Redirection automatique / Virus?

snoock26 Messages postés 15 Statut Membre -  
snoock26 Messages postés 15 Statut Membre -
Bonjour,

Voici mon problème :
Depuis quelques jours, à chaque recherche sur Google, je suis systématiquement redirigé vers d'autres pages de pub et autres...

Je suis sous Windows 7

J'ai réalisé un Hijackthis que je vous soumets: (un message est arrivé en cours : For some reason your system write access to the file... If that happens, you need to edit the file yourself. To do this... notpad :C:Windows/System32/drivers/etc/hosts)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:49:58, on 14.02.2012
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\GM\Downloads\HiJackThis(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/12
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/12
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/de-ch?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [D-Link D-Link DWA-125] C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
O4 - HKLM\..\Run: [WZCSLDR2] C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Update GreenWebPlayer.lnk = C:\Games\GreenWebPlayer\Updater.exe
O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: D_Link_DWA-125_WPS Service (D_Link_DWA-125_WPS) - Unknown owner - C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
A voir également:

22 réponses

  • 1
  • 2
Réponse 1 / 22
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Salut,

SweetIM à désinstaller.

Sauvegarde les données importantes.


Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Lire ce qui est écrit au niveau des suppressions/réparation (delete et cure), ne pas supprimer n'importe quoi.
Poste le rapport ici.

~~

Passe un coup d'aswmbr : https://forum.malekal.com/viewtopic.php?t=31619&start=
Poste le rapport ici.
0
Réponse 2 / 22
snoock26 Messages postés 15 Statut Membre
 
Hello,

J'ai supprimé SweetIM


Voici le rapport TDSS :

