Windows\system32\DRIVERS\inspect.sys
19:03:39.0650 6316	inspect - ok
19:03:39.0658 6316	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
19:03:39.0660 6316	intelide - ok
19:03:39.0686 6316	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:03:39.0687 6316	intelppm - ok
19:03:39.0707 6316	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:03:39.0710 6316	IpFilterDriver - ok
19:03:39.0724 6316	IPMIDRV         (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:03:39.0728 6316	IPMIDRV - ok
19:03:39.0736 6316	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:03:39.0739 6316	IPNAT - ok
19:03:39.0757 6316	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:03:39.0759 6316	IRENUM - ok
19:03:39.0767 6316	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
19:03:39.0769 6316	isapnp - ok
19:03:39.0794 6316	iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
19:03:39.0797 6316	iScsiPrt - ok
19:03:39.0811 6316	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:03:39.0813 6316	kbdclass - ok
19:03:39.0828 6316	kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
19:03:39.0830 6316	kbdhid - ok
19:03:39.0841 6316	KSecDD          (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
19:03:39.0844 6316	KSecDD - ok
19:03:39.0885 6316	KSecPkg         (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
19:03:39.0888 6316	KSecPkg - ok
19:03:39.0909 6316	L1E             (f7cdaba15c7e853f0a11af6d77fca990) C:\Windows\system32\DRIVERS\L1E62x86.sys
19:03:39.0911 6316	L1E - ok
19:03:39.0983 6316	libusb0         (34d6730e198a5b0fce0790a6b4769ef2) C:\Windows\system32\drivers\libusb0.sys
19:03:39.0984 6316	libusb0 - ok
19:03:39.0993 6316	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:03:39.0995 6316	lltdio - ok
19:03:40.0013 6316	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:03:40.0015 6316	LSI_FC - ok
19:03:40.0049 6316	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:03:40.0051 6316	LSI_SAS - ok
19:03:40.0073 6316	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:03:40.0075 6316	LSI_SAS2 - ok
19:03:40.0094 6316	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:03:40.0096 6316	LSI_SCSI - ok
19:03:40.0116 6316	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:03:40.0118 6316	luafv - ok
19:03:40.0129 6316	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:03:40.0131 6316	megasas - ok
19:03:40.0151 6316	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:03:40.0154 6316	MegaSR - ok
19:03:40.0272 6316	mobiolavs       (9cc6c97d0c37c646ac7973c38b13dab9) C:\Windows\system32\DRIVERS\mobiolavs.sys
19:03:40.0301 6316	mobiolavs - ok
19:03:40.0359 6316	MOBIOLA_Wave    (cdd79f08aa876b5f296950aa37972596) C:\Windows\system32\drivers\mobiolawave.sys
19:03:40.0368 6316	MOBIOLA_Wave - ok
19:03:40.0381 6316	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:03:40.0383 6316	Modem - ok
19:03:40.0460 6316	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:03:40.0461 6316	monitor - ok
19:03:40.0514 6316	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
19:03:40.0515 6316	mouclass - ok
19:03:40.0525 6316	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:03:40.0526 6316	mouhid - ok
19:03:40.0550 6316	mountmgr        (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
19:03:40.0552 6316	mountmgr - ok
19:03:40.0574 6316	mpio            (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
19:03:40.0576 6316	mpio - ok
19:03:40.0595 6316	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:03:40.0596 6316	mpsdrv - ok
19:03:40.0618 6316	MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
19:03:40.0621 6316	MRxDAV - ok
19:03:40.0667 6316	mrxsmb          (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:03:40.0690 6316	mrxsmb - ok
19:03:40.0737 6316	mrxsmb10        (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:03:40.0754 6316	mrxsmb10 - ok
19:03:40.0802 6316	mrxsmb20        (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:03:40.0804 6316	mrxsmb20 - ok
19:03:40.0819 6316	msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
19:03:40.0821 6316	msahci - ok
19:03:40.0834 6316	msdsm           (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
19:03:40.0837 6316	msdsm - ok
19:03:40.0857 6316	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:03:40.0858 6316	Msfs - ok
19:03:40.0874 6316	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:03:40.0876 6316	mshidkmdf - ok
19:03:40.0890 6316	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
19:03:40.0891 6316	msisadrv - ok
19:03:40.0921 6316	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:03:40.0923 6316	MSKSSRV - ok
19:03:40.0945 6316	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:03:40.0946 6316	MSPCLOCK - ok
19:03:40.0961 6316	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:03:40.0963 6316	MSPQM - ok
19:03:40.0979 6316	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:03:40.0982 6316	MsRPC - ok
19:03:41.0005 6316	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
19:03:41.0006 6316	mssmbios - ok
19:03:41.0020 6316	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:03:41.0022 6316	MSTEE - ok
19:03:41.0040 6316	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:03:41.0042 6316	MTConfig - ok
19:03:41.0067 6316	MTsensor        (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