16:53:14.0013 2008 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
16:53:14.0100 2008 ============================================================
16:53:14.0100 2008 Current date / time: 2012/02/14 16:53:14.0100
16:53:14.0100 2008 SystemInfo:
16:53:14.0100 2008
16:53:14.0101 2008 OS Version: 6.1.7600 ServicePack: 0.0
16:53:14.0101 2008 Product type: Workstation
16:53:14.0101 2008 ComputerName: GM-HP
16:53:14.0102 2008 UserName: GM
16:53:14.0102 2008 Windows directory: C:\Windows
16:53:14.0102 2008 System windows directory: C:\Windows
16:53:14.0102 2008 Running under WOW64
16:53:14.0102 2008 Processor architecture: Intel x64
16:53:14.0102 2008 Number of processors: 2
16:53:14.0102 2008 Page size: 0x1000
16:53:14.0102 2008 Boot type: Normal boot
16:53:14.0102 2008 ============================================================
16:53:14.0917 2008 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:53:14.0923 2008 \Device\Harddisk0\DR0:
16:53:14.0923 2008 MBR used
16:53:14.0923 2008 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:53:14.0923 2008 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2364F800
16:53:14.0923 2008 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23682000, BlocksNum 0x1DAC000
16:53:14.0988 2008 Initialize success
16:53:14.0988 2008 ============================================================
16:53:16.0135 4244 ============================================================
16:53:16.0136 4244 Scan started
16:53:16.0136 4244 Mode: Manual;
16:53:16.0136 4244 ============================================================
16:53:17.0135 4244 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:53:17.0141 4244 1394ohci - ok
16:53:17.0178 4244 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:53:17.0182 4244 ACPI - ok
16:53:17.0204 4244 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:53:17.0206 4244 AcpiPmi - ok
16:53:17.0270 4244 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:53:17.0277 4244 adp94xx - ok
16:53:17.0290 4244 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:53:17.0295 4244 adpahci - ok
16:53:17.0304 4244 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:53:17.0308 4244 adpu320 - ok
16:53:17.0349 4244 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
16:53:17.0355 4244 AFD - ok
16:53:17.0374 4244 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:53:17.0400 4244 agp440 - ok
16:53:17.0481 4244 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:53:17.0486 4244 aliide - ok
16:53:17.0495 4244 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:53:17.0498 4244 amdide - ok
16:53:17.0517 4244 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:53:17.0520 4244 AmdK8 - ok
16:53:17.0542 4244 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:53:17.0546 4244 AmdPPM - ok
16:53:17.0576 4244 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:53:17.0579 4244 amdsata - ok
16:53:17.0596 4244 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:53:17.0600 4244 amdsbs - ok
16:53:17.0620 4244 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:53:17.0621 4244 amdxata - ok
16:53:17.0660 4244 anodlwf (4ccf421e6c4b2a4cbce000715911f7cc) C:\Windows\system32\DRIVERS\anodlwfx.sys
16:53:17.0662 4244 anodlwf - ok
16:53:17.0683 4244 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:53:17.0686 4244 AppID - ok
16:53:17.0707 4244 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:53:17.0712 4244 arc - ok
16:53:17.0731 4244 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:53:17.0734 4244 arcsas - ok
16:53:17.0765 4244 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:53:17.0766 4244 AsyncMac - ok
16:53:17.0781 4244 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:53:17.0782 4244 atapi - ok
16:53:17.0844 4244 AVGIDSDriver (e6671e90d38c88764412e07c9d9b3d63) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
16:53:17.0846 4244 AVGIDSDriver - ok
16:53:17.0872 4244 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
16:53:17.0872 4244 AVGIDSEH - ok
16:53:17.0887 4244 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
16:53:17.0888 4244 AVGIDSFilter - ok
16:53:17.0928 4244 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
16:53:17.0931 4244 Avgldx64 - ok
16:53:17.0944 4244 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
16:53:17.0946 4244 Avgmfx64 - ok
16:53:17.0990 4244 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
16:53:17.0990 4244 Avgrkx64 - ok
16:53:18.0011 4244 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
16:53:18.0015 4244 Avgtdia - ok
16:53:18.0068 4244 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:53:18.0076 4244 b06bdrv - ok
16:53:18.0108 4244 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:53:18.0113 4244 b57nd60a - ok
16:53:18.0143 4244 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:53:18.0145 4244 Beep - ok
16:53:18.0185 4244 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:53:18.0187 4244 blbdrive - ok
16:53:18.0227 4244 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:53:18.0229 4244 bowser - ok
16:53:18.0244 4244 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:53:18.0246 4244 BrFiltLo - ok
16:53:18.0253 4244 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:53:18.0256 4244 BrFiltUp - ok
16:53:18.0275 4244 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:53:18.0280 4244 Brserid - ok
16:53:18.0288 4244 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:53:18.0291 4244 BrSerWdm - ok
16:53:18.0301 4244 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:53:18.0304 4244 BrUsbMdm - ok
16:53:18.0312 4244 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:53:18.0315 4244 BrUsbSer - ok
16:53:18.0325 4244 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:53:18.0329 4244 BTHMODEM - ok
16:53:18.0352 4244 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:53:18.0355 4244 cdfs - ok
16:53:18.0370 4244 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:53:18.0372 4244 cdrom - ok
16:53:18.0402 4244 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:53:18.0406 4244 circlass - ok
16:53:18.0436 4244 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:53:18.0440 4244 CLFS - ok
16:53:18.0468 4244 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:53:18.0471 4244 CmBatt - ok
16:53:18.0480 4244 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:53:18.0485 4244 cmdide - ok
16:53:18.0520 4244 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:53:18.0525 4244 CNG - ok
16:53:18.0542 4244 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:53:18.0544 4244 Compbatt - ok
16:53:18.0577 4244 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:53:18.0579 4244 CompositeBus - ok
16:53:18.0599 4244 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:53:18.0602 4244 crcdisk - ok
16:53:18.0653 4244 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:53:18.0655 4244 DfsC - ok
16:53:18.0682 4244 dg_ssudbus (f551cbb5db009b980a03f64b09946f75) C:\Windows\system32\DRIVERS\ssudbus.sys
16:53:18.0685 4244 dg_ssudbus - ok
16:53:18.0711 4244 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:53:18.0712 4244 discache - ok
16:53:18.0737 4244 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:53:18.0739 4244 Disk - ok
16:53:18.0779 4244 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:53:18.0783 4244 drmkaud - ok
16:53:18.0830 4244 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:53:18.0836 4244 DXGKrnl - ok
16:53:18.0910 4244 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:53:18.0943 4244 ebdrv - ok
16:53:18.0979 4244 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:53:18.0986 4244 elxstor - ok
16:53:18.0994 4244 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:53:18.0999 4244 ErrDev - ok
16:53:19.0044 4244 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:53:19.0048 4244 exfat - ok
16:53:19.0081 4244 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:53:19.0085 4244 fastfat - ok
16:53:19.0103 4244 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:53:19.0106 4244 fdc - ok
16:53:19.0134 4244 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:53:19.0135 4244 FileInfo - ok
16:53:19.0148 4244 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:53:19.0150 4244 Filetrace - ok
16:53:19.0165 4244 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:53:19.0167 4244 flpydisk - ok
16:53:19.0189 4244 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:53:19.0193 4244 FltMgr - ok
16:53:19.0215 4244 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:53:19.0220 4244 FsDepends - ok
16:53:19.0232 4244 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:53:19.0232 4244 Fs_Rec - ok
16:53:19.0266 4244 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:53:19.0268 4244 fvevol - ok
16:53:19.0291 4244 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:53:19.0294 4244 gagp30kx - ok
16:53:19.0335 4244 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:53:19.0337 4244 GEARAspiWDM - ok
16:53:19.0359 4244 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:53:19.0362 4244 hcw85cir - ok
16:53:19.0393 4244 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:53:19.0399 4244 HdAudAddService - ok
16:53:19.0411 4244 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:53:19.0412 4244 HDAudBus - ok
16:53:19.0432 4244 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:53:19.0434 4244 HidBatt - ok