19:03:41.0068 6316	MTsensor - ok
19:03:41.0078 6316	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:03:41.0080 6316	Mup - ok
19:03:41.0101 6316	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS
wifi.sys
19:03:41.0105 6316	NativeWifiP - ok
19:03:41.0134 6316	NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers
dis.sys
19:03:41.0142 6316	NDIS - ok
19:03:41.0152 6316	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS
discap.sys
19:03:41.0154 6316	NdisCap - ok
19:03:41.0193 6316	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS
distapi.sys
19:03:41.0195 6316	NdisTapi - ok
19:03:41.0213 6316	Ndisuio         (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS
disuio.sys
19:03:41.0215 6316	Ndisuio - ok
19:03:41.0234 6316	NdisWan         (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS
diswan.sys
19:03:41.0237 6316	NdisWan - ok
19:03:41.0257 6316	NDProxy         (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
19:03:41.0259 6316	NDProxy - ok
19:03:41.0295 6316	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS
etbios.sys
19:03:41.0297 6316	NetBIOS - ok
19:03:41.0333 6316	NetBT           (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS
etbt.sys
19:03:41.0336 6316	NetBT - ok
19:03:41.0445 6316	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS
frd960.sys
19:03:41.0447 6316	nfrd960 - ok
19:03:41.0464 6316	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:03:41.0466 6316	Npfs - ok
19:03:41.0479 6316	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers
siproxy.sys
19:03:41.0481 6316	nsiproxy - ok
19:03:41.0572 6316	Ntfs            (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
19:03:41.0596 6316	Ntfs - ok
19:03:41.0638 6316	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:03:41.0639 6316	Null - ok
19:03:41.0703 6316	NVHDA           (93c0f383b39b1f5fe7203e3270d4cf52) C:\Windows\system32\drivers
vhda32v.sys
19:03:41.0716 6316	NVHDA - ok
19:03:41.0932 6316	nvlddmkm        (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS
vlddmkm.sys
19:03:42.0107 6316	nvlddmkm - ok
19:03:42.0145 6316	nvraid          (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers
vraid.sys
19:03:42.0148 6316	nvraid - ok
19:03:42.0198 6316	nvstor          (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers
vstor.sys
19:03:42.0202 6316	nvstor - ok
19:03:42.0231 6316	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS
v_agp.sys
19:03:42.0233 6316	nv_agp - ok
19:03:42.0257 6316	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
19:03:42.0259 6316	ohci1394 - ok
19:03:42.0289 6316	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:03:42.0291 6316	Parport - ok
19:03:42.0305 6316	partmgr         (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
19:03:42.0307 6316	partmgr - ok
19:03:42.0323 6316	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:03:42.0324 6316	Parvdm - ok
19:03:42.0344 6316	pci             (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
19:03:42.0347 6316	pci - ok
19:03:42.0356 6316	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
19:03:42.0357 6316	pciide - ok
19:03:42.0372 6316	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:03:42.0375 6316	pcmcia - ok
19:03:42.0393 6316	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:03:42.0395 6316	pcw - ok
19:03:42.0420 6316	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:03:42.0427 6316	PEAUTH - ok
19:03:42.0475 6316	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERSaspptp.sys
19:03:42.0477 6316	PptpMiniport - ok
19:03:42.0491 6316	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:03:42.0493 6316	Processor - ok
19:03:42.0513 6316	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:03:42.0515 6316	Psched - ok
19:03:42.0564 6316	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
19:03:42.0593 6316	PxHelp20 - ok
19:03:42.0630 6316	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:03:42.0644 6316	ql2300 - ok
19:03:42.0654 6316	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:03:42.0657 6316	ql40xx - ok
19:03:42.0706 6316	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:03:42.0707 6316	QWAVEdrv - ok
19:03:42.0722 6316	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERSasacd.sys
19:03:42.0724 6316	RasAcd - ok
19:03:42.0738 6316	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:03:42.0740 6316	RasAgileVpn - ok
19:03:42.0761 6316	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERSasl2tp.sys
19:03:42.0763 6316	Rasl2tp - ok
19:03:42.0780 6316	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERSaspppoe.sys
19:03:42.0783 6316	RasPppoe - ok
19:03:42.0802 6316	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERSassstp.sys
19:03:42.0804 6316	RasSstp - ok
19:03:42.0828 6316	rdbss           (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERSdbss.sys
19:03:42.0831 6316	rdbss - ok
19:03:42.0848 6316	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERSdpbus.sys
19:03:42.0850 6316	rdpbus - ok
19:03:42.0871 6316	RDPCDD          (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:03:42.0872 6316	RDPCDD - ok
19:03:42.0900 6316	RDPDR           (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\driversdpdr.sys
19:03:42.0903 6316	RDPDR - ok
19:03:42.0924 6316	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\driversdpencdd.sys
19:03:42.0925 6316	RDPENCDD - ok
19:03:42.0944 6316	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\driversdprefmp.sys
19:03:42.0946 6316	RDPREFMP - ok
19:03:42.0964 6316	RDPWD           (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
19:03:42.0967 6316	RDPWD - ok
19:03:42.0990 6316	rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\driversdyboost.sys
19:03:42.0993 6316	rdyboost - ok
19:03:43.0026 6316	RimUsb          (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
19:03:43.0029 6316	RimUsb - ok
19:03:43.0066 6316	RsFx0105        (6a7360e36cbd636972aeef0dd292a946) C:\Windows\system32\DRIVERS\RsFx0105.sys
19:03:43.0070 6316	RsFx0105 - ok
19:03:43.0091 6316	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERSspndr.sys
19:03:43.0092 6316	rspndr - ok
19:03:43.0105 6316	s3cap           (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
19:03:43.0107 6316	s3cap - ok
19:03:43.0132 6316	sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
19:03:43.0134 6316	sbp2port - ok
19:03:43.0147 6316	scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
19:03:43.0150 6316	scfilter - ok
19:03:43.0180 6316	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:03:43.0181 6316	secdrv - ok
19:03:43.0207 6316	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:03:43.0209 6316	Serenum - ok
19:03:43.0229 6316	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:03:43.0231 6316	Serial - ok
19:03:43.0240 6316	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:03:43.0243 6316	sermouse - ok
19:03:43.0293 6316	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
19:03:43.0295 6316	sffdisk - ok
19:03:43.0305 6316	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:03:43.0307 6316	sffp_mmc - ok
19:03:43.0325 6316	sffp_sd         (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:03:43.0327 6316	sffp_sd - ok
19:03:43.0336 6316	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:03:43.0338 6316	sfloppy - ok
19:03:43.0384 6316	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
19:03:43.0386 6316	sisagp - ok
19:03:43.0408 6316	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:03:43.0410 6316	SiSRaid2 - ok
19:03:43.0420 6316	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:03:43.0422 6316	SiSRaid4 - ok
19:03:43.0432 6316	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:03:43.0434 6316	Smb - ok
19:03:43.0461 6316	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:03:43.0463 6316	spldr - ok
19:03:43.0530 6316	sptd            (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
19:03:43.0531 6316	Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
19:03:43.0533 6316	sptd ( LockedFile.Multi.Generic ) - warning
19:03:43.0533 6316	sptd - detected LockedFile.Multi.Generic (1)
19:03:43.0592 6316	srv             (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
19:03:43.0596 6316	srv - ok
19:03:43.0614 6316	srv2            (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
19:03:43.0619 6316	srv2 - ok
19:03:43.0667 6316	srvnet          (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
19:03:43.0670 6316	srvnet - ok
19:03:43.0707 6316	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:03:43.0709 6316	stexstor - ok
19:03:43.0754 6316	StillCam        (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
19:03:43.0756 6316	StillCam - ok
19:03:43.0767 6316	storflt         (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
19:03:43.0769 6316	storflt - ok
19:03:43.0784 6316	storvsc         (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
19:03:43.0786 6316	storvsc - ok
19:03:43.0795 6316	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
19:03:43.0797 6316	swenum - ok
19:03:43.0913 6316	Tcpip           (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers	cpip.sys
19:03:43.0942 6316	Tcpip - ok
19:03:43.0964 6316	TCPIP6          (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS	cpip.sys
19:03:43.0972 6316	TCPIP6 - ok
19:03:44.0001 6316	tcpipreg        (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers	cpipreg.sys
19:03:44.0002 6316	tcpipreg - ok
19:03:44.0019 6316	TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers	dpipe.sys
19:03:44.0021 6316	TDPIPE - ok
19:03:44.0042 6316	TDTCP           (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers	dtcp.sys
19:03:44.0044 6316	TDTCP - ok
19:03:44.0060 6316	tdx             (4eee2959664977ff6c0ffe043768777b) C:\Windows\system32\DRIVERS	dx.sys
19:03:44.0091 6316	tdx ( Rootkit.Win32.ZAccess.k ) - infected
19:03:44.0092 6316	tdx - detected Rootkit.Win32.ZAccess.k (0)
19:03:44.0154 6316	TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS	ermdd.sys
19:03:44.0169 6316	TermDD - ok
19:03:44.0196 6316	tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS	ssecsrv.sys
19:03:44.0199 6316	tssecsrv - ok
19:03:44.0209 6316	tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS	unnel.sys
19:03:44.0212 6316	tunnel - ok
19:03:44.0230 6316	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:03:44.0250 6316	uagp35 - ok
19:03:44.0283 6316	udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
19:03:44.0287 6316	udfs - ok
19:03:44.0312 6316	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:03:44.0315 6316	uliagpkx - ok