16:53:19.0444 4244 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:53:19.0447 4244 HidBth - ok
16:53:19.0476 4244 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:53:19.0478 4244 HidIr - ok
16:53:19.0520 4244 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:53:19.0521 4244 HidUsb - ok
16:53:19.0579 4244 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:53:19.0583 4244 HpSAMD - ok
16:53:19.0607 4244 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:53:19.0615 4244 HTTP - ok
16:53:19.0634 4244 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:53:19.0635 4244 hwpolicy - ok
16:53:19.0667 4244 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:53:19.0669 4244 i8042prt - ok
16:53:19.0706 4244 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:53:19.0712 4244 iaStorV - ok
16:53:19.0879 4244 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:53:19.0999 4244 igfx - ok
16:53:20.0070 4244 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:53:20.0072 4244 iirsp - ok
16:53:20.0106 4244 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
16:53:20.0129 4244 Impcd - ok
16:53:20.0184 4244 IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys
16:53:20.0205 4244 IntcAzAudAddService - ok
16:53:20.0223 4244 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:53:20.0224 4244 intelide - ok
16:53:20.0251 4244 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:53:20.0251 4244 intelppm - ok
16:53:20.0273 4244 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:53:20.0276 4244 IpFilterDriver - ok
16:53:20.0287 4244 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:53:20.0291 4244 IPMIDRV - ok
16:53:20.0311 4244 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:53:20.0314 4244 IPNAT - ok
16:53:20.0361 4244 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:53:20.0363 4244 IRENUM - ok
16:53:20.0380 4244 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:53:20.0382 4244 isapnp - ok
16:53:20.0410 4244 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:53:20.0414 4244 iScsiPrt - ok
16:53:20.0437 4244 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:53:20.0439 4244 kbdclass - ok
16:53:20.0456 4244 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:53:20.0457 4244 kbdhid - ok
16:53:20.0494 4244 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:53:20.0496 4244 KSecDD - ok
16:53:20.0514 4244 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:53:20.0516 4244 KSecPkg - ok
16:53:20.0531 4244 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:53:20.0533 4244 ksthunk - ok
16:53:20.0587 4244 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:53:20.0588 4244 lltdio - ok
16:53:20.0622 4244 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:53:20.0625 4244 LSI_FC - ok
16:53:20.0635 4244 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:53:20.0639 4244 LSI_SAS - ok
16:53:20.0650 4244 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:53:20.0653 4244 LSI_SAS2 - ok
16:53:20.0667 4244 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:53:20.0669 4244 LSI_SCSI - ok
16:53:20.0687 4244 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:53:20.0689 4244 luafv - ok
16:53:20.0703 4244 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:53:20.0707 4244 megasas - ok
16:53:20.0732 4244 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:53:20.0736 4244 MegaSR - ok
16:53:20.0761 4244 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:53:20.0764 4244 Modem - ok
16:53:20.0799 4244 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:53:20.0799 4244 monitor - ok
16:53:20.0816 4244 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:53:20.0818 4244 mouclass - ok
16:53:20.0839 4244 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:53:20.0840 4244 mouhid - ok
16:53:20.0860 4244 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:53:20.0861 4244 mountmgr - ok
16:53:20.0885 4244 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:53:20.0888 4244 mpio - ok
16:53:20.0910 4244 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:53:20.0912 4244 mpsdrv - ok
16:53:20.0930 4244 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:53:20.0934 4244 MRxDAV - ok
16:53:20.0967 4244 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:53:20.0969 4244 mrxsmb - ok
16:53:21.0000 4244 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:53:21.0003 4244 mrxsmb10 - ok
16:53:21.0018 4244 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:53:21.0020 4244 mrxsmb20 - ok
16:53:21.0040 4244 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:53:21.0043 4244 msahci - ok
16:53:21.0052 4244 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:53:21.0056 4244 msdsm - ok
16:53:21.0089 4244 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:53:21.0091 4244 Msfs - ok
16:53:21.0101 4244 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:53:21.0105 4244 mshidkmdf - ok
16:53:21.0117 4244 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:53:21.0118 4244 msisadrv - ok
16:53:21.0149 4244 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:53:21.0151 4244 MSKSSRV - ok
16:53:21.0164 4244 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:53:21.0167 4244 MSPCLOCK - ok
16:53:21.0174 4244 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:53:21.0178 4244 MSPQM - ok
16:53:21.0197 4244 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:53:21.0201 4244 MsRPC - ok
16:53:21.0215 4244 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:53:21.0216 4244 mssmbios - ok
16:53:21.0230 4244 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:53:21.0231 4244 MSTEE - ok
16:53:21.0250 4244 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:53:21.0252 4244 MTConfig - ok
16:53:21.0286 4244 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:53:21.0287 4244 Mup - ok
16:53:21.0328 4244 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:53:21.0332 4244 NativeWifiP - ok
16:53:21.0372 4244 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:53:21.0382 4244 NDIS - ok
16:53:21.0410 4244 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:53:21.0412 4244 NdisCap - ok
16:53:21.0442 4244 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:53:21.0444 4244 NdisTapi - ok
16:53:21.0460 4244 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:53:21.0462 4244 Ndisuio - ok
16:53:21.0480 4244 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:53:21.0483 4244 NdisWan - ok
16:53:21.0499 4244 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:53:21.0502 4244 NDProxy - ok
16:53:21.0521 4244 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:53:21.0523 4244 NetBIOS - ok
16:53:21.0544 4244 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:53:21.0549 4244 NetBT - ok
16:53:21.0615 4244 netr28ux (fad5127b44a089bb420bd0db48f2075f) C:\Windows\system32\DRIVERS\Dnetr28ux.sys
16:53:21.0621 4244 netr28ux - ok
16:53:21.0640 4244 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:53:21.0643 4244 nfrd960 - ok
16:53:21.0668 4244 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:53:21.0670 4244 Npfs - ok
16:53:21.0681 4244 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:53:21.0683 4244 nsiproxy - ok
16:53:21.0724 4244 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:53:21.0742 4244 Ntfs - ok
16:53:21.0759 4244 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:53:21.0761 4244 Null - ok
16:53:21.0801 4244 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:53:21.0804 4244 nvraid - ok
16:53:21.0822 4244 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:53:21.0826 4244 nvstor - ok
16:53:21.0859 4244 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:53:21.0862 4244 nv_agp - ok
16:53:21.0878 4244 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:53:21.0880 4244 ohci1394 - ok
16:53:21.0938 4244 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:53:21.0941 4244 Parport - ok
16:53:21.0957 4244 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:53:21.0958 4244 partmgr - ok
16:53:21.0983 4244 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:53:21.0985 4244 pci - ok
16:53:22.0000 4244 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:53:22.0002 4244 pciide - ok
16:53:22.0021 4244 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:53:22.0024 4244 pcmcia - ok
16:53:22.0045 4244 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:53:22.0046 4244 pcw - ok
16:53:22.0079 4244 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:53:22.0086 4244 PEAUTH - ok
16:53:22.0141 4244 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:53:22.0145 4244 PptpMiniport - ok
16:53:22.0161 4244 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:53:22.0163 4244 Processor - ok
16:53:22.0207 4244 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:53:22.0210 4244 Psched - ok
16:53:22.0249 4244 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:53:22.0266 4244 ql2300 - ok
16:53:22.0285 4244 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:53:22.0288 4244 ql40xx - ok
16:53:22.0308 4244 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:53:22.0311 4244 QWAVEdrv - ok
16:53:22.0329 4244 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:53:22.0331 4244 RasAcd - ok
16:53:22.0370 4244 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:53:22.0373 4244 RasAgileVpn - ok
16:53:22.0394 4244 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:53:22.0396 4244 Rasl2tp - ok