19:03:44.0349 6316	umbus           (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
19:03:44.0351 6316	umbus - ok
19:03:44.0375 6316	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:03:44.0376 6316	UmPass - ok
19:03:44.0501 6316	USBAAPL         (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
19:03:44.0502 6316	USBAAPL - ok
19:03:44.0540 6316	usbccgp         (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
19:03:44.0553 6316	usbccgp - ok
19:03:44.0727 6316	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
19:03:44.0756 6316	usbcir - ok
19:03:44.0802 6316	usbehci         (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
19:03:44.0804 6316	usbehci - ok
19:03:44.0830 6316	usbhub          (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
19:03:44.0834 6316	usbhub - ok
19:03:44.0877 6316	usbohci         (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
19:03:44.0879 6316	usbohci - ok
19:03:44.0894 6316	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:03:44.0896 6316	usbprint - ok
19:03:44.0932 6316	USBSTOR         (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:03:44.0934 6316	USBSTOR - ok
19:03:44.0973 6316	usbuhci         (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys
19:03:44.0975 6316	usbuhci - ok
19:03:44.0996 6316	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:03:44.0999 6316	vdrvroot - ok
19:03:45.0021 6316	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:03:45.0023 6316	vga - ok
19:03:45.0042 6316	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:03:45.0043 6316	VgaSave - ok
19:03:45.0060 6316	vhdmp           (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
19:03:45.0063 6316	vhdmp - ok
19:03:45.0087 6316	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
19:03:45.0090 6316	viaagp - ok
19:03:45.0111 6316	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:03:45.0113 6316	ViaC7 - ok
19:03:45.0122 6316	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
19:03:45.0124 6316	viaide - ok
19:03:45.0156 6316	vmbus           (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
19:03:45.0160 6316	vmbus - ok
19:03:45.0177 6316	VMBusHID        (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
19:03:45.0179 6316	VMBusHID - ok
19:03:45.0203 6316	VMnetAdapter - ok
19:03:45.0227 6316	volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
19:03:45.0229 6316	volmgr - ok
19:03:45.0250 6316	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:03:45.0255 6316	volmgrx - ok
19:03:45.0292 6316	volsnap         (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
19:03:45.0295 6316	volsnap - ok
19:03:45.0315 6316	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:03:45.0318 6316	vsmraid - ok
19:03:45.0341 6316	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:03:45.0343 6316	vwifibus - ok
19:03:45.0392 6316	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:03:45.0405 6316	WacomPen - ok
19:03:45.0428 6316	WANARP          (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:03:45.0430 6316	WANARP - ok
19:03:45.0434 6316	Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:03:45.0435 6316	Wanarpv6 - ok
19:03:45.0474 6316	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:03:45.0476 6316	Wd - ok
19:03:45.0514 6316	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:03:45.0529 6316	Wdf01000 - ok
19:03:45.0597 6316	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:03:45.0600 6316	WfpLwf - ok
19:03:45.0636 6316	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:03:45.0638 6316	WIMMount - ok
19:03:45.0707 6316	WinUsb          (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
19:03:45.0708 6316	WinUsb - ok
19:03:45.0833 6316	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:03:45.0854 6316	WmiAcpi - ok
19:03:45.0879 6316	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:03:45.0883 6316	ws2ifsl - ok
19:03:45.0924 6316	WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
19:03:45.0926 6316	WudfPf - ok
19:03:45.0954 6316	WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:03:45.0956 6316	WUDFRd - ok
19:03:45.0987 6316	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:03:45.0995 6316	\Device\Harddisk0\DR0 - ok
19:03:45.0998 6316	Boot (0x1200)   (fded6ff3a0e5734037152f5f062a3122) \Device\Harddisk0\DR0\Partition0
19:03:45.0999 6316	\Device\Harddisk0\DR0\Partition0 - ok
19:03:46.0047 6316	Boot (0x1200)   (27c56014bf5356d83ff88e65ca72115b) \Device\Harddisk0\DR0\Partition1
19:03:46.0065 6316	\Device\Harddisk0\DR0\Partition1 - ok
19:03:46.0066 6316	============================================================
19:03:46.0066 6316	Scan finished
19:03:46.0066 6316	============================================================
19:03:46.0079 5184	Detected object count: 2
19:03:46.0079 5184	Actual detected object count: 2
19:04:24.0350 5184	sptd ( LockedFile.Multi.Generic ) - skipped by user
19:04:24.0350 5184	sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
19:04:24.0440 5184	VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers	dx.sys) error 1813
19:04:27.0105 5184	Backup copy found, using it..
19:04:27.0114 5184	C:\Windows\system32\DRIVERS	dx.sys - will be cured on reboot
19:04:29.0527 5184	tdx ( Rootkit.Win32.ZAccess.k ) - User select action: Cure 
19:05:42.0189 4176	Deinitialize success

Malekal_morte- · Answer

Sauvegarde tes documents importants.


Désactive les logiciels de protection (Antivirus, Antispywares) ensuite :       

Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe et sauvegarde le sur ton bureau et pas ailleurs!       

Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.       

Eventuellement, installe la console de récupération comme cela est conseillé       

Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Si le rapport ne passe pas, envoie le sur ce site : http://pjjoint.malekal.com/
et donne le lien ici :)     

Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix       

PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.       

Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.

hcase · Answer

Voila, ComboFix est passé, et d'ailleurs je me suis fais une petite frayeur, quand il s'est terminé, le log s'est affiché, j'ai lancé internet explorer, mais il ne voulait pas, il m'a parlé d'une interdiction dans une clé du registre je crois... et pareil pour tout les autres programmes ! Mais j'ai redemarré et finalement c'est bon ^^ Voici le log:

ComboFix 11-11-27.02 - Maroon 27/11/2011  19:51:01.1.4 - x86
Lancé depuis: c:\users\Maroon\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Documents
c:\users\Maroon\AppData\Roaming\cacaoweb
c:\users\Maroon\AppData\Roaming\cacaoweb\adstorage.db
c:\users\Maroon\AppData\Roaming\cacaoweb\megavideo4AJBXSBX482160524.cacao
c:\users\Maroon\AppData\Roaming\cacaoweb\megavideoUX2NUVA41070370895.cacao
c:\users\Maroon\AppData\Roaming\cacaoweb\megavideoV85ZO80S132470102.cacao
c:\users\Maroon\AppData\Roaming\cacaoweb\storage.db
c:\windows\$NtUninstallKB22306$
c:\windows\$NtUninstallKB22306$\325731400\@
c:\windows\$NtUninstallKB22306$\325731400\bckfg.tmp
c:\windows\$NtUninstallKB22306$\325731400\cfg.ini
c:\windows\$NtUninstallKB22306$\325731400\Desktop.ini
c:\windows\$NtUninstallKB22306$\325731400\keywords
c:\windows\$NtUninstallKB22306$\325731400\kwrd.dll
c:\windows\$NtUninstallKB22306$\325731400\L\xadqgnnk
c:\windows\$NtUninstallKB22306$\325731400\U\00000001.@
c:\windows\$NtUninstallKB22306$\325731400\U\00000002.@
c:\windows\$NtUninstallKB22306$\325731400\U\00000004.@
c:\windows\$NtUninstallKB22306$\325731400\U\80000000.@
c:\windows\$NtUninstallKB22306$\325731400\U\80000004.@
c:\windows\$NtUninstallKB22306$\325731400\U\80000032.@
c:\windows\$NtUninstallKB22306$\3748585549
c:\windows\system32\70BE9287A2.dll
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-10-27 au 2011-11-27  ))))))))))))))))))))))))))))))))))))
.
.
2011-11-27 19:04 . 2011-11-27 19:07	--------	d-----w-	c:\users\Maroon\AppData\Local	emp
2011-11-27 19:04 . 2011-11-27 19:04	--------	d-----w-	c:\users\Default\AppData\Local	emp
2011-11-27 18:46 . 2009-07-13 23:11	53760	----a-w-	c:\windows\system32\drivers\intelppm.sys
2011-11-27 15:16 . 2011-11-27 15:16	--------	d-----w-	c:\users\Maroon\AppData\Roaming\mkvtoolnix
2011-11-27 15:16 . 2011-11-27 15:16	--------	d-----w-	c:\program files\MKVtoolnix
2011-11-21 21:50 . 2011-11-21 21:50	--------	d-----w-	c:\windows\system32\SPReview
2011-11-21 20:14 . 2011-09-22 16:18	73064	----a-w-	c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2011-11-21 18:27 . 2011-11-21 18:27	20	----a-w-	c:\windows\system32\drivers\SETCE89.TMP
2011-11-20 20:53 . 2011-11-20 20:53	--------	d-----w-	C:\$WINDOWS.~LS
2011-11-20 16:41 . 2011-11-20 16:41	41272	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-18 19:53 . 2011-11-18 19:53	20	----a-w-	c:\windows\system32\drivers\SET4E48.TMP
2011-11-18 17:41 . 2011-11-18 17:42	--------	d-----w-	c:\programdata\Comodo
2011-11-18 17:41 . 2011-11-18 17:41	--------	d-----w-	c:\program files\COMODO
2011-11-18 17:08 . 2011-11-18 17:08	--------	d-----w-	C:\6d0af8e83e1b8f52a5b1ff0445ba
2011-11-17 20:50 . 2011-11-17 20:58	--------	d-----w-	C:\c87c8845da27976786
2011-11-17 19:57 . 2011-11-17 19:57	--------	d-----w-	c:\windows\CheckSur
2011-11-17 18:15 . 2011-11-17 18:15	--------	d-----w-	C:\81877ccb33966fe7166d
2011-11-17 18:05 . 2011-11-17 18:16	--------	d-----w-	C:\eb463c24e0cc18edfb0a8069
2011-11-17 17:24 . 2011-11-27 17:33	--------	d-----w-	c:\users\Maroon\AppData\Roaming\.minecraft
2011-11-17 17:01 . 2011-11-17 17:01	--------	d-----w-	c:\users\Maroon\AppData\Roaming\NVIDIA
2011-11-17 16:27 . 2011-07-07 23:21	26216	----a-w-	c:\windows\system32
vhdap32.dll
2011-11-17 16:26 . 2011-07-07 23:21	139880	----a-w-	c:\windows\system32\drivers
vhda32v.sys
2011-11-17 16:26 . 2011-07-07 23:21	876136	----a-w-	c:\windows\system32
vhdagenco3220102.dll
2011-11-17 16:26 . 2011-10-15 08:53	61248	----a-w-	c:\windows\system32\OpenCL.dll
2011-11-17 16:26 . 2011-10-15 08:53	18871616	----a-w-	c:\windows\system32
voglv32.dll
2011-11-17 16:26 . 2011-10-15 08:53	10327360	----a-w-	c:\windows\system32\drivers