16:53:22.0412 4244 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:53:22.0414 4244 RasPppoe - ok
16:53:22.0431 4244 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:53:22.0433 4244 RasSstp - ok
16:53:22.0449 4244 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:53:22.0454 4244 rdbss - ok
16:53:22.0473 4244 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:53:22.0475 4244 rdpbus - ok
16:53:22.0532 4244 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:53:22.0554 4244 RDPCDD - ok
16:53:22.0694 4244 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:53:22.0697 4244 RDPENCDD - ok
16:53:22.0719 4244 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:53:22.0721 4244 RDPREFMP - ok
16:53:22.0733 4244 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:53:22.0737 4244 RDPWD - ok
16:53:22.0768 4244 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:53:22.0770 4244 rdyboost - ok
16:53:22.0810 4244 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:53:22.0811 4244 rspndr - ok
16:53:22.0847 4244 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:53:22.0857 4244 RTL8167 - ok
16:53:22.0878 4244 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:53:22.0880 4244 sbp2port - ok
16:53:22.0903 4244 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:53:22.0906 4244 scfilter - ok
16:53:22.0926 4244 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:53:22.0928 4244 secdrv - ok
16:53:22.0963 4244 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:53:22.0965 4244 Serenum - ok
16:53:22.0983 4244 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:53:22.0989 4244 Serial - ok
16:53:23.0003 4244 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:53:23.0006 4244 sermouse - ok
16:53:23.0039 4244 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:53:23.0042 4244 sffdisk - ok
16:53:23.0054 4244 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:53:23.0056 4244 sffp_mmc - ok
16:53:23.0070 4244 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:53:23.0073 4244 sffp_sd - ok
16:53:23.0081 4244 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:53:23.0085 4244 sfloppy - ok
16:53:23.0121 4244 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:53:23.0126 4244 Sftfs - ok
16:53:23.0155 4244 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:53:23.0157 4244 Sftplay - ok
16:53:23.0173 4244 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:53:23.0174 4244 Sftredir - ok
16:53:23.0189 4244 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:53:23.0190 4244 Sftvol - ok
16:53:23.0224 4244 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:53:23.0226 4244 SiSRaid2 - ok
16:53:23.0236 4244 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:53:23.0239 4244 SiSRaid4 - ok
16:53:23.0267 4244 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:53:23.0270 4244 Smb - ok
16:53:23.0312 4244 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:53:23.0313 4244 spldr - ok
16:53:23.0371 4244 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:53:23.0376 4244 srv - ok
16:53:23.0401 4244 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:53:23.0406 4244 srv2 - ok
16:53:23.0427 4244 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:53:23.0430 4244 srvnet - ok
16:53:23.0476 4244 ssudmdm (c683e87ac3f8eb55735338a6ad5cc096) C:\Windows\system32\DRIVERS\ssudmdm.sys
16:53:23.0500 4244 ssudmdm - ok
16:53:23.0519 4244 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:53:23.0521 4244 stexstor - ok
16:53:23.0547 4244 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:53:23.0549 4244 swenum - ok
16:53:23.0610 4244 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:53:23.0629 4244 Tcpip - ok
16:53:23.0664 4244 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:53:23.0674 4244 TCPIP6 - ok
16:53:23.0704 4244 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:53:23.0705 4244 tcpipreg - ok
16:53:23.0720 4244 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:53:23.0722 4244 TDPIPE - ok
16:53:23.0731 4244 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:53:23.0734 4244 TDTCP - ok
16:53:23.0759 4244 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:53:23.0762 4244 tdx - ok
16:53:23.0781 4244 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:53:23.0783 4244 TermDD - ok
16:53:23.0817 4244 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:53:23.0820 4244 tssecsrv - ok
16:53:23.0848 4244 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:53:23.0851 4244 tunnel - ok
16:53:23.0874 4244 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:53:23.0876 4244 uagp35 - ok
16:53:23.0898 4244 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:53:23.0903 4244 udfs - ok
16:53:23.0929 4244 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:53:23.0931 4244 uliagpkx - ok
16:53:23.0957 4244 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:53:23.0959 4244 umbus - ok
16:53:23.0968 4244 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:53:23.0971 4244 UmPass - ok
16:53:24.0002 4244 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:53:24.0005 4244 USBAAPL64 - ok
16:53:24.0026 4244 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:53:24.0028 4244 usbccgp - ok
16:53:24.0073 4244 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:53:24.0076 4244 usbcir - ok
16:53:24.0102 4244 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
16:53:24.0104 4244 usbehci - ok
16:53:24.0124 4244 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:53:24.0129 4244 usbhub - ok
16:53:24.0159 4244 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:53:24.0161 4244 usbohci - ok
16:53:24.0197 4244 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:53:24.0199 4244 usbprint - ok
16:53:24.0226 4244 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:53:24.0228 4244 USBSTOR - ok
16:53:24.0255 4244 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:53:24.0257 4244 usbuhci - ok
16:53:24.0283 4244 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
16:53:24.0286 4244 usb_rndisx - ok
16:53:24.0313 4244 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:53:24.0314 4244 vdrvroot - ok
16:53:24.0351 4244 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:53:24.0353 4244 vga - ok
16:53:24.0368 4244 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:53:24.0370 4244 VgaSave - ok
16:53:24.0388 4244 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:53:24.0392 4244 vhdmp - ok
16:53:24.0401 4244 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:53:24.0403 4244 viaide - ok
16:53:24.0424 4244 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:53:24.0425 4244 volmgr - ok
16:53:24.0448 4244 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:53:24.0452 4244 volmgrx - ok
16:53:24.0473 4244 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:53:24.0477 4244 volsnap - ok
16:53:24.0500 4244 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:53:24.0504 4244 vsmraid - ok
16:53:24.0527 4244 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:53:24.0528 4244 vwifibus - ok
16:53:24.0554 4244 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:53:24.0557 4244 vwififlt - ok
16:53:24.0576 4244 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:53:24.0578 4244 vwifimp - ok
16:53:24.0592 4244 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:53:24.0595 4244 WacomPen - ok
16:53:24.0617 4244 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:53:24.0620 4244 WANARP - ok
16:53:24.0625 4244 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:53:24.0627 4244 Wanarpv6 - ok
16:53:24.0663 4244 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:53:24.0668 4244 Wd - ok
16:53:24.0690 4244 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:53:24.0697 4244 Wdf01000 - ok
16:53:24.0738 4244 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:53:24.0740 4244 WfpLwf - ok
16:53:24.0753 4244 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:53:24.0755 4244 WIMMount - ok
16:53:24.0804 4244 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:53:24.0807 4244 WinUsb - ok
16:53:24.0839 4244 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:53:24.0842 4244 WmiAcpi - ok
16:53:24.0873 4244 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:53:24.0875 4244 ws2ifsl - ok
16:53:24.0904 4244 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:53:24.0906 4244 WudfPf - ok
16:53:24.0925 4244 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:53:24.0928 4244 WUDFRd - ok
16:53:24.0960 4244 MBR (0x1B8) (2781fd0462860224740dd89367522313) \Device\Harddisk0\DR0
16:53:25.0080 4244 \Device\Harddisk0\DR0 - ok
16:53:25.0083 4244 Boot (0x1200) (a0df7a2fcfdb2c7703f57af70c85da80) \Device\Harddisk0\DR0\Partition0
16:53:25.0084 4244 \Device\Harddisk0\DR0\Partition0 - ok
16:53:25.0094 4244 Boot (0x1200) (c834917004e43d6c206d581a67e7d8a9) \Device\Harddisk0\DR0\Partition1
16:53:25.0095 4244 \Device\Harddisk0\DR0\Partition1 - ok
16:53:25.0120 4244 Boot (0x1200) (1e8a60909b22642cdd00e7609415225e) \Device\Harddisk0\DR0\Partition2
16:53:25.0121 4244 \Device\Harddisk0\DR0\Partition2 - ok
16:53:25.0121 4244 ============================================================
16:53:25.0121 4244 Scan finished
16:53:25.0121 4244 ============================================================
16:53:25.0136 3436 Detected object count: 0
16:53:25.0136 3436 Actual detected object count: 0