vlddmkm.sys
2011-11-17 16:26 . 2011-10-15 08:53	919872	----a-w-	c:\windows\system32
vdispco32.dll
2011-11-17 16:26 . 2011-10-15 08:53	877376	----a-w-	c:\windows\system32
vgenco32.dll
2011-11-17 16:26 . 2011-10-15 08:53	2401088	----a-w-	c:\windows\system32
vcuvid.dll
2011-11-17 16:26 . 2011-10-15 08:53	2099520	----a-w-	c:\windows\system32
vcuvenc.dll
2011-11-17 16:26 . 2011-10-15 08:53	5578560	----a-w-	c:\windows\system32
vcuda.dll
2011-11-17 16:26 . 2011-10-15 08:53	17248576	----a-w-	c:\windows\system32
vcompiler.dll
2011-11-16 21:18 . 2011-11-16 21:18	--------	d-----w-	c:\users\UpdatusUser
2011-11-14 19:04 . 2011-11-23 18:44	--------	d-----w-	c:\program files\Call of Duty- Modern Warfare 3
2011-11-13 18:41 . 2011-11-13 19:43	--------	d-----w-	c:\users\Maroon\AppData\Roaming\Mumble
2011-11-13 18:40 . 2011-11-13 18:40	--------	d-----w-	c:\program files\Mumble
2011-11-10 16:12 . 2011-11-18 18:38	--------	d-----w-	c:\users\Maroon\AppData\Local\Akamai
2011-11-09 19:18 . 2011-09-29 15:43	1285488	----a-w-	c:\windows\system32\drivers	cpip.sys
2011-11-09 19:18 . 2011-10-01 04:43	708608	----a-w-	c:\program files\Common Files\System\wab32.dll
2011-11-09 19:18 . 2011-09-29 04:20	2339840	----a-w-	c:\windows\system32\win32k.sys
2011-11-06 18:03 . 2011-11-07 19:46	--------	d-----w-	C:\divx
2011-11-06 17:58 . 2011-11-06 18:44	--------	d-----w-	c:\users\Maroon\AppData\Roaming\DivX
2011-11-06 17:57 . 2011-11-22 18:12	--------	d-----w-	c:\program files\Common Files\DivX Shared
2011-11-06 17:55 . 2011-11-22 18:12	--------	d-----w-	c:\program files\DivX
2011-11-06 17:54 . 2011-11-22 18:12	--------	d-----w-	c:\programdata\DivX
2011-10-31 12:31 . 2011-10-31 12:31	--------	d-----w-	c:\users\Maroon\AppData\Roaming\AVG2012
2011-10-31 12:30 . 2011-11-16 18:33	--------	d-----w-	c:\programdata\AVG2012
2011-10-30 15:58 . 2011-10-30 15:58	--------	d-----w-	c:\program files\Passware
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-27 18:07 . 2009-07-13 23:12	74240	----a-w-	c:\windows\system32\drivers	dx.sys
2011-11-16 09:54 . 2011-05-17 10:19	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-13 14:06 . 2010-12-07 15:23	2133344	----a-w-	c:\programdata\Microsoft\VisualStudio\10.0\1036\ResourceCache.dll
2011-10-24 12:29 . 2011-10-24 12:29	94208	----a-w-	c:\windows\system32\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29	69632	----a-w-	c:\windows\system32\QuickTime.qts
2011-10-20 23:26 . 2011-10-20 23:26	94208	----a-w-	c:\windows\system32\dpl100.dll
2011-10-15 08:53 . 2011-04-07 14:21	7041856	----a-w-	c:\windows\system32
vwgf2um.dll
2011-10-15 08:53 . 2011-04-07 14:21	13205312	----a-w-	c:\windows\system32
vd3dum.dll
2011-10-15 08:53 . 2011-04-07 14:21	2458432	----a-w-	c:\windows\system32
vapi.dll
2011-10-15 08:53 . 2011-02-22 23:41	602432	----a-w-	c:\windows\system32\easyUpdatusAPIU.dll
2011-10-15 08:53 . 2011-02-22 23:40	6350144	----a-w-	c:\windows\system32
vcpl.dll
2011-10-15 08:53 . 2011-02-22 23:39	3840320	----a-w-	c:\windows\system32
vsvc.dll
2011-10-15 08:53 . 2011-02-22 23:38	203072	----a-w-	c:\windows\system32
vmctray.dll
2011-10-15 08:53 . 2011-02-22 23:38	1136448	----a-w-	c:\windows\system32
vvsvc.exe
2011-10-15 08:53 . 2011-01-07 19:06	3074368	----a-w-	c:\windows\system32
vsvcr.dll
2011-10-15 08:53 . 2010-07-09 15:37	123712	----a-w-	c:\windows\system32
vshext.dll
2011-10-14 23:54 . 2011-10-14 23:54	321856	----a-w-	c:\windows\system32
vStreaming.exe
2011-10-07 17:47 . 2011-10-07 17:47	82400	----a-w-	c:\windows\system32\drivers\inspect.sys
2011-10-07 17:47 . 2011-10-07 17:47	39640	----a-w-	c:\windows\system32\drivers\cmdhlp.sys
2011-10-07 17:47 . 2011-10-07 17:47	488208	----a-w-	c:\windows\system32\drivers\cmdGuard.sys
2011-10-07 17:47 . 2011-10-07 17:47	19600	----a-w-	c:\windows\system32\drivers\cmderd.sys
2011-10-07 17:47 . 2011-10-07 17:47	33984	----a-w-	c:\windows\system32\cmdcsr.dll
2011-10-07 17:47 . 2011-10-07 17:47	300200	----a-w-	c:\windows\system32\guard32.dll
2011-10-07 05:23 . 2011-10-07 05:23	230608	----a-w-	c:\windows\system32\drivers\avgldx86.sys
2011-10-04 05:21 . 2011-10-04 05:21	16720	----a-w-	c:\windows\system32\drivers\AVGIDSShim.sys
2011-10-03 04:06 . 2011-08-30 17:45	472808	----a-w-	c:\windows\system32\deployJava1.dll
2011-09-22 16:18 . 2011-09-22 16:18	2570088	----a-w-	c:\windows\system32\sqlncli10.dll
2011-09-22 16:18 . 2011-01-05 21:18	89960	----a-w-	c:\windows\system32\SQSRVRES.DLL
2011-09-22 16:10 . 2011-09-22 16:10	239592	----a-w-	c:\windows\system32\drivers\RsFx0104.sys
2011-09-22 16:10 . 2011-09-22 16:10	238696	----a-w-	c:\windows\system32\drivers\RsFx0105.sys
2011-09-22 14:42 . 2011-09-22 14:42	32616	----a-w-	c:\windows\system32\DTSPipelinePerf100.dll
2011-09-13 05:30 . 2011-09-13 05:30	32592	----a-w-	c:\windows\system32\drivers\avgrkx86.sys
2011-09-01 02:35 . 2011-10-12 19:57	1798144	----a-w-	c:\windows\system32\jscript9.dll
2011-09-01 02:28 . 2011-10-12 19:57	1126912	----a-w-	c:\windows\system32\wininet.dll
2011-09-01 02:22 . 2011-10-12 19:57	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-08-31 16:00 . 2011-06-01 09:13	22216	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-08-30 21:05 . 2011-08-30 21:05	83816	----a-w-	c:\windows\system32\dns-sd.exe
2011-08-30 21:05 . 2011-08-30 21:05	73064	----a-w-	c:\windows\system32\dnssd.dll
2011-08-30 21:05 . 2011-08-30 21:05	50536	----a-w-	c:\windows\system32\jdns_sd.dll
2011-08-30 21:05 . 2011-08-30 21:05	178536	----a-w-	c:\windows\system32\dnssdX.dll
2011-11-14 17:49 . 2011-06-21 17:29	134104	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06	163328	--sh--r-	c:\windows\System32\flvDX.dll
2007-02-21 11:47	31232	--sh--r-	c:\windows\System32\msfDX.dll
2008-03-16 13:30	216064	--sh--r-	c:\windows\System32
bDX.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Mobiola WebCamera for iPhone"="c:\program files\Mobiola WebCamera for iPhone\WebcamForIPhone.exe" [2011-04-11 1398208]
"Akamai NetSession Interface"="c:\users\Maroon\AppData\Local\Akamai
etsession_win.exe" [2011-11-17 3303000]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-11-25 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-24 2415456]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-10-20 2497352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-05 136176]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 AirDisplay;Air Display Support;c:\windows\system32\DRIVERS\AVVideoCard.sys [2010-09-07 6656]
R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-05 136176]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-05 1343400]
R4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [2011-09-22 238696]
R4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-07 691696]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-10-07 488208]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-10-07 39640]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AirPrint;AirPrint;c:\program files\AirPrint\Airprint.exe [2011-02-13 234784]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Mobiola Wave Service;Mobiola Wave Service;c:\program files\Common Files\SHAPE Services\Mobiola Wave Service\MobiolaWaveService.exe [2011-04-11 125088]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision
vSCPAPISvr.exe [2011-10-14 381248]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 28672]
S3 MOBIOLA_Wave;Mobiola Wave Audio Device (WDM);c:\windows\system32\drivers\mobiolawave.sys [2010-05-14 25024]
S3 mobiolavs;Mobiola Web Camera Video Source;c:\windows\system32\DRIVERS\mobiolavs.sys [2010-05-05 26896]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers
vhda32v.sys [2011-07-07 139880]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-05 13:11]
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-05 13:11]
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2388224069-559009786-476923068-1001Core.job
- c:\users\Maroon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-14 13:11]
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2388224069-559009786-476923068-1001UA.job
- c:\users\Maroon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-14 13:11]
.
.
------- Examen supplémentaire -------
.
uStart Page = file:///C:/Users/Maroon/Documents/html%20marinom/Accueil.html
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.254
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} - hxxps://www.icloud.com/system/iCloud.cab
FF - ProfilePath - c:\users\Maroon\AppData\Roaming\Mozilla\Firefox\Profiles\ofptxsyn.default\
FF - prefs.js: browser.startup.homepage - c:\Users\Maroon\Documents\html marinom\Accueil.html
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKCU-Run-AdobeBridge - (no file)
SafeBoot-09552162.sys
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_d768ebc.dll"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'lsass.exe'(892)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(5204)
c:\windows\system32\guard32.dll
c:\program files\WinSCP\DragExt.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\system32
vvsvc.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\NVIDIA Corporation\Display
vxdsync.exe
c:\windows\system32
vvsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\windows\system32	askhost.exe
c:\windows\system32\conhost.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\program files\NVIDIA Corporation\Display
vtray.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Heure de fin: 2011-11-27  20:15:42 - La machine a redémarré
ComboFix-quarantined-files.txt  2011-11-27 19:15
.
Avant-CF: 9 917 394 944 octets libres
Après-CF: 10 867 601 408 octets libres
.
- - End Of File - - F8587396C592A51D457173FC8E6CC124