Et le deuxième rapport...

aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software
Run date: 2012-02-14 16:58:35
-----------------------------
16:58:35.495 OS Version: Windows x64 6.1.7600
16:58:35.496 Number of processors: 2 586 0x170A
16:58:35.498 ComputerName: GM-HP UserName: GM
16:58:35.879 Initialize success
16:58:44.832 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
16:58:44.835 Disk 0 Vendor: SAMSUNG_HD322GJ 1AR10002 Size: 305245MB BusType: 3
16:58:44.849 Disk 0 MBR read successfully
16:58:44.851 Disk 0 MBR scan
16:58:44.854 Disk 0 unknown MBR code
16:58:44.862 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:58:44.875 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 289951 MB offset 206848
16:58:44.901 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15192 MB offset 594026496
16:58:44.905 Service scanning
16:58:46.350 Modules scanning
16:58:46.356 Disk 0 trace - called modules:
16:58:46.372 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
16:58:46.379 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004be2060]
16:58:46.387 3 CLASSPNP.SYS[fffff8800192943f] -> nt!IofCallDriver -> [0xfffffa8004760520]
16:58:46.397 5 ACPI.sys[fffff88000f8a781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8004758060]
16:58:46.402 Scan finished successfully
16:58:58.829 Disk 0 MBR has been saved successfully to "C:\Users\GM\Desktop\MBR.dat"
16:58:58.834 The log file has been saved successfully to "C:\Users\GM\Desktop\aswMBR.txt"

Merci beaucoup pour le coup de main!

Marco.
0
Réponse 3 / 22
snoock26 Messages postés 15 Statut Membre
 
up.
0
Réponse 4 / 22
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Sauvegarde tes documents importants.
A lire en entier.


Désactive les logiciels de protection (Antivirus, Antispywares)
En Général, cela se fait par un clic droit sur l'icône de ton antivirus en bas à droite et désactiver protection/agent ou autres.

ensuite :

Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.

Eventuellement, installe la console de récupération comme cela est conseillé

Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Si le rapport ne passe pas, envoie le sur ce site : http://pjjoint.malekal.com/
et donne le lien ici :)

Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.

Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.

Si Combofix émet toujours une alerte sur l'antivirus : Si tu es en mode sans échec continue, si tu es en mode normal et que l'antivirus est bien désactivé. Continue.
Hébergement du rapport : Utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport, donne le lien pjjoint qui pointent vers ce rapport dans un nouveau message.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
snoock26 Messages postés 15 Statut Membre
 
Bonjour,

Voici le rapport...

ComboFix 12-02-13.01 - GM 15.02.2012 7:16.1.2 - x64 NETWORK
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.41.1036.18.4061.2883 [GMT 1:00]
Lancé depuis: c:\users\GM\Desktop\1222.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\system32
c:\windows\SysWow64\system32\3DAudio.ax
c:\windows\SysWow64\system32\avrt.dll
c:\windows\SysWow64\system32\cis-2.4.dll
c:\windows\SysWow64\system32\issacapi_bs-2.3.dll
c:\windows\SysWow64\system32\issacapi_pe-2.3.dll
c:\windows\SysWow64\system32\issacapi_se-2.3.dll
c:\windows\SysWow64\system32\MACXMLProto.dll
c:\windows\SysWow64\system32\MaDRM.dll
c:\windows\SysWow64\system32\MaJGUILib.dll
c:\windows\SysWow64\system32\MAMACExtract.dll
c:\windows\SysWow64\system32\MASetupCleaner.exe
c:\windows\SysWow64\system32\MaXMLProto.dll
c:\windows\SysWow64\system32\mfplat.dll
c:\windows\SysWow64\system32\MK_Lyric.dll
c:\windows\SysWow64\system32\MSCLib.dll
c:\windows\SysWow64\system32\MSFLib.dll
c:\windows\SysWow64\system32\MSLUR71.dll
c:\windows\SysWow64\system32\msvcp60.dll
c:\windows\SysWow64\system32\MTTELECHIP.dll
c:\windows\SysWow64\system32\MTXSYNCICON.dll
c:\windows\SysWow64\system32\muzaf1.dll
c:\windows\SysWow64\system32\muzapp.dll
c:\windows\SysWow64\system32\muzapp.exe
c:\windows\SysWow64\system32\muzdecode.ax
c:\windows\SysWow64\system32\muzeffect.ax
c:\windows\SysWow64\system32\muzmp4sp.ax
c:\windows\SysWow64\system32\muzmpgsp.ax
c:\windows\SysWow64\system32\muzoggsp.ax
c:\windows\SysWow64\system32\muzwmts.dll
c:\windows\SysWow64\system32\psapi.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-01-15 au 2012-02-15 ))))))))))))))))))))))))))))))))))))
.
.
2012-02-15 06:21 . 2012-02-15 06:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-12 14:37 . 2012-02-12 14:37 -------- d-----w- C:\$AVG
2012-02-05 16:04 . 2012-02-05 16:04 93696 --sha-r- c:\windows\SysWow64\schtasksz.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-15 18:14 . 2011-12-15 18:14 2166096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-11-24 05:00 . 2011-12-15 18:17 3141632 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 15:07 . 2012-01-11 12:09 77312 ----a-w- c:\windows\system32\packager.dll
2011-11-19 14:06 . 2012-01-11 12:09 67072 ----a-w- c:\windows\SysWow64\packager.dll
2011-11-17 19:49 . 2011-06-12 11:23 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-17 07:14 . 2012-01-11 12:10 1739160 ----a-w- c:\windows\system32\ntdll.dll
2003-03-21 12:45 . 2011-11-16 18:06 250544 ----a-w- c:\program files (x86)\Common Files\keyhelp.ocx
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112]
"MyTomTomSA.exe"="c:\program files (x86)\MyTomTom 3\MyTomTomSA.exe" [2011-08-15 420312]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-09-29 20880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-04-25 61112]
"D-Link D-Link DWA-125"="c:\program files (x86)\D-Link\DWA-125 revA\AirGCFG.exe" [2010-05-21 1024000]
"WZCSLDR2"="c:\program files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe" [2010-04-21 122880]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.fr/fr.special-uninstallation-feedback-appf?lic=NFVMSzItWldKNDYtQ1k0WFAtQUU2VVItREczSE8tSVU5MkQ&inst=NzctNzE2NzMzNDk5LVNUMTBGT0krMS1ERFQrMTQ5NzMtU1QxMEZBUFArMS1GTDEwKzEtREQxMEYrMS1MMTBNSisxLUYxME0xMkpUKzEtVEJOKzEtVTEwKzE&prod=90&ver=10.0.1424" [?]
.
c:\users\GM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
Update GreenWebPlayer.lnk - c:\games\GreenWebPlayer\Updater.exe [2011-11-24 495616]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-6-18 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-01-13 821664]
S2 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [2010-03-03 53248]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\Dnetr28ux.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
Contenu du dossier 'Tâches planifiées'
.
2012-01-29 c:\windows\Tasks\HPCeeScheduleForGM.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 11:53]
.
2012-02-15 c:\windows\Tasks\OVKBQQQELI.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-05-07 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-05-07 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-05-07 413208]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ch/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Rechercher sur le Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\GM\AppData\Roaming\Mozilla\Firefox\Profiles\mez0ksle.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ch
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Heure de fin: 2012-02-15 07:27:14 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-02-15 06:27
.
Avant-CF: 245'564'891'136 octets libres
Après-CF: 245'498'277'888 octets libres
.
- - End Of File - - 4CA77234B5ACC39C7BE37817AD2D5A27


Merci !
0
Réponse 6 / 22
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
toujours des redirections Google ?
0
Réponse 7 / 22
snoock26 Messages postés 15 Statut Membre
 
Hello,

Oui toujours les mêmes redirections, qui vont vers 3 ou 4 sites, toujours les mêmes...

Par exemple, je dois ouvrir 3-4 onglets pour parvenir ici par exemple...

Merci encore pour l'aide.

Marco
0
Réponse 8 / 22
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
ça va sur quel site ?
Ca le fait sur tous les navigateurs ?
Tu peux tester pour voir.
0
Réponse 9 / 22
snoock26 Messages postés 15 Statut Membre
 
Je teste...
0
Réponse 10 / 22
snoock26 Messages postés 15 Statut Membre
 
Oui avec explorer la même chose que firefox...

Adresse des sites de redirection :

https://www.contv.com/splash/actor-interview.aspx?utm_source=affinity&utm_medium=testads&utm_campaign=AffinityCH&Subid=90692

http://adventuregamesland.com/find/?query=paris&sid=1&saff=100

...

L'onglet me note connexion et ensuite redirection...
0
Réponse 11 / 22
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Ca doit être ce fichier : c:\windows\SysWow64\schtasksz.dll

affiche les fichiers cachés : https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/

Scanne C:\windows\SysWow64\schtasksz.dll sur https://www.virustotal.com/gui/
et donne le lien de scan ici.

~~

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
nslookup www.google.fr /c
CREATERESTOREPOINT
* Clique sur le bouton Quick Scan.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent), donne le ou les liens pjjoint qui pointent vers ces rapports ici dans un nouveau message.




Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0
Réponse 12 / 22
snoock26 Messages postés 15 Statut Membre
 
Ok je fais ça maintenant...