Malekal_morte- · Answer

Surf un peu voir ce que cela donne.

hcase · Answer

(Merci pour la rapidité des réponses :D) Je surf, je surf, mais malheuresement ce n'est pas tout le temps, donc je ne sais pas si c'est corrigé ou pas =/ J'espère ^^ Je reposterais si sa revient :) Merci beaucoup en tout cas :D :D Toujours aussi bien ce site, merci à toi surtout ;)

Malekal_morte- · Answer

encore des redirections ?

hcase · Answer

J'ai attendu trois jour avant de répondre pour être sur que ce soit bien résolu, et c'est bien le cas, plus de redirection, merci beaucoup ! :D :D Merci pour ces réponses très rapide ;)

Malekal_morte- · Answer

Fais plus attention à l'avenir....

Maintiens tes logiciels à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite    
Absolument à faire.    

Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.

Si tu utilises Avast! ou AVG - regle le pour détecter les LPIs - voir : https://www.malekal.com/adwares-pup-protection/ 

Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf  
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html et https://www.commentcamarche.net/faq/8934-securisation-de-son-pc
- Si tu utilises Avast! ou AVG, pense à activer les détections PUPs/LPIs : https://www.commentcamarche.net/faq/32913-avast-et-avg-activer-la-detection-des-pups-lpis
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese

Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte - evite les programmes par publicités ou sur les liens commerciaux des moteurs de recherche - ce sont des arnaques :: 
Les PUPs/LPIs : https://www.malekal.com/adwares-pup-protection/    
Exemple de ce qu'il ne faut pas faire :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1

Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus

Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.

hcase · Answer

C'est gentil merci beaucoup ;) Je fais quand même très souvent attention à ce que je télécharge mais malheuresement ça ne suffit pas toujours effectivement ^^ Mais ce coup-ci je pense que sa vient aussi du fait que mon pare-feu était désactivé pendant un petit moment avant que je ne m'en rende compte...

Redirection via la barre d'outil google

10 réponses

Discussions similaires