Pardon c'est bon je l'ai!
0
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
faut affiche les fichiers cachés pour le voir.
0
Réponse 13 / 22
snoock26 Messages postés 15 Statut Membre
 
Le lien du scan :

https://www.virustotal.com/gui/file/7467bfceb803723e6972098878845252a032ee546912e8e6120016df47bed40f

J'ai lancé OTL...
0
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
hummm
c'est vraiment bizarre en plus :

2012-02-15 c:\windows\Tasks\OVKBQQQELI.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

donc c'est du vundo... et ça va avec une dll.
0
Réponse 14 / 22
snoock26 Messages postés 15 Statut Membre
 
Ok, je viens de lire des infos sur Vundo...

Rapport de OTL:

OTL Extras logfile created on: 2/15/2012 12:21:23 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\GM\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Suisse | Language: FRS | Date Format: dd.MM.yyyy

3.97 Gb Total Physical Memory | 2.57 Gb Available Physical Memory | 64.82% Memory free
7.93 Gb Paging File | 6.36 Gb Available in Paging File | 80.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.16 Gb Total Space | 228.71 Gb Free Space | 80.77% Space Free | Partition Type: NTFS
Drive D: | 14.84 Gb Total Space | 1.84 Gb Free Space | 12.37% Space Free | Partition Type: NTFS

Computer Name: GM-HP | User Name: GM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-040C-1000-0000000FF1CE}" = Microsoft Office « Démarrer en un clic » 2010
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{805EF570-019B-430E-9D01-B86FB948CB37}_is1" = Wizbee version 2.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140011-0066-040C-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Français
"{9112040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6806D86-BFF3-49CD-8E2B-87BB3507E53F}" = Web Easy Professional 8
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Français
"{B4D1A85D-FE27-41D1-A599-781F91F6B352}" = KaraWin Free
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{E45CACFE-0576-4375-A84F-C34B99A7B652}" = D-Link DWA-125
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Didapages" = Didapages 1.1
"EasyBits Magic Desktop" = Magic Desktop
"FileZilla Client" = FileZilla Client 3.5.2
"FormatFactory" = FormatFactory 2.70
"Français - Math version 6.26" = Ecole
"hotpot_is1" = HotPotatoes v 6.3.0.3
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Mozilla Firefox 9.0.1 (x86 fr)" = Mozilla Firefox 9.0.1 (x86 fr)
"MusicStationNetstaller" = MusicStation
"My HP Game Console" = HP Game Console
"MyTomTom" = MyTomTom 3.1.0.432
"Office14.Click2Run" = Microsoft Office « Démarrer en un clic » 2010
"PDF Complete" = PDF Complete Special Edition
"TOWeb-SetupID-0004_is1" = Lauyan TOWeb V4
"VLC media player" = VLC media player 1.1.10
"WildTangent hp Master Uninstall" = HP Games
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WT087361" = FATE
"WT087380" = John Deere Drive Green
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087420" = Agatha Christie - Death on the Nile
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087480" = Insaniquarium Deluxe
"WT087485" = Jewel Quest II
"WT087490" = Jewel Quest Solitaire
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"gwp-DEFAULT" = GreenWebPlayer
"la suite e-anim 9.02.015" = la suite e-anim 9.02.015

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2/3/2012 5:14:26 PM | Computer Name = GM-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 2/4/2012 7:14:08 AM | Computer Name = GM-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 2/4/2012 12:44:45 PM | Computer Name = GM-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 2/5/2012 11:46:42 AM | Computer Name = GM-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 2/5/2012 3:42:17 PM | Computer Name = GM-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 2/6/2012 2:55:48 PM | Computer Name = GM-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 2/6/2012 5:04:17 PM | Computer Name = GM-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 2/7/2012 3:56:24 PM | Computer Name = GM-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 2/8/2012 1:19:10 PM | Computer Name = GM-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 2/9/2012 2:07:41 PM | Computer Name = GM-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed:

[ Hewlett-Packard Events ]
Error - 6/12/2011 7:27:40 AM | Computer Name = GM-HP | Source = Hewlett-Packard | ID = 0
Description = fr-CH Une exception de type 'System.Exception' a été levée. HP.SupportFramework

à HP.SupportFramework.HPSFReporting.Reporting..ctor() à HP.ActiveSupportLibrary.Issues.HPSFSession..ctor(LaunchPoint
lp) à HPAssistant.HPAMain.Window_Loaded(Object sender, RoutedEventArgs e) à
System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) à System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) à System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) à System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) à System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) à System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(Object
root) à MS.Internal.LoadedOrUnloadedOperation.DoWork() à System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

à System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() à System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) à System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) à System.Windows.Media.MediaContext.Resize(ICompositionTarget
resizedCompositionTarget) à System.Windows.Interop.HwndTarget.OnResize() à
System.Windows.Interop.HwndTarget.HandleMessage(Int32 msg, IntPtr wparam, IntPtr
lparam) à System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr hwnd,
Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) à MS.Win32.HwndWrapper.WndProc(IntPtr
hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) à MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object
o) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 7/3/2011 3:52:49 PM | Computer Name = GM-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071103095248.xml
File not created by asset agent

Error - 7/18/2011 6:09:14 AM | Computer Name = GM-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071118120908.xml
File not created by asset agent

Error - 8/15/2011 12:10:36 PM | Computer Name = GM-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081115061030.xml
File not created by asset agent

[ System Events ]
Error - 12/1/2011 2:20:29 PM | Computer Name = GM-HP | Source = Service Control Manager | ID = 7001
Description = Le service Client Virtualization Handler dépend du service Application
Virtualization Client qui n'a pas pu démarrer en raison de l'erreur : %%1068

Error - 12/3/2011 11:31:06 AM | Computer Name = GM-HP | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la connexion du service Application Virtualization Service Agent.

Error - 12/3/2011 11:31:06 AM | Computer Name = GM-HP | Source = Service Control Manager | ID = 7000
Description = Le service Application Virtualization Service Agent n'a pas pu démarrer
en raison de l'erreur : %%1053

Error - 12/3/2011 11:31:37 AM | Computer Name = GM-HP | Source = Service Control Manager | ID = 7001
Description = Le service Application Virtualization Client dépend du service Application
Virtualization Service Agent qui n'a pas pu démarrer en raison de l'erreur : %%1053

Error - 12/3/2011 11:31:40 AM | Computer Name = GM-HP | Source = Service Control Manager | ID = 7001
Description = Le service Client Virtualization Handler dépend du service Application
Virtualization Client qui n'a pas pu démarrer en raison de l'erreur : %%1068

Error - 12/9/2011 3:28:01 PM | Computer Name = GM-HP | Source = Service Control Manager | ID = 7023
Description = Le service Programme d'installation pour les modules Windows s'est
arrêté avec l'erreur : %%16405

Error - 1/7/2012 6:46:22 AM | Computer Name = GM-HP | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la connexion du service Apple Mobile Device.

Error - 1/7/2012 6:46:22 AM | Computer Name = GM-HP | Source = Service Control Manager | ID = 7000
Description = Le service Apple Mobile Device n'a pas pu démarrer en raison de l'erreur :
%%1053

Error - 1/8/2012 11:59:07 AM | Computer Name = GM-HP | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la connexion du service Windows Live ID Sign-in Assistant.

Error - 1/8/2012 11:59:07 AM | Computer Name = GM-HP | Source = Service Control Manager | ID = 7000
Description = Le service Windows Live ID Sign-in Assistant n'a pas pu démarrer en
raison de l'erreur : %%1053


< End of report >
0
Réponse 15 / 22
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent), donne le ou les liens pjjoint qui pointent vers ces rapports ici dans un nouveau message.
0
Réponse 16 / 22
snoock26 Messages postés 15 Statut Membre
 
Voici les deux fichiers.

https://pjjoint.malekal.com/files.php?id=20120215_q7t9l10s13y9

https://pjjoint.malekal.com/files.php?id=20120215_t7q5v13t7e12
0
Réponse 17 / 22
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction, un rapport apparraitra, copie/colle le contenu ici:

:OTL
[2012/01/18 21:33:58 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2012/02/05 17:04:28 | 000,093,696 | RHS- | C] () -- C:\Windows\SysWow64\schtasksz.dll
[2012/02/05 17:04:28 | 000,000,302 | ---- | C] () -- C:\Windows\tasks\OVKBQQQELI.job

* redemarre le pc sous windows et poste le rapport ici
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0
Réponse 18 / 22
snoock26 Messages postés 15 Statut Membre
 
Ok je fais ça...

Avant redémarrage :

========== OTL ==========
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\skin folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\nl-NL folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\it-IT folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\fr-FR folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\es-ES folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\en-US folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\de-DE folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\content folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome folder moved successfully.
C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} folder moved successfully.
C:\Windows\SysWOW64\schtasksz.dll moved successfully.
C:\Windows\Tasks\OVKBQQQELI.job moved successfully.

OTL by OldTimer - Version 3.2.31.0 log created on 02152012_135152

Après redémarrage :

========== OTL ==========
Folder C:\Users\GM\AppData\Roaming\mozilla\Firefox\Profiles\mez0ksle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\ not found.
File C:\Windows\SysWow64\schtasksz.dll not found.
File C:\Windows\tasks\OVKBQQQELI.job not found.

OTL by OldTimer - Version 3.2.31.0 log created on 02152012_135844

Voilà...
0
Réponse 19 / 22
snoock26 Messages postés 15 Statut Membre
 
Hello,

Après plusieurs essais tout m'a l'air Ok.

Merci infiniment!

D'où est venu ce problème et que faire afin d'éviter ce genre de désagrément ? Y a-t-il une protection supplémentaire à mettre (mise à part anti-virus) à installer? Pourquoi l'anti-virus (AVG gratuit) ne stoppe-t-il pas ce genre de problème?

Meilleures salutations.

Marco
0
Réponse 20 / 22
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Pourquoi l'anti-virus (AVG gratuit) ne stoppe-t-il pas ce genre de problème?


Parce que la protection d'un antivirus est loin d'être de 100% comme on tente de le montrer dans les comparatifs.
A un instant T avec un gratos, ça doit etre 40/60% selon où tu surfs.
(bon si tu te cantonnes à lemonde.fr et mail, c'est 100% :D).

Par contre tu sembles l'avoir désinstalle, et donc plus d'antivirus.
Faut en réinstaller un.

~~

La source difficile à dire, soit un téléchargement pourri style crack/keygen.
Soit un exploit.

Important - ton infection est venue par un exploit sur site web :

Un exploit sur site WEB permet l'infection de ton ordinateur de manière automatiquement à la visite d'un site WEB qui a été hacké, il tire partie du fait que tu as des logiciels (Java, Adobe Reader etc) qui sont pas à jour et possèdent des vulnérabilités qui permettent l'execution de code (malicieux dans notre cas) à ton insu.
Le fait de ne pas avoir des logiciels à jour et qui ont potentiellement des vulnérabilités permettent donc d'infecter ton système.
Exemple avec : Exploit Java

Il faut donc impérativement maintenir tes logiciels à jour afin de ne pas voir ces portes d'entrée sur ton système.
Tant que ces logiciels ne seront pas à jour, ton PC est vulnérable et les infections peuvent s'installer facilement.

IMPORTANT : mettre à jour tes programmes notamment Java/Adobe Reader et Flash :
/faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
https://forum.malekal.com/viewtopic.php?t=15960&start=

Passe le mot à tes amis !

Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
GOOGLE avertissement de redirection
RebeccaLyli -
MPMP10 -

9 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses