PC refuse de démarrer

Résolu

Landrezac -
dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention - 23 mars 2012 à 12:01

Bonjour,
Suite introduction d'une nouvelle clé USB Kingston acheté sur Internet mon PC refuse de démarrer 9 fois sur 10 . Je viens de procéder à une analyse avec Jijackhis ci dessous le résultat.
Merci de votre aide, je ne suis pas un spécialiste.
Cordialement.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:06:51, on 11/03/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Garmin\Training Center\gStart.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\PC Sync\Voxsync.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\PC Sync\SyncManager.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\patrick\Desktop\hijackthis_telechargement_01net.exe
C:\Windows\system32\conime.exe
C:\Users\patrick\AppData\Local\Temp\01net\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windguru.cz/fr/index.php?sc=48496
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\patrick\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\Training Center\gStart.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray (User 'Default user')
O4 - Startup: Sommaire de OneNote.onetoc2
O4 - Startup: Windows Mail.lnk = C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: PC Sync.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - (no file)
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.fr/s/v/60.10/uploader2.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/39.23/uploader2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1275681647566
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_9418.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} (ConnectivityTester Class) - http://motive.club-internet.fr:2112/lwp/static/installers/WebflowActiveXInstaller_4-0-0.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DokanMounter - F-Secure - C:\Program Files\Orange\mes contenus - mon disque\mounter.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c985593015ac00) (gupdate1c985593015ac00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: olMntrService - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: Orange update Core Service - France Telecom SA - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

Afficher la suite

A voir également:

PC refuse de démarrer
Mon pc s'allume mais ne démarre pas windows 10 - Guide
Reinitialiser pc - Guide
Test performance pc - Guide
Pc long a demarrer - Guide
Downloader for pc - Télécharger - Téléchargement & Transfert

18 réponses

Réponse 1 / 18

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Salut,

* Télécharge UsbFix sur ton bureau : ici.

- Double clique sur le fichier téléchargé, UsbFix va s'installer tout seul.

- Le logiciel va normalement se lancer automatiquement, choisis l'option "Recherche".

- Vérifie que tu as bien branché tous tes disques amovibles(disques durs externes etc...), clés USB puis clique sur OK.

- L'analyse va alors commencer puis un rapport s'affichera à la fin du scan. Héberge-le sur pjjoint , et donne moi le lien fourni.

TUTO en vidéo : ici

:-)

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Quand tu démarre, as-tu une erreur? Qu'as-tu ? =)

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Rapport UB Fix

############################## | UsbFix V 7.083 | [Recherche]

Utilisateur: patrick (Administrateur) # PC-DE-PATRICK
Mis à jour le 03/03/2012 par El Desaparecido
Lancé à 19:31:40 | 11/03/2012

Site Web: https://www.sosvirus.net/
Fichier suspect ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: Packard Bell BV (EasyNote SB65) (X86-based PC) # Desktop Computer
CPU: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz (1733)
RAM -> [ Total : 3062 | Free : 1421 ]
BIOS: Ver 1.00PARTTBL
BOOT: Normal boot

OS: Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: AntiVir Desktop [ Enabled | Updated ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Disque fixe # 225 Go (119 Go libre(s) - 53%) [HDD] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 931 Go (681 Go libre(s) - 73%) [MEMUP] # FAT32
F:\ -> Disque amovible # 4 Go (2 Go libre(s) - 47%) [] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (580)
C:\Windows\system32\wininit.exe (632)
C:\Windows\system32\csrss.exe (640)
C:\Windows\system32\services.exe (684)
C:\Windows\system32\lsass.exe (716)
C:\Windows\system32\lsm.exe (724)
C:\Windows\system32\svchost.exe (876)
C:\Windows\system32\winlogon.exe (964)
C:\Windows\system32\svchost.exe (992)
C:\Windows\System32\svchost.exe (1040)
C:\Windows\System32\svchost.exe (1148)
C:\Windows\System32\svchost.exe (1224)
C:\Windows\system32\svchost.exe (1252)
C:\Windows\system32\svchost.exe (1356)
C:\Windows\system32\SLsvc.exe (1380)
C:\Windows\system32\svchost.exe (1404)
C:\Windows\system32\svchost.exe (1588)
C:\Windows\System32\spoolsv.exe (1856)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (1908)
C:\Windows\system32\svchost.exe (1928)
C:\Windows\system32\taskeng.exe (2008)
C:\Windows\system32\Dwm.exe (400)
C:\Windows\Explorer.EXE (528)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1576)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (1672)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1964)
C:\Windows\system32\taskeng.exe (1316)
C:\Program Files\Bonjour\mDNSResponder.exe (1520)
C:\Windows\system32\svchost.exe (2060)
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe (2092)
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (2104)
C:\Program Files\Orange\mes contenus - mon disque\mounter.exe (2272)
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (2312)
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (2376)
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (2448)
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe (2504)
C:\Windows\system32\svchost.exe (2584)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (2596)
C:\Windows\system32\svchost.exe (2844)
C:\Windows\System32\svchost.exe (2900)
C:\Windows\system32\SearchIndexer.exe (2948)
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (3540)
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (3568)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (3736)
C:\Windows\System32\alg.exe (3940)
C:\Program Files\Windows Defender\MSASCui.exe (2128)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3292)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (3276)
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (3256)
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (1644)
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (700)
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe (2720)
C:\Windows\System32\rundll32.exe (3560)
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (3584)
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (3852)
C:\Windows\System32\rundll32.exe (2488)
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (3856)
C:\Program Files\Real\RealPlayer\Update\realsched.exe (3408)
C:\Program Files\Windows Sidebar\sidebar.exe (444)
C:\Windows\ehome\ehtray.exe (2884)
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (1088)
C:\Program Files\Skype\Phone\Skype.exe (340)
C:\Program Files\Garmin\Training Center\gStart.exe (3908)
C:\Program Files\Windows Media Player\wmpnscfg.exe (3928)
C:\Windows\ehome\ehmsas.exe (3356)
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe (4276)
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe (4372)
C:\Program Files\PC Sync\Voxsync.exe (4532)
C:\Program Files\Windows Mail\WinMail.exe (4680)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4788)
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe (5080)
C:\Program Files\PC Sync\SyncManager.exe (5716)
C:\Windows\system32\svchost.exe (6104)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (6044)
C:\Windows\system32\svchost.exe (4164)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (2872)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4108)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (2572)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (3824)
C:\Windows\system32\rundll32.exe (4588)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4548)
C:\Users\patrick\Desktop\hijackthis_telechargement_01net.exe (5596)
C:\Windows\system32\conime.exe (5004)
C:\Users\patrick\AppData\Local\Temp\01net\HiJackThis.exe (5576)
C:\Windows\system32\NOTEPAD.EXE (1640)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4716)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (3796)
C:\Windows\system32\WUDFHost.exe (3364)
C:\Windows\system32\SearchProtocolHost.exe (3084)
C:\Windows\system32\SearchFilterHost.exe (3748)
\\?\C:\Windows\system32\wbem\WMIADAP.EXE (5840)
C:\Windows\system32\wbem\wmiprvse.exe (2160)
C:\UsbFix\Go.exe (3444)
C:\Windows\system32\wbem\wmiprvse.exe (1812)

################## | Éléments infectieux |

Présent! E:\WinMail - Raccourci.lnk
Présent! C:\captura.bmp

################## | Registre |

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{7edc00ac-d030-11de-ba6d-001e684ed12a}
Shell\AutoRun\Command = E:\WDSetup.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{eb1e9b6e-d29e-11dd-8a00-0017c41cbf12}
Shell\AutoRun\Command = K:\LaunchU3.exe -a

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Tu démarre avec la clé usb branché ?

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Je n'ai pas mis la clé qui je crois a infecté le PC, j'ai branché mon disque dur et une autre clé USB

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Mais quand tu démarre ton pc, ton disque dur ou ta clé usb est branché au port usb du pc ?

Réponse 2 / 18

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

* Lance UsbFix puis clique sur l'option "Suppression".

- Branche ou laisse branché tes disques amovibles, clés USB puis clique sur OK.

- UsbFix va alors procéder à la suppression des fichiers potentiellement détectés grâce au scan effectué précédemment.
(Il se peut que tu sois obligé de relancer explorer.exe après l'intervention de UsbFix)

- Un rapport s'affichera à l'écran. Héberge-le sur pjjoint , et donne moi le lien fourni.

TUTO en vidéo : ici

Réponse 3 / 18

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

############################## | UsbFix V 7.083 | [Suppression]

Utilisateur: patrick (Administrateur) # PC-DE-PATRICK
Mis à jour le 03/03/2012 par El Desaparecido
Lancé à 20:21:10 | 11/03/2012

Site Web: https://www.sosvirus.net/
Fichier suspect ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: Packard Bell BV (EasyNote SB65) (X86-based PC) # Desktop Computer
CPU: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz (1733)
RAM -> [ Total : 3062 | Free : 1369 ]
BIOS: Ver 1.00PARTTBL
BOOT: Normal boot

OS: Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: AntiVir Desktop [ Enabled | Updated ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Disque fixe # 225 Go (119 Go libre(s) - 53%) [HDD] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 931 Go (681 Go libre(s) - 73%) [MEMUP] # FAT32
F:\ -> Disque amovible # 4 Go (2 Go libre(s) - 47%) [] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (580)
C:\Windows\system32\wininit.exe (632)
C:\Windows\system32\csrss.exe (640)
C:\Windows\system32\services.exe (684)
C:\Windows\system32\lsass.exe (716)
C:\Windows\system32\lsm.exe (724)
C:\Windows\system32\svchost.exe (876)
C:\Windows\system32\winlogon.exe (964)
C:\Windows\system32\svchost.exe (992)
C:\Windows\System32\svchost.exe (1040)
C:\Windows\System32\svchost.exe (1148)
C:\Windows\System32\svchost.exe (1224)
C:\Windows\system32\svchost.exe (1252)
C:\Windows\system32\svchost.exe (1356)
C:\Windows\system32\SLsvc.exe (1380)
C:\Windows\system32\svchost.exe (1404)
C:\Windows\system32\svchost.exe (1588)
C:\Windows\System32\spoolsv.exe (1856)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (1908)
C:\Windows\system32\svchost.exe (1928)
C:\Windows\system32\taskeng.exe (2008)
C:\Windows\system32\Dwm.exe (400)
C:\Windows\Explorer.EXE (528)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1576)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (1672)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1964)
C:\Windows\system32\taskeng.exe (1316)
C:\Program Files\Bonjour\mDNSResponder.exe (1520)
C:\Windows\system32\svchost.exe (2060)
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe (2092)
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (2104)
C:\Program Files\Orange\mes contenus - mon disque\mounter.exe (2272)
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (2312)
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (2376)
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (2448)
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe (2504)
C:\Windows\system32\svchost.exe (2584)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (2596)
C:\Windows\system32\svchost.exe (2844)
C:\Windows\System32\svchost.exe (2900)
C:\Windows\system32\SearchIndexer.exe (2948)
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (3540)
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (3568)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (3736)
C:\Windows\System32\alg.exe (3940)
C:\Program Files\Windows Defender\MSASCui.exe (2128)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3292)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (3276)
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (3256)
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (1644)
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (700)
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe (2720)
C:\Windows\System32\rundll32.exe (3560)
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (3584)
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (3852)
C:\Windows\System32\rundll32.exe (2488)
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (3856)
C:\Program Files\Real\RealPlayer\Update\realsched.exe (3408)
C:\Program Files\Windows Sidebar\sidebar.exe (444)
C:\Windows\ehome\ehtray.exe (2884)
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (1088)
C:\Program Files\Skype\Phone\Skype.exe (340)
C:\Program Files\Garmin\Training Center\gStart.exe (3908)
C:\Program Files\Windows Media Player\wmpnscfg.exe (3928)
C:\Windows\ehome\ehmsas.exe (3356)
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe (4276)
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe (4372)
C:\Program Files\PC Sync\Voxsync.exe (4532)
C:\Program Files\Windows Mail\WinMail.exe (4680)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4788)
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe (5080)
C:\Program Files\PC Sync\SyncManager.exe (5716)
C:\Windows\system32\svchost.exe (6104)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (6044)
C:\Windows\system32\svchost.exe (4164)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (2872)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4108)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (2572)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (3824)
C:\Windows\system32\rundll32.exe (4588)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4548)
C:\Users\patrick\Desktop\hijackthis_telechargement_01net.exe (5596)
C:\Windows\system32\conime.exe (5004)
C:\Users\patrick\AppData\Local\Temp\01net\HiJackThis.exe (5576)
C:\Windows\system32\NOTEPAD.EXE (1640)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4716)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (3796)
C:\Windows\system32\WUDFHost.exe (3364)
C:\Windows\system32\NOTEPAD.EXE (2604)
C:\UsbFix\Go.exe (3108)
C:\Windows\system32\wbem\wmiprvse.exe (3192)
C:\Windows\system32\msfeedssync.exe (4564)

################## | Processus Stoppés |

Stoppé! C:\Windows\system32\SLsvc.exe (1380)
Stoppé! C:\Windows\System32\spoolsv.exe (1856)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\sched.exe (1908)
Stoppé! C:\Windows\system32\taskeng.exe (2008)
Stoppé! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1576)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\avguard.exe (1672)
Stoppé! C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1964)
Stoppé! C:\Windows\system32\taskeng.exe (1316)
Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (1520)
Stoppé! C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe (2092)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (2104)
Stoppé! C:\Program Files\Orange\mes contenus - mon disque\mounter.exe (2272)
Stoppé! C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (2312)
Stoppé! C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (2376)
Stoppé! C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (2448)
Stoppé! C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe (2504)
Stoppé! C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (2596)
Stoppé! C:\Windows\system32\SearchIndexer.exe (2948)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (3540)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (3568)
Stoppé! C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (3736)
Stoppé! C:\Windows\System32\alg.exe (3940)
Stoppé! C:\Program Files\Windows Defender\MSASCui.exe (2128)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3292)
Stoppé! C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (3276)
Stoppé! C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (3256)
Stoppé! C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (1644)
Stoppé! C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (700)
Stoppé! C:\Program Files\OrangeHSS\Systray\SystrayApp.exe (2720)
Stoppé! C:\Windows\System32\rundll32.exe (3560)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (3584)
Stoppé! C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (3852)
Stoppé! C:\Windows\System32\rundll32.exe (2488)
Stoppé! C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (3856)
Stoppé! C:\Program Files\Real\RealPlayer\Update\realsched.exe (3408)
Stoppé! C:\Program Files\Windows Sidebar\sidebar.exe (444)
Stoppé! C:\Windows\ehome\ehtray.exe (2884)
Stoppé! C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (1088)
Stoppé! C:\Program Files\Skype\Phone\Skype.exe (340)
Stoppé! C:\Program Files\Garmin\Training Center\gStart.exe (3908)
Stoppé! C:\Program Files\Windows Media Player\wmpnscfg.exe (3928)
Stoppé! C:\Windows\ehome\ehmsas.exe (3356)
Stoppé! C:\Program Files\Brother\ControlCenter3\brccMCtl.exe (4276)
Stoppé! C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe (4372)
Stoppé! C:\Program Files\PC Sync\Voxsync.exe (4532)
Stoppé! C:\Program Files\Windows Mail\WinMail.exe (4680)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (4788)
Stoppé! C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe (5080)
Stoppé! C:\Program Files\PC Sync\SyncManager.exe (5716)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (2872)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4108)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (2572)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (3824)
Stoppé! C:\Windows\system32\rundll32.exe (4588)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4548)
Stoppé! C:\Users\patrick\Desktop\hijackthis_telechargement_01net.exe (5596)
Stoppé! C:\Windows\system32\conime.exe (5004)
Stoppé! C:\Users\patrick\AppData\Local\Temp\01net\HiJackThis.exe (5576)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4716)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (3796)
Stoppé! C:\Windows\system32\WUDFHost.exe (3364)

################## | Éléments infectieux |

Supprimé! E:\WinMail - Raccourci.lnk
Supprimé! C:\$RECYCLE.BIN\S-1-5-18
Supprimé! C:\$RECYCLE.BIN\S-1-5-20
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2152478756-3922319563-605102323-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-775869512-657412293-3378317309-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-805405075-2586154024-260999206-1002
Supprimé! C:\captura.bmp

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{7edc00ac-d030-11de-ba6d-001e684ed12a}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{eb1e9b6e-d29e-11dd-8a00-0017c41cbf12}

################## | Listing |

[11/03/2012 - 20:22:46 | SHD ] C:\$Recycle.Bin
[18/09/2006 - 22:43:36 | N | 24] C:\autoexec.bat
[22/07/2008 - 15:34:12 | N | 592346] C:\AWPHF.log
[24/09/2008 - 08:39:41 | D ] C:\b0a3eddf45be1feba8
[18/09/2009 - 14:46:49 | D ] C:\boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[11/03/2006 - 02:58:15 | N | 8192] C:\BOOTSECT.BAK
[18/09/2006 - 22:43:37 | N | 10] C:\config.sys
[02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings
[05/06/2011 - 10:32:50 | D ] C:\downloads
[06/09/2008 - 17:52:54 | D ] C:\drivers
[09/10/2009 - 20:44:27 | D ] C:\emme
[28/12/2010 - 10:53:05 | N | 2382] C:\ExtractLog.txt
[20/08/2009 - 14:54:55 | D ] C:\Fat32Format
[16/05/2011 - 09:32:27 | D ] C:\Garmin
[16/07/2008 - 12:01:42 | D ] C:\hegames
[11/03/2012 - 18:43:41 | ASH | 3211190272] C:\hiberfil.sys
[10/03/2006 - 19:19:53 | D ] C:\Intel
[18/07/2008 - 12:06:52 | N | 0] C:\IO.SYS
[20/08/2009 - 09:38:33 | D ] C:\Memup
[18/07/2008 - 12:06:52 | N | 0] C:\MSDOS.SYS
[10/03/2006 - 19:58:20 | RHD ] C:\MSOCache
[29/02/2004 - 16:44:34 | N | 52576] C:\orange.bmp
[11/03/2012 - 18:43:38 | ASH | 3524993024] C:\pagefile.sys
[24/09/2008 - 08:54:02 | D ] C:\PerfLogs
[11/03/2012 - 19:01:20 | D ] C:\Program Files
[23/02/2012 - 21:49:59 | HD ] C:\ProgramData
[12/07/2008 - 08:31:53 | D ] C:\Securitoo
[10/03/2006 - 19:26:18 | N | 86] C:\setup.log
[04/10/2008 - 18:23:21 | D ] C:\sj700
[11/03/2012 - 18:57:13 | SHD ] C:\System Volume Information
[17/11/2008 - 19:25:13 | D ] C:\temp
[11/03/2012 - 20:22:46 | D ] C:\UsbFix
[11/03/2012 - 20:22:05 | A | 12684] C:\UsbFix.txt
[11/07/2008 - 10:21:05 | D ] C:\Users
[30/07/2008 - 08:08:22 | N | 390044] C:\vcredist_x86.log
[11/03/2012 - 19:04:39 | D ] C:\Windows
[20/08/2009 - 16:03:26 | SHD ] E:\$RECYCLE.BIN
[21/08/2009 - 11:41:10 | D ] E:\Musique
[21/08/2009 - 15:53:56 | D ] E:\Vidéo
[29/11/2009 - 21:42:32 | D ] E:\Photo
[21/08/2009 - 15:54:44 | D ] E:\Autres
[24/12/2009 - 10:14:22 | SHD ] E:\System Volume Information
[04/04/2010 - 15:23:10 | D ] E:\Nouveau dossier
[31/05/2010 - 19:14:38 | N | 278] E:\HDD (C) - Raccourci.lnk
[24/07/2010 - 13:56:00 | D ] E:\Musique Amélie
[10/04/2010 - 17:26:40 | D ] E:\K-Lite Codec Pack
[16/11/2011 - 14:11:18 | ASH | 15872] E:\Thumbs.db
[16/11/2011 - 14:11:12 | D ] E:\ANNE COPIE
[16/11/2011 - 14:13:24 | D ] E:\Ma musique
[30/01/2012 - 14:41:50 | D ] E:\Films
[02/03/2012 - 17:35:58 | D ] E:\VANNETAISE 2011
[05/01/2012 - 13:33:08 | D ] E:\Evelyne
[14/12/2011 - 22:42:20 | D ] E:\Factures
[26/02/2012 - 18:32:26 | D ] E:\Garmin
[05/03/2012 - 08:46:38 | D ] E:\Perso Patrick
[29/02/2012 - 15:52:48 | D ] E:\Trail des Remparts
[06/03/2012 - 21:34:28 | D ] E:\Gite
[12/02/2012 - 17:17:04 | D ] E:\Informatiqu
[24/11/2011 - 15:03:14 | D ] E:\Location Vannes
[19/01/2012 - 21:56:30 | D ] E:\Anniv PD
[24/12/2011 - 10:08:52 | D ] E:\Amélie
[06/03/2012 - 13:46:20 | D ] E:\VANNETAISE 2012
[12/06/2011 - 18:09:22 | D ] E:\VANNETAISE 2010
[04/02/2012 - 16:40:00 | D ] E:\VANNETAISE 2009
[19/12/2011 - 22:24:52 | N | 137300868] E:\Marathon de NewYork.wmv
[03/02/2012 - 14:21:36 | N | 368935524] E:\Clem 1 an.wmv
[03/02/2012 - 16:00:46 | N | 267694228] E:\clem 2 ans.wmv
[03/02/2012 - 16:11:52 | N | 3282542010] E:\Clem 1 an.avi
[24/02/2012 - 09:04:52 | N | 3864542] E:\location le croisic côte sauvage.wmv - YouTube.flv
[05/12/2011 - 08:13:30 | D ] E:\ControlCenter3
[03/01/2012 - 21:21:24 | D ] E:\Dec 2011
[26/12/2011 - 09:03:46 | D ] E:\Noel 2011
[06/02/2012 - 14:59:04 | N | 75698] E:\raid séné 2012.JPG
[06/02/2012 - 15:00:00 | N | 86415] E:\séné 2012 1.JPG
[06/02/2012 - 15:01:46 | N | 136382] E:\sené raid 2012 2.JPG
[04/03/2012 - 20:16:22 | N | 50052] E:\nICO.JPG
[19/12/2011 - 16:09:26 | D ] E:\Photos frères
[03/01/2012 - 15:47:54 | D ] E:\Nico planche 3 01 12
[03/02/2012 - 09:14:46 | N | 176071048] E:\clementine 2 premières années_0001.wmv
[11/03/2012 - 19:08:26 | N | 14467] E:\hijackthis.log
[25/07/2011 - 11:37:04 | D ] F:\VANNETAISE 2011
[18/01/2012 - 21:25:08 | N | 3500705] F:\DSC08252.JPG
[11/08/2011 - 09:49:10 | D ] F:\Perso Patrick
[09/06/2011 - 18:14:54 | N | 4096] F:\._.Trashes
[15/07/2011 - 21:49:46 | D ] F:\Evelyne
[17/01/2012 - 20:57:42 | D ] F:\Remise 18 janvier
[18/02/2012 - 09:48:14 | D ] F:\carnet
[09/06/2011 - 18:14:54 | D ] F:\.Trashes
[18/01/2012 - 20:26:12 | D ] F:\REMISE CHQ
[23/09/2010 - 10:22:20 | D ] F:\.Spotlight-V100
[03/10/2011 - 19:18:10 | D ] F:\Pixel
[29/01/2012 - 08:44:26 | N | 4589568] F:\Partenariat 2012.doc
[06/03/2012 - 13:46:20 | D ] F:\VANNETAISE 2012
[24/01/2012 - 20:44:52 | D ] F:\Notaire
[16/01/2012 - 19:29:06 | N | 107321344] F:\carnet tendances.ppt
[05/03/2012 - 08:46:38 | N | 65655] F:\arradon trail.pdf
[18/02/2012 - 09:16:28 | D ] F:\p.jugan@live.fr
[22/07/2010 - 20:21:12 | D ] F:\Scripts
[12/11/2011 - 11:47:28 | D ] F:\Sony
[06/02/2012 - 09:04:46 | D ] F:\Sport
[12/11/2011 - 11:42:08 | D ] F:\Voeux calendrier
[12/11/2011 - 11:42:24 | D ] F:\Voyage
[06/02/2012 - 10:58:38 | N | 24842690] F:\annulation veolia.bmp
[28/12/2011 - 12:59:48 | D ] F:\Amélie
[04/10/2011 - 11:56:02 | D ] F:\logovannetaise
[12/11/2011 - 11:45:50 | D ] F:\Bricolage
[24/01/2012 - 12:07:48 | D ] F:\Budget
[18/02/2012 - 10:20:18 | D ] F:\Carnet d'adresse
[27/12/2011 - 15:21:48 | D ] F:\Conflit
[10/06/2011 - 08:24:58 | D ] F:\Coudray
[09/11/2011 - 18:42:28 | D ] F:\pack office 1
[26/08/2010 - 13:26:02 | D ] F:\Evadeo
[18/02/2012 - 09:16:24 | D ] F:\Fichier La Vannetaise
[26/09/2011 - 13:51:02 | D ] F:\Impot
[31/12/2011 - 08:57:32 | D ] F:\Informatique
[18/02/2012 - 09:16:24 | D ] F:\jugan@hotmail.com
[18/02/2012 - 09:16:26 | D ] F:\la vanneteaise bureau
[01/03/2012 - 11:03:38 | D ] F:\M P
[11/12/2011 - 17:38:32 | D ] F:\Mamies
[16/10/2009 - 21:08:34 | D ] F:\Memup
[05/12/2011 - 22:54:20 | D ] F:\Evelyne Lycée
[19/02/2012 - 09:04:34 | D ] F:\Evelyne perso
[20/01/2011 - 20:16:20 | D ] F:\PACKOFFICE
[30/01/2011 - 21:38:26 | D ] F:\VANNETAISE 2010

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-PATRICK.zip
http://eldesaparecido.com/upload.html
Merci de votre contribution.

################## | E.O.F |

Réponse 4 / 18

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Ok redémarre le pc et débranche tout ce que tu as de brancher aux ports usb du pc et démarre-le et regarde si il démarre =)

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 18

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Super le démarrage s'est bien effectué, j'espère que cela va continuer.
Merci beaucoup pour ton aide précieuse.
Bien cordialement.

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Ok tu avait branché ta clé usb infecté lors d'appliquer USBfix ?

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Non j'ai eu peur, fallait il la brancher ?

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Oui recommence l'option Suppression avec elle brancher, si elle est infecté, USBFix va s'en-charger ;-)

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Avec la clé infecté l'antivirus Avira a noté: Pour votre sécurité l'accès au fichier E;/autorun.inf a été bloqué.
Ci-dessous rapport:

############################## | UsbFix V 7.083 | [Suppression]

Utilisateur: patrick (Administrateur) # PC-DE-PATRICK
Mis à jour le 03/03/2012 par El Desaparecido
Lancé à 21:23:34 | 11/03/2012

Site Web: https://www.sosvirus.net/
Fichier suspect ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: Packard Bell BV (EasyNote SB65) (X86-based PC) # Desktop Computer
CPU: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz (1733)
RAM -> [ Total : 3062 | Free : 1388 ]
BIOS: Ver 1.00PARTTBL
BOOT: Normal boot

OS: Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: AntiVir Desktop [ Enabled | Updated ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Disque fixe # 225 Go (118 Go libre(s) - 53%) [HDD] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 7 Go (6 Go libre(s) - 89%) [KINGSTON] # FAT32

################## | Processus Actif |

C:\Windows\system32\csrss.exe (580)
C:\Windows\system32\wininit.exe (632)
C:\Windows\system32\csrss.exe (640)
C:\Windows\system32\services.exe (684)
C:\Windows\system32\lsass.exe (704)
C:\Windows\system32\lsm.exe (712)
C:\Windows\system32\svchost.exe (856)
C:\Windows\system32\winlogon.exe (944)
C:\Windows\system32\svchost.exe (956)
C:\Windows\System32\svchost.exe (1020)
C:\Windows\System32\svchost.exe (1096)
C:\Windows\System32\svchost.exe (1224)
C:\Windows\system32\svchost.exe (1256)
C:\Windows\system32\svchost.exe (1340)
C:\Windows\system32\SLsvc.exe (1368)
C:\Windows\system32\svchost.exe (1416)
C:\Windows\system32\svchost.exe (1608)
C:\Windows\System32\spoolsv.exe (1872)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (1936)
C:\Windows\system32\taskeng.exe (1964)
C:\Windows\system32\Dwm.exe (1972)
C:\Windows\system32\svchost.exe (1992)
C:\Windows\Explorer.EXE (2036)
C:\Windows\system32\taskeng.exe (740)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2020)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (12)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1576)
C:\Program Files\Bonjour\mDNSResponder.exe (1804)
C:\Windows\system32\svchost.exe (1780)
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe (2028)
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (1496)
C:\Program Files\Orange\mes contenus - mon disque\mounter.exe (1812)
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (2068)
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (2116)
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (2148)
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe (2208)
C:\Windows\system32\svchost.exe (2312)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (2328)
C:\Windows\system32\svchost.exe (2540)
C:\Windows\System32\svchost.exe (2580)
C:\Windows\system32\SearchIndexer.exe (2612)
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (3184)
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (3200)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (3264)
C:\Windows\System32\alg.exe (3464)
C:\Program Files\Windows Defender\MSASCui.exe (3676)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3924)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (3960)
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (3988)
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (4000)
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (4044)
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe (4056)
C:\Windows\System32\rundll32.exe (1304)
C:\Windows\System32\rundll32.exe (2368)
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (2556)
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (1948)
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (2956)
C:\Program Files\Real\RealPlayer\Update\realsched.exe (2300)
C:\Program Files\Windows Sidebar\sidebar.exe (1488)
C:\Windows\ehome\ehtray.exe (3552)
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3740)
C:\Windows\ehome\ehmsas.exe (3020)
C:\Program Files\Skype\Phone\Skype.exe (3736)
C:\Program Files\Garmin\Training Center\gStart.exe (3932)
C:\Program Files\Windows Media Player\wmpnscfg.exe (4072)
C:\Program Files\PC Sync\Voxsync.exe (2136)
C:\Program Files\Windows Mail\WinMail.exe (2356)
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe (3764)
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe (3848)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3004)
C:\Program Files\PC Sync\SyncManager.exe (3408)
C:\Windows\system32\SearchProtocolHost.exe (3888)
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe (2832)
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (5148)
C:\Windows\system32\svchost.exe (5748)
C:\Windows\system32\svchost.exe (4272)
C:\Program Files\Windows Calendar\wincal.exe (5512)
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE (5672)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5832)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (2376)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4740)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5576)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5788)
C:\Windows\system32\rundll32.exe (4616)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5416)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5996)
C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5184)
C:\Windows\system32\SearchFilterHost.exe (5768)
C:\Windows\System32\mobsync.exe (4632)
C:\Windows\system32\WUDFHost.exe (3284)
C:\Program Files\Windows Media Player\wmplayer.exe (3292)
C:\UsbFix\Go.exe (5320)
C:\Windows\system32\wbem\wmiprvse.exe (3696)

################## | Processus Stoppés |

Stoppé! C:\Windows\system32\SLsvc.exe (1368)
Stoppé! C:\Windows\System32\spoolsv.exe (1872)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\sched.exe (1936)
Stoppé! C:\Windows\system32\taskeng.exe (1964)
Stoppé! C:\Windows\system32\taskeng.exe (740)
Stoppé! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2020)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\avguard.exe (12)
Stoppé! C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1576)
Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (1804)
Stoppé! C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe (2028)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (1496)
Stoppé! C:\Program Files\Orange\mes contenus - mon disque\mounter.exe (1812)
Stoppé! C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (2068)
Stoppé! C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (2116)
Stoppé! C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (2148)
Stoppé! C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe (2208)
Stoppé! C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (2328)
Stoppé! C:\Windows\system32\SearchIndexer.exe (2612)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (3184)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (3200)
Stoppé! C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (3264)
Stoppé! C:\Windows\System32\alg.exe (3464)
Stoppé! C:\Program Files\Windows Defender\MSASCui.exe (3676)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3924)
Stoppé! C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (3960)
Stoppé! C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (3988)
Stoppé! C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (4000)
Stoppé! C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (4044)
Stoppé! C:\Program Files\OrangeHSS\Systray\SystrayApp.exe (4056)
Stoppé! C:\Windows\System32\rundll32.exe (1304)
Stoppé! C:\Windows\System32\rundll32.exe (2368)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (2556)
Stoppé! C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (1948)
Stoppé! C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (2956)
Stoppé! C:\Program Files\Real\RealPlayer\Update\realsched.exe (2300)
Stoppé! C:\Program Files\Windows Sidebar\sidebar.exe (1488)
Stoppé! C:\Windows\ehome\ehtray.exe (3552)
Stoppé! C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3740)
Stoppé! C:\Windows\ehome\ehmsas.exe (3020)
Stoppé! C:\Program Files\Skype\Phone\Skype.exe (3736)
Stoppé! C:\Program Files\Garmin\Training Center\gStart.exe (3932)
Stoppé! C:\Program Files\Windows Media Player\wmpnscfg.exe (4072)
Stoppé! C:\Program Files\PC Sync\Voxsync.exe (2136)
Stoppé! C:\Program Files\Brother\ControlCenter3\brccMCtl.exe (3764)
Stoppé! C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe (3848)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (3004)
Stoppé! C:\Program Files\PC Sync\SyncManager.exe (3408)
Stoppé! C:\Windows\system32\SearchProtocolHost.exe (3888)
Stoppé! C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe (2832)
Stoppé! C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (5148)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5832)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (2376)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (4740)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5576)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5788)
Stoppé! C:\Windows\system32\rundll32.exe (4616)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5996)
Stoppé! C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe (5184)
Stoppé! C:\Windows\system32\SearchFilterHost.exe (5768)
Stoppé! C:\Windows\system32\WUDFHost.exe (3284)
Stoppé! \\?\C:\Windows\system32\wbem\WMIADAP.EXE (5744)

################## | Éléments infectieux |

Supprimé! C:\$RECYCLE.BIN\S-1-5-21-805405075-2586154024-260999206-1002
Non supprimé ! E:\autorun.inf

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Mountpoints2 |

################## | Listing |

[11/03/2012 - 21:29:01 | SHD ] C:\$Recycle.Bin
[18/09/2006 - 22:43:36 | N | 24] C:\autoexec.bat
[11/03/2012 - 20:24:12 | RASHD ] C:\Autorun.inf
[22/07/2008 - 15:34:12 | N | 592346] C:\AWPHF.log
[24/09/2008 - 08:39:41 | D ] C:\b0a3eddf45be1feba8
[18/09/2009 - 14:46:49 | D ] C:\boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[11/03/2006 - 02:58:15 | N | 8192] C:\BOOTSECT.BAK
[18/09/2006 - 22:43:37 | N | 10] C:\config.sys
[02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings
[05/06/2011 - 10:32:50 | D ] C:\downloads
[06/09/2008 - 17:52:54 | D ] C:\drivers
[09/10/2009 - 20:44:27 | D ] C:\emme
[28/12/2010 - 10:53:05 | N | 2382] C:\ExtractLog.txt
[20/08/2009 - 14:54:55 | D ] C:\Fat32Format
[16/05/2011 - 09:32:27 | D ] C:\Garmin
[16/07/2008 - 12:01:42 | D ] C:\hegames
[11/03/2012 - 20:36:48 | ASH | 3211190272] C:\hiberfil.sys
[10/03/2006 - 19:19:53 | D ] C:\Intel
[18/07/2008 - 12:06:52 | N | 0] C:\IO.SYS
[20/08/2009 - 09:38:33 | D ] C:\Memup
[18/07/2008 - 12:06:52 | N | 0] C:\MSDOS.SYS
[10/03/2006 - 19:58:20 | RHD ] C:\MSOCache
[29/02/2004 - 16:44:34 | N | 52576] C:\orange.bmp
[11/03/2012 - 20:36:45 | ASH | 3524993024] C:\pagefile.sys
[24/09/2008 - 08:54:02 | D ] C:\PerfLogs
[11/03/2012 - 19:01:20 | D ] C:\Program Files
[23/02/2012 - 21:49:59 | HD ] C:\ProgramData
[12/07/2008 - 08:31:53 | D ] C:\Securitoo
[10/03/2006 - 19:26:18 | N | 86] C:\setup.log
[04/10/2008 - 18:23:21 | D ] C:\sj700
[11/03/2012 - 18:57:13 | SHD ] C:\System Volume Information
[17/11/2008 - 19:25:13 | D ] C:\temp
[11/03/2012 - 21:29:02 | D ] C:\UsbFix
[11/03/2012 - 21:24:40 | A | 12361] C:\UsbFix.txt
[11/03/2012 - 20:24:19 | N | 27663] C:\UsbFix_Upload_Me_PC-DE-PATRICK.zip
[11/07/2008 - 10:21:05 | D ] C:\Users
[30/07/2008 - 08:08:22 | N | 390044] C:\vcredist_x86.log
[11/03/2012 - 19:04:39 | D ] C:\Windows
[14/04/2010 - 22:54:30 | N | 166] E:\autorun.inf
[14/09/2011 - 12:07:16 | N | 361248] E:\unInstaller.exe
[10/12/2011 - 02:08:18 | D ] E:\urDrive
[14/09/2011 - 12:07:04 | N | 1934624] E:\urDrive.exe
[07/03/2012 - 20:29:00 | N | 110592] E:\soiree partenaires.doc
[07/09/2011 - 15:31:04 | N | 5414120] E:\05 Carol's Interlude.wma
[07/09/2011 - 15:31:12 | N | 6501772] E:\06 The End of a Love Affair.wma
[07/09/2011 - 15:31:14 | N | 4469908] E:\07 Hank's Symphony.wma
[07/09/2011 - 15:31:16 | N | 6878228] E:\08 Weird-O [-].wma
[07/09/2011 - 15:31:18 | N | 2790674] E:\09 Ill Wind [-].wma
[07/09/2011 - 15:31:18 | N | 6914088] E:\10 Late Show [-].wma
[07/09/2011 - 15:31:18 | N | 6274690] E:\11 Deciphering the Message [#][-].wma
[07/09/2011 - 15:31:22 | N | 6029688] E:\12 Carol's Interlude [Alternate Take][-].wma
[07/09/2011 - 15:30:48 | N | 14115208] E:\01 It's Only a Paper Moon.wma
[07/09/2011 - 15:30:52 | N | 12029514] E:\02 Noise in the Attic.wma
[07/09/2011 - 15:30:58 | N | 10350236] E:\03 Moanin'.wma
[07/09/2011 - 15:31:02 | N | 5617320] E:\04 I Didn't Know What Time It Was.wma
[07/09/2011 - 15:31:02 | N | 12166946] E:\05 Blues March.wma
[07/09/2011 - 15:31:08 | N | 16009568] E:\06 A Night in Tunisia.wma
[07/09/2011 - 15:31:24 | N | 13966140] E:\Art Blakey, Bud Powell, Barney Wilen, Wayne Shorter, Lee Morgan - Paris Jam Session - 02 - Bouncing With Bud.mp3
[24/03/2008 - 20:19:40 | N | 101637222] E:\01 Moanin'.wav
[24/03/2008 - 20:21:44 | N | 68325834] E:\03 Lester Left Town.wav
[24/03/2008 - 20:23:18 | N | 119340716] E:\04 A Night in Tunisia.wav
[24/03/2008 - 20:24:24 | N | 93179410] E:\05 Dat Dere.wav
[24/03/2008 - 20:25:22 | N | 87153610] E:\06 Mosaic [-].wav
[08/03/2012 - 21:31:08 | N | 118063578] E:\07 Free for All [-].wav

################## | Vaccin |

E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-PATRICK.zip
http://eldesaparecido.com/upload.html
Merci de votre contribution.

################## | E.O.F |

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Ok Maintenant regarde si tout marche bien ;-)

Réponse 6 / 18

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

On va diagnostiquer ton pc :

Laisse ta clé usb Kingston branchée

* Télécharge ZHPDiag (de Nicolas Coolman) : ici

*Lance le ( Pour Windows Vista et Windows 7 clic-droit --> Exécuter en temps qu'administrateur)

* Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau)

*Il va se lancer tout seul.

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)

*Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette.

*Rends toi sur Pjjoint : ici, clique sur "Choisissez un fichier", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier.
Puis copie/colle le lien fourni dans ta prochaine réponse.

PS: Tous les rapports que tu devra me donner après donne les moi par pjjoint.

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Pardon j'ai oublié d'utiliser Pjjoint:
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120311_f8i15n15d6m6

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Bonjour, je reviens vers toi ce matin mon PC est toujours infecté et pour l'instant il refuse de démarrer. Il s'agit toujours du fichier autorun;inf..
Merci si tu peux encore m'aider.

Réponse 7 / 18

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Rapport de ZHPDiag v1.28.34 par Nicolas Coolman, Update du 06/03/2012
Run by patrick at 11/03/2012 22:09:30
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Nouvelle version disponible

---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox v3.6.3 (fr)
GCIE: Google Chrome (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : MQ3CQ
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3061 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 118 GB (52%) free of 225 GB

---\\ Logged in mode
~ Computer Name: PC-DE-PATRICK
~ User Name: patrick
~ All Users Names: patrick, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\patrick\AppData\Roaming\
~ %Desktop% : C:\Users\patrick\Desktop\
~ %Favorites% : C:\Users\patrick\Favorites\
~ %LocalAppData% : C:\Users\patrick\AppData\Local\
~ %StartMenu% : C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 118 Go of 225 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Free 7 Go of 7 Go)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.1D94FA7C81D2FFE494AF094619BA706F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/12/2011 - 03:57:18.) -- C:\Windows\system32\wininet.dll [1127424]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (.Microsoft Corporation - DLL client de l'API uilisateur de Windows multi-utilisateurs.) (.19/01/2008 - 08:34:10.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/04/2009 - 07:32:55.) -- C:\Windows\system32\drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/867
~ Mes musiques (My Musics) : 21/814
~ Mes Videos (My Videos) : 1/69
~ Mes Favoris (My Favorites) : Non accessible (Not found)
~ Mes Documents (My Documents) : 193/13471
~ Mon Bureau (My Desktop) : 2/39
~ Menu demarrer (Programs) : 19/60
~ Scan Hidden Files in 00mn 12s

---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.1188]
[MD5.8C6BC84B3513BE42EC204FEE5FB29446] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [894512] [PID.2576]
[MD5.BF38C273C3EC524880AF0AEB2E7CE160] - (.Sonic Solutions - RoxMMTrayApp Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [232184] [PID.2452]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192] [PID.2496]
[MD5.F371C6DF9A810EF2E6E4FA60ACBB5C33] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174872] [PID.1376]
[MD5.2D1389E05A807D956829F44BD4B60389] - (.Symantec Corporation - LiveUpdate Notice Service.) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048] [PID.]
[MD5.9AEF1107109189F955192D4B714B516C] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [90112] [PID.2524]
[MD5.A9FB2FE96FFBFD57ADB40CB7910A1831] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.680]
[MD5.27249F2A900032F3C2DFAB8DE8F16399] - (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984] [PID.3356]
[MD5.70A5FB08BBE2AE2B6A4D17F6F9F2E479] - (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1150976] [PID.2404]
[MD5.0EC18F61E86F87C0ADE782920B403D9A] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [296056] [PID.2632]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.3808]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.79197AB8FC20E781BA141E291866A909] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [17351304] [PID.3952]
[MD5.4B4F81C294B9A07479F4F4F8FF20E58C] - (.GARMIN Corp. - gStart Application.) -- C:\Program Files\Garmin\Training Center\gStart.exe [1891416] [PID.3968]
[MD5.B2F2C6B80624CF017504B125E843B3D3] - (.Voxmobili - Voxsync Desktop Companion.) -- C:\Program Files\PC Sync\Voxsync.exe [712704] [PID.3408]
[MD5.7E6EA9CB72B5DE84A5D700BED877E5F9] - (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe [397312] [PID.4044]
[MD5.4BAFEB055A5D44D69DAA437BAD787663] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112] [PID.3348]
[MD5.678C02792F37B0F4A3AEA97D2BE66601] - (.Brother Industries, Ltd. - Control Center 3 Main Program.) -- C:\Program Files\Brother\ControlCenter3\brccMCtl.exe [872448] [PID.1416]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.4172]
[MD5.1F17D3F0A519844624BEEB8920B3DF2B] - (.Brother Industries, Ltd. - Brother Status Monitor (Local).) -- C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe [221184] [PID.4684]
[MD5.C95EC84F61F1ACD19248FB686B010FDD] - (...) -- C:\Program Files\PC Sync\SyncManager.exe [139264] [PID.4900]
[MD5.2D4040F03702E79F6FA98D2E76BA831F] - (.Sonic Solutions - ROXHelpRunner Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe [17656] [PID.4600]
[MD5.E064FD78838E85C764C9D0B01A48C421] - (.Google Inc. - Google Chrome.) -- C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe [1049072] [PID.5832]
[MD5.46AE705AC463F50AC714C8084A09A2A3] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2211328] [PID.2480]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.6004]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]
[MD5.D3C082DBEDE98AC2F413F2CAB60CF89D] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.]
[MD5.62B7936F9036DD6ED36E6A7EFA805DC0] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [63928] [PID.]
[MD5.CE26E00E25E15BBBA5145E8C101B82AC] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.]
[MD5.F2060A34C8A75BC24A9222EB4F8C07BD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [349472] [PID.]
[MD5.A6B41F3044B2C099BBB5531CAA0551D5] - (.Canal+ Active - CanalPlus.VOD.Service.) -- C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [188416] [PID.]
[MD5.C3471D46F41CC36633F4B48565036387] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.]
[MD5.2FFC08F8FFBCB84369749BC1763BFAE4] - (.F-Secure - Terra Giga Drive.) -- C:\Program Files\Orange\mes contenus - mon disque\mounter.exe [76592] [PID.]
[MD5.7DB02C7ED0C79C40EC1D845691E98FF5] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [57344] [PID.]
[MD5.AE38A12F79A4980DDB88F36514F8A1DA] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [355096] [PID.]
[MD5.4479D4F0114F7CC28A06DA1F86325CEB] - (.Olivetti - Olivetti Device Monitor Service.) -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe [86016] [PID.]
[MD5.910FBA95EE4F56449AA81315884C8EFD] - (.Sonic Solutions - RoxSniffer9 Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [166648] [PID.]
[MD5.C338D0BFBEB43CA4F43DDC76DF89011B] - (.Avira GmbH - Antivirus MailScanner Service.) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [340136] [PID.]
[MD5.9E49AFB60D56C10BD1FA8C94FD6BD4E5] - (.Avira GmbH - AntiVir WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [428200] [PID.]
[MD5.9638E5820858593A12005C753B03CEAE] - (.Sonic Solutions - RoxMediaDB9 Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [887544] [PID.]
[MD5.A1545B731579895D8CC44FC0481C1192] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.]
[MD5.1D3EE28BA231CBB9600F5D102EAF4EA7] - (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\system32\msfeedssync.exe [10752] [PID.6128]
~ Scan Processes Running in 00mn 01s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.lequipe.fr/
~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\vuav0ge5.default\prefs.js
C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\vuav0ge5.default\user.js
M3 - MFPP: Plugins - [patrick] -- C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\vuav0ge5.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [patrick] -- C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\vuav0ge5.default\searchplugins\Search_Results.xml
M3 - MFPP: Plugins - [patrick] -- C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\vuav0ge5.default\searchplugins\sweetim.xml
M3 - MFPP: Plugins - [patrick] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [patrick] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml
M3 - MFPP: Plugins - [patrick] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [patrick] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [patrick] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [patrick] -- C:\Program Files\Mozilla FireFox\searchplugins\googledesktop.xml
M3 - MFPP: Plugins - [patrick] -- C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
M3 - MFPP: Plugins - [patrick] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [patrick] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M3 - MFPP: Plugins - [patrick] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
M0 - MFSP: prefs.js [patrick - vuav0ge5.default] https://fr.ask.com/
M2 - MFEP: prefs.js [patrick - vuav0ge5.default\@FissaPlugin] [] Fissa v1.0 (.Secure Digital Services.)
M2 - MFEP: prefs.js [patrick - vuav0ge5.default\ffxtlbr@babylon.com] [] Babylon v1.1.8 (.Babylon.)
M2 - MFEP: prefs.js [patrick - vuav0ge5.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
M2 - MFEP: prefs.js [patrick - vuav0ge5.default\{364d4e0c-543f-4b85-abe3-19551139da4f}] [] Softonic France Toolbar v2.4.0.4 (.Conduit Ltd..)
M2 - MFEP: prefs.js [patrick - vuav0ge5.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.1.4.20100423010936 (.Yahoo!.)
M2 - MFEP: prefs.js [patrick - vuav0ge5.default\{EEE6C361-6118-11DC-9C72-001320C79847}] [] SweetIM Toolbar for Firefox v1.4.0.0 (.SweetIM Technologies LTD..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Caminova, Inc. - DjVu browser plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npdjvu.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.2.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 15.0.2.72.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Flash Player Helper 9.0 r47.) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32_FlashUtil.exe
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\System32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@canalplus.fr/Assistants VOD,version=1.0.0.0] - (.Canal+ Active - npCpVod.) -- C:\Program Files\Canal\Canal Widget\VOD\npCpVod.dll
P2 - FPN: [HKLM] [@garmin.com/GpsControl] - (.GARMIN Corp. - Garmin Communicator Plug-In 4.0.1.0.) -- C:\Program Files\Garmin GPS Plugin\npGarmin.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@google.com/npPicasa2,version=2.0.0] - (...) -- C:\Program Files\Picasa2\npPicasa2.dll (.not file.)
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10111.0.) -- C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=14] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=15.0.2.72] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=15.0.2.72] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=15.0.2.72] - (.RealNetworks, Inc. - RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrec
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=15.0.2.72] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=15.0.2.72] - (.RealNetworks, Inc. - 15.0.2.72.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@virtools.com/3DviaPlayer] - (.Dassault Systèmes - 3DVIA player(5.0.0.12). For more information, visit the <a href="http.) -- C:\Program Files\Virtools\3D Life Player\npvirtools.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.2.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\patrick\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\patrick\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: (no name) - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (...) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 20

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} . (.Google Inc. - Fast Search.) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Packard Bell - BAE.dll.) -- C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
~ Scan Toolbar in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RoxWatchTray] . (.Sonic Solutions - RoxMMTrayApp Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] . (.Symantec Corporation - LiveUpdate Notice Service.) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O4 - HKLM\..\Run: [SystrayORAHSS] . (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
O4 - HKLM\..\Run: [NvSvc] . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 167.6.) -- C:\Windows\System32\nvsvc.dll
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\System32\nvcpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\System32\nvmctray.dll
O4 - HKLM\..\Run: [Windows Mobile Device Center] . (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
O4 - HKLM\..\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [PPort11reminder] . (.Nuance Communications, Inc. - Ereg.) -- C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe
O4 - HKLM\..\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files\Brother\ControlCenter3\BrCtrCen.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\patrick\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [gStart] . (.GARMIN Corp. - gStart Application.) -- C:\Program Files\Garmin\Training Center\gStart.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
O4 - HKUS\S-1-5-18\..\Run: [OrangePlayer] . (.Orange - Media Player.) -- C:\Program Files\Orange\Media Player\Media Player.exe
O4 - HKUS\S-1-5-18\..\Run: [OrangePlayer] . (.Orange - Media Player.) -- C:\Program Files\Orange\Media Player\Media Player.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] . (.Orange - Media Player.) -- C:\Program Files\Orange\Media Player\Media Player.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [OrangePlayer] . (.Orange - Media Player.) -- C:\Program Files\Orange\Media Player\Media Player.exe
O4 - HKUS\S-1-5-21-805405075-2586154024-260999206-1002\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-805405075-2586154024-260999206-1002\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe
O4 - HKUS\S-1-5-21-805405075-2586154024-260999206-1002\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\patrick\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-805405075-2586154024-260999206-1002\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-805405075-2586154024-260999206-1002\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-805405075-2586154024-260999206-1002\..\Run: [gStart] . (.GARMIN Corp. - gStart Application.) -- C:\Program Files\Garmin\Training Center\gStart.exe
O4 - HKUS\S-1-5-21-805405075-2586154024-260999206-1002\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\L'Equipe.lnk . (.Google Inc..) -- C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Photo to Cartoon.lnk . (...) -- C:\Users\patrick\AppData\Roaming\Microsoft\Installer\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}\_2EEE8BE1E095452D52DD1F.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Assistance Livebox.lnk . (...) -- C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe
O4 - Global Startup: C:\Users\patrick\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Documents - Raccourci.lnk . (...) -- C:\Users\patrick\Documents
O4 - Global Startup: C:\Users\patrick\Desktop\FileZilla.lnk . (.FileZilla Project.) -- C:\Program Files\FileZilla FTP Client\filezilla.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Free Music Zilla.lnk . (...) -- C:\Program Files\Free Music Zilla\FMZilla.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Free Video Converter.lnk . (.Koyote Soft.) -- C:\Program Files\Free Video Converter\FreeVideoConverter.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Images - Raccourci.lnk . (...) -- C:\Users\patrick\Favorites\Pictures
O4 - Global Startup: C:\Users\patrick\Desktop\kompozer - Raccourci.lnk . (.Mozilla Foundation.) -- C:\Users\patrick\Downloads\KompoZer\kompozer.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Microsoft Office Excel 2007.lnk . (...) -- C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Microsoft Office PowerPoint 2007.lnk . (...) -- C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Microsoft Office Word 2007 (2).lnk . (...) -- C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Orange mes contenus.lnk . (.F-Secure.) -- C:\Program Files\Orange\Orange mes contenus\OrangeSC.exe
O4 - Global Startup: C:\Users\patrick\Desktop\PDFConverter.lnk . (.Softplicity.) -- C:\Program Files\Total PDF Converter\PDFConverter.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Photo to Cartoon.lnk . (...) -- C:\Users\patrick\AppData\Roaming\Microsoft\Installer\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}\_25B4936050779BC31602FA.exe
O4 - Global Startup: C:\Users\patrick\Desktop\RealPlayer.lnk . (.RealNetworks, Inc..) -- C:\Program Files\Real\RealPlayer\realplay.exe
O4 - Global Startup: C:\Users\patrick\Desktop\SendToKindleForPC-installer - Raccourci.lnk . (.Amazon.com, Inc..) -- C:\Users\patrick\Downloads\SendToKindleForPC-installer.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Submitic.lnk . (.Proxymis.) -- C:\Program Files\Submitic\Submitic.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Training Center.lnk . (.GARMIN Corp..) -- C:\Program Files\Garmin\Training Center\Training Center.exe
O4 - Global Startup: C:\Users\patrick\Desktop\VANNETAISE 2011 - Raccourci.lnk . (...) -- C:\Users\patrick\Documents\VANNETAISE 2011
O4 - Global Startup: C:\Users\patrick\Desktop\Vannetaise 2012 - Raccourci.lnk . (...) -- C:\Users\patrick\Documents\Vannetaise 2012
O4 - Global Startup: C:\Users\patrick\Desktop\Vidéos - Raccourci.lnk . (...) -- C:\Users\patrick\Videos
O4 - Global Startup: C:\Users\patrick\Desktop\VLC media player.lnk . (...) -- C:\Program Files\VideoLAN\VLC\vlc.exe
O4 - Global Startup: C:\Users\patrick\Desktop\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\MOVIEMK.exe
O4 - Global Startup: C:\Users\patrick\Desktop\WinMail - Raccourci.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Music Zilla.lnk . (...) -- C:\Program Files\Free Music Zilla\FMZilla.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L'Equipe.lnk . (.Google Inc..) -- C:\Users\patrick\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk . (.Google Inc..) -- C:\Program Files\Google\Picasa3\Picasa3.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\SnippingTool.exe
O4 - Global Startup: C:\Users\patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player (2).lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr
~ Scan IE Menu Contextuel in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Click to Call - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.fr/s/v/60.10/uploader2.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/39.23/uploader2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1275681647566
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_9418.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} (ConnectivityTester Class) - http://motive.club-internet.fr:2112/lwp/static/installers/WebflowActiveXInstaller_4-0-0.cab
~ Scan Objets ActiveX in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{54EFD519-0DB9-4C8C-BBDD-A392E5D3131F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2E3446D-106E-4E44-9E16-DA9EDBCC1370}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{54EFD519-0DB9-4C8C-BBDD-A392E5D3131F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B2E3446D-106E-4E44-9E16-DA9EDBCC1370}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{54EFD519-0DB9-4C8C-BBDD-A392E5D3131F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B2E3446D-106E-4E44-9E16-DA9EDBCC1370}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} . (.Google Inc. - Fast Search.) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
~ Scan Protocole Additionnel in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\Google\GOOGLE~3\GOEC62~1.dll (.not file.)
~ Scan AppInit DLL in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) . (.Avira GmbH - Antivirus MailScanner Service.) - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) . (.Avira GmbH - AntiVir WebGuard Service.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD (CanalPlus.VOD) . (.Canal+ Active - CanalPlus.VOD.Service.) - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (.not file.)
O23 - Service: DokanMounter (DokanMounter) . (.F-Secure - Terra Giga Drive.) - C:\Program Files\Orange\mes contenus - mon disque\mounter.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\Program Files\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Update Service (gupdate1c98559301 (gupdate1c985593015ac00) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (.not file.)
O23 - Service: LiveUpdate Notice Service (LiveUpdate Notice Service) . (.Symantec Corporation - LiveUpdate Notice Service.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: olMntrService (olMntrService) . (.Olivetti - Olivetti Device Monitor Service.) - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange Upd@te.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) . (.Sonic Solutions - RoxSniffer9 Module.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Scan Desktop Component in 00mn 00s

---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Extension de garantie.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-805405075-2586154024-260999206-1002Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-805405075-2586154024-260999206-1002UA.job
[MD5.FA52C48CA18EDFB00180FD465E8F0B08] [APT] [Extension de garantie] (.Packard Bell BV.) -- C:\Program Files\Packard Bell\SetUpMyPC\PBCarNot.exe
[MD5.408DDD80EEDE47175F6844817B90213E] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-805405075-2586154024-260999206-1002Core] (.Google Inc..) -- C:\Users\patrick\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-805405075-2586154024-260999206-1002UA] (.Google Inc..) -- C:\Users\patrick\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.B2F2C6B80624CF017504B125E843B3D3] [APT] [Launch 16056] (.Voxmobili.) -- C:\Program Files\PC Sync\Voxsync.exe
[MD5.8535493AB374BE5B1B3A34671F42CCB3] [APT] [RealUpgradeLogonTaskS-1-5-21-805405075-2586154024-260999206-1002] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.8535493AB374BE5B1B3A34671F42CCB3] [APT] [RealUpgradeScheduledTaskS-1-5-21-805405075-2586154024-260999206-1002] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.00000000000000000000000000000000] [APT] [{136EF30A-D712-4C0A-B54E-214E256215FF}] (...) -- C:\Users\patrick\AppData\Local\Temp\Saf705E.tmp\wmp6cdcs.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{15953305-91D4-4916-8B99-8872866D1022}] (...) -- C:\Users\patrick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QRISE8JQ\avira_antivir_premium_fr[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{28F8DD65-B936-4D10-91D9-3083396B1FBC}] (...) -- c:\users\patrick\appdata\local\google\chrome\application\chrome.exeser2égoogle-chrome:notoffered;ienot (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{317BC2DC-F3FC-4851-8BCA-D89060CB80E1}] (...) -- C:\Users\patrick\AppData\Local\Temp\Saf6356.tmp\wmp11-windowsxp-x86-FR-FR.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{31CFBC35-DE74-452F-871D-79610DA617EC}] (...) -- C:\Users\patrick\Documents\agendatronic15[1]\_ISDEL.exe (.not file.)
[MD5.B5A4B9284FC49AB1231E65D36CB30F6E] [APT] [{49325026-3B96-4503-9B2D-674F1888A59A}] (...) -- C:\Windows\UN16040C.exe
[MD5.00000000000000000000000000000000] [APT] [{5126C501-6681-4AAE-8D33-F883C81E6373}] (...) -- D:\_ISDEL.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{58682333-DE9E-4A89-BEB7-15878A7E0B0A}] (...) -- C:\Users\patrick\AppData\Local\Temp\Saf2ADD.tmp\wmp11-windowsxp-x86-FR-FR.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{60959BD2-767C-4EA1-8852-BB1A2AB5D815}] (...) -- D:\installation_livebox.exe (.not file.)
[MD5.E064FD78838E85C764C9D0B01A48C421] [APT] [{886B9C36-79C1-4473-A7BB-BF99AFC414E2}] (.Google Inc..) -- c:\users\patrick\appdata\local\google\chrome\applicat

Réponse 8 / 18

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Salut,

Essaye de formater la clé usb si tu sais, sinon utilise unlocker pour supprimer le fichier autorun infecté sur ta clé =)

Réponse 9 / 18

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

J'ai reformaté la clé mais le pC rame toujours.
Merci.

Réponse 10 / 18

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Pourquoi un(des) -1 ^^'

* Télécharge sur le bureau RogueKiller : ici

- Quitte tous les programmes en cours

- Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur

- Sinon lance simplement RogueKiller.exe

- Lorsque demandé, clic sur Scan et valide.

- Puis clic sur Rapport et donne-le moi.

;-)

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

RogueKiller V7.3.1 [10/03/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: patrick [Droits d'admin]
Mode: Recherche -- Date: 12/03/2012 18:59:49

¤¤¤ Processus malicieux: 0 ¤¤¤

¤¤¤ Entrees de registre: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver: [CHARGE] ¤¤¤
SSDT[75] : NtCreateSection @ 0x82468DE5 -> HOOKED (Unknown @ 0x8BD8BD0E)
SSDT[289] : NtSetContextThread @ 0x824C9883 -> HOOKED (Unknown @ 0x8BD8BD13)
SSDT[334] : NtTerminateProcess @ 0x82428143 -> HOOKED (Unknown @ 0x8BD8BCAF)
S_SSDT[573] : Unknown -> HOOKED (Unknown @ 0x8BD8BD18)
S_SSDT[576] : Unknown -> HOOKED (Unknown @ 0x8BD8BD1D)

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: ST9250827AS +++++
--- User ---
[MBR] e9e09cb18c1252cb860f87b2d81673c5
[BSP] 8c2083b53925e52ac51d38f1d123b8ed : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 8197 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16787925 | Size: 230276 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Ut165 USB2FlashStorage USB Device +++++
--- User ---
[MBR] 4a09916c4e4720d70ca9cde14e0ec1be
[BSP] 1ec129bc017828a2cfff608bcf278f54 : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0x68) [VISIBLE] Offset (sectors): 1936028272 | Size: 904228 Mo
1 - [XXXXXX] UNKNOWN (0x79) [VISIBLE] Offset (sectors): 1330184192 | Size: 263172 Mo
2 - [XXXXXX] DISKMNG (0x53) [VISIBLE] Offset (sectors): 538989391 | Size: 682794 Mo
3 - [XXXXXX] UNKNOWN (0x49) [VISIBLE] Offset (sectors): 1394627663 | Size: 10 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Termine : << RKreport[1].txt >>
RKreport[1].txt

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Relance Roguekiller en mode Suppression et Host RAZ :-)

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Ok c'est fait

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Tu as le rapport ? donne-le moi ^^

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Réponse 11 / 18

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Ok on va vérifier si ce n'est pas un rootkit :

Télécharge Reload_Tdsskiller :ici.

*Lance le choisis : lancer le nettoyage

*TDSSKiller va s'ouvrir , clique sur "Start Scan"
-Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
-Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
-Si TDSS.tdl4(HardDisk0MBR) est détecté assure toi que Cure est bien cochée.
-Si Suspicious file est indiqué, laisse l''option cochée sur SkipSi Rootkit.Win32.ZAccess.* est détecté règle sur "cure" en haut , et "delete" en bas.

*une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

*sinon , ferme tdssKiller et le rapport s'affichera sur le bureau
Copie/Colle son contenu sur pjjoint et donne moi le lien dans ta prochaine réponse.

Réponse 12 / 18

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

21:19:26.0692 4672 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
21:19:26.0851 4672 ============================================================
21:19:26.0851 4672 Current date / time: 2012/03/12 21:19:26.0851
21:19:26.0851 4672 SystemInfo:
21:19:26.0851 4672
21:19:26.0852 4672 OS Version: 6.0.6002 ServicePack: 2.0
21:19:26.0852 4672 Product type: Workstation
21:19:26.0852 4672 ComputerName: PC-DE-PATRICK
21:19:26.0852 4672 UserName: patrick
21:19:26.0852 4672 Windows directory: C:\Windows
21:19:26.0852 4672 System windows directory: C:\Windows
21:19:26.0852 4672 Processor architecture: Intel x86
21:19:26.0852 4672 Number of processors: 2
21:19:26.0852 4672 Page size: 0x1000
21:19:26.0852 4672 Boot type: Normal boot
21:19:26.0852 4672 ============================================================
21:19:27.0647 4672 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:19:27.0650 4672 \Device\Harddisk0\DR0:
21:19:27.0650 4672 MBR used
21:19:27.0650 4672 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x10029D5, BlocksNum 0x1C1C279B
21:19:27.0689 4672 Initialize success
21:19:27.0689 4672 ============================================================
21:19:39.0499 5940 ============================================================
21:19:39.0499 5940 Scan started
21:19:39.0499 5940 Mode: Manual;
21:19:39.0499 5940 ============================================================
21:19:40.0294 5940 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:19:40.0297 5940 ACPI - ok
21:19:40.0456 5940 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
21:19:40.0471 5940 adp94xx - ok
21:19:40.0552 5940 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
21:19:40.0564 5940 adpahci - ok
21:19:40.0622 5940 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
21:19:40.0632 5940 adpu160m - ok
21:19:40.0704 5940 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
21:19:40.0714 5940 adpu320 - ok
21:19:40.0899 5940 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:19:40.0915 5940 AFD - ok
21:19:41.0020 5940 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
21:19:41.0029 5940 agp440 - ok
21:19:41.0083 5940 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:19:41.0092 5940 aic78xx - ok
21:19:41.0183 5940 aliide (e32a92e1574a467f7c762922f6162d76) C:\Windows\system32\drivers\aliide.sys
21:19:41.0190 5940 aliide - ok
21:19:41.0290 5940 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
21:19:41.0298 5940 amdagp - ok
21:19:41.0353 5940 amdide (b52b576cb0099a62f87214f371031561) C:\Windows\system32\drivers\amdide.sys
21:19:41.0361 5940 amdide - ok
21:19:41.0460 5940 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
21:19:41.0467 5940 AmdK7 - ok
21:19:41.0503 5940 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
21:19:41.0513 5940 AmdK8 - ok
21:19:41.0753 5940 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
21:19:41.0761 5940 arc - ok
21:19:41.0867 5940 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
21:19:41.0876 5940 arcsas - ok
21:19:42.0053 5940 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:19:42.0059 5940 AsyncMac - ok
21:19:42.0134 5940 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:19:42.0141 5940 atapi - ok
21:19:42.0256 5940 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
21:19:42.0264 5940 avgio - ok
21:19:42.0376 5940 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
21:19:42.0386 5940 avgntflt - ok
21:19:42.0470 5940 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
21:19:42.0488 5940 avipbb - ok
21:19:42.0615 5940 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:19:42.0622 5940 Beep - ok
21:19:42.0665 5940 blbdrive - ok
21:19:42.0744 5940 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:19:42.0760 5940 bowser - ok
21:19:42.0879 5940 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:19:42.0885 5940 BrFiltLo - ok
21:19:42.0933 5940 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:19:42.0938 5940 BrFiltUp - ok
21:19:43.0009 5940 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:19:43.0022 5940 Brserid - ok
21:19:43.0104 5940 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:19:43.0113 5940 BrSerWdm - ok
21:19:43.0144 5940 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:19:43.0148 5940 BrUsbMdm - ok
21:19:43.0165 5940 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:19:43.0168 5940 BrUsbSer - ok
21:19:43.0266 5940 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:19:43.0271 5940 BTHMODEM - ok
21:19:43.0388 5940 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:19:43.0396 5940 cdfs - ok
21:19:43.0465 5940 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:19:43.0473 5940 cdrom - ok
21:19:43.0581 5940 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
21:19:43.0587 5940 circlass - ok
21:19:43.0686 5940 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:19:43.0704 5940 CLFS - ok
21:19:43.0838 5940 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
21:19:43.0843 5940 CmBatt - ok
21:19:43.0882 5940 cmdide (c177dd90b5dc1dcaa96ccece752e6f0f) C:\Windows\system32\drivers\cmdide.sys
21:19:43.0889 5940 cmdide - ok
21:19:43.0932 5940 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
21:19:43.0939 5940 Compbatt - ok
21:19:43.0991 5940 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
21:19:44.0000 5940 crcdisk - ok
21:19:44.0045 5940 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
21:19:44.0052 5940 Crusoe - ok
21:19:44.0192 5940 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:19:44.0201 5940 DfsC - ok
21:19:44.0382 5940 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:19:44.0392 5940 disk - ok
21:19:44.0489 5940 Dokan (e5e3b2808e716621220b295810204a82) C:\Windows\system32\drivers\dokan.sys
21:19:44.0498 5940 Dokan - ok
21:19:44.0594 5940 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:19:44.0598 5940 drmkaud - ok
21:19:44.0654 5940 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:19:44.0665 5940 DXGKrnl - ok
21:19:44.0708 5940 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:19:44.0721 5940 E1G60 - ok
21:19:44.0783 5940 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:19:44.0807 5940 Ecache - ok
21:19:44.0885 5940 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
21:19:44.0902 5940 elxstor - ok
21:19:45.0091 5940 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:19:45.0106 5940 exfat - ok
21:19:45.0211 5940 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:19:45.0215 5940 fastfat - ok
21:19:45.0291 5940 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
21:19:45.0300 5940 fdc - ok
21:19:45.0451 5940 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:19:45.0465 5940 FileInfo - ok
21:19:45.0539 5940 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:19:45.0550 5940 Filetrace - ok
21:19:45.0612 5940 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
21:19:45.0619 5940 flpydisk - ok
21:19:45.0659 5940 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:19:45.0680 5940 FltMgr - ok
21:19:45.0812 5940 FNETDEVI (92fc10e8fcf01c36abd567f646b74658) C:\Windows\system32\drivers\FNETDEVI.SYS
21:19:45.0820 5940 FNETDEVI - ok
21:19:46.0013 5940 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:19:46.0022 5940 Fs_Rec - ok
21:19:46.0102 5940 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
21:19:46.0114 5940 gagp30kx - ok
21:19:46.0250 5940 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
21:19:46.0258 5940 GEARAspiWDM - ok
21:19:46.0391 5940 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\Windows\system32\drivers\grmnusb.sys
21:19:46.0397 5940 grmnusb - ok
21:19:46.0583 5940 HdAudAddService (4d8c3c087cb23a32f0aafee3d96b3568) C:\Windows\system32\drivers\CHDART.sys
21:19:46.0598 5940 HdAudAddService - ok
21:19:46.0694 5940 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:19:46.0703 5940 HDAudBus - ok
21:19:46.0767 5940 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:19:46.0778 5940 HidBth - ok
21:19:46.0836 5940 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:19:46.0844 5940 HidIr - ok
21:19:46.0927 5940 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:19:46.0934 5940 HidUsb - ok
21:19:46.0997 5940 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
21:19:47.0008 5940 HpCISSs - ok
21:19:47.0131 5940 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:19:47.0161 5940 HTTP - ok
21:19:47.0219 5940 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
21:19:47.0229 5940 i2omp - ok
21:19:47.0401 5940 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:19:47.0412 5940 i8042prt - ok
21:19:47.0498 5940 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\DRIVERS\iaStor.sys
21:19:47.0503 5940 iaStor - ok
21:19:47.0572 5940 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
21:19:47.0588 5940 iaStorV - ok
21:19:47.0754 5940 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:19:47.0765 5940 iirsp - ok
21:19:47.0880 5940 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
21:19:47.0890 5940 intelide - ok
21:19:47.0963 5940 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:19:47.0965 5940 intelppm - ok
21:19:48.0059 5940 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:19:48.0070 5940 IpFilterDriver - ok
21:19:48.0103 5940 IpInIp - ok
21:19:48.0167 5940 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
21:19:48.0181 5940 IPMIDRV - ok
21:19:48.0251 5940 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:19:48.0254 5940 IPNAT - ok
21:19:48.0316 5940 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:19:48.0324 5940 IRENUM - ok
21:19:48.0478 5940 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
21:19:48.0490 5940 isapnp - ok
21:19:48.0629 5940 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:19:48.0632 5940 iScsiPrt - ok
21:19:48.0685 5940 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:19:48.0695 5940 iteatapi - ok
21:19:48.0718 5940 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:19:48.0729 5940 iteraid - ok
21:19:48.0784 5940 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:19:48.0796 5940 kbdclass - ok
21:19:48.0819 5940 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:19:48.0828 5940 kbdhid - ok
21:19:48.0889 5940 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
21:19:48.0912 5940 KSecDD - ok
21:19:49.0024 5940 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:19:49.0034 5940 lltdio - ok
21:19:49.0083 5940 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
21:19:49.0091 5940 LSI_FC - ok
21:19:49.0169 5940 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
21:19:49.0177 5940 LSI_SAS - ok
21:19:49.0226 5940 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
21:19:49.0234 5940 LSI_SCSI - ok
21:19:49.0317 5940 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:19:49.0318 5940 luafv - ok
21:19:49.0389 5940 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
21:19:49.0397 5940 megasas - ok
21:19:49.0472 5940 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:19:49.0479 5940 Modem - ok
21:19:49.0546 5940 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:19:49.0547 5940 monitor - ok
21:19:49.0594 5940 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:19:49.0605 5940 mouclass - ok
21:19:49.0695 5940 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:19:49.0703 5940 mouhid - ok
21:19:49.0739 5940 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:19:49.0750 5940 MountMgr - ok
21:19:49.0816 5940 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
21:19:49.0830 5940 mpio - ok
21:19:49.0950 5940 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:19:49.0964 5940 mpsdrv - ok
21:19:50.0092 5940 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:19:50.0105 5940 Mraid35x - ok
21:19:50.0206 5940 MREMP50 (80b2ec735495823ae5771a5f603e73bd) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
21:19:50.0215 5940 MREMP50 - ok
21:19:50.0238 5940 MREMP50a64 - ok
21:19:50.0288 5940 MRESP50 (37d7c22f7e26da90e2d2d260e5d27846) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
21:19:50.0296 5940 MRESP50 - ok
21:19:50.0329 5940 MRESP50a64 - ok
21:19:50.0492 5940 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:19:50.0510 5940 MRxDAV - ok
21:19:50.0576 5940 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:19:50.0592 5940 mrxsmb - ok
21:19:50.0681 5940 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:19:50.0725 5940 mrxsmb10 - ok
21:19:50.0802 5940 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:19:50.0812 5940 mrxsmb20 - ok
21:19:50.0895 5940 msahci (2681302b63b318cbea6c82902ac5428c) C:\Windows\system32\drivers\msahci.sys
21:19:50.0902 5940 msahci - ok
21:19:50.0975 5940 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
21:19:50.0985 5940 msdsm - ok
21:19:51.0097 5940 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:19:51.0104 5940 Msfs - ok
21:19:51.0170 5940 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:19:51.0179 5940 msisadrv - ok
21:19:51.0286 5940 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:19:51.0291 5940 MSKSSRV - ok
21:19:51.0332 5940 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:19:51.0338 5940 MSPCLOCK - ok
21:19:51.0497 5940 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:19:51.0503 5940 MSPQM - ok
21:19:51.0568 5940 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:19:51.0583 5940 MsRPC - ok
21:19:51.0647 5940 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:19:51.0649 5940 mssmbios - ok
21:19:51.0695 5940 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:19:51.0701 5940 MSTEE - ok
21:19:51.0820 5940 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:19:51.0833 5940 Mup - ok
21:19:51.0944 5940 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:19:51.0962 5940 NativeWifiP - ok
21:19:52.0123 5940 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:19:52.0144 5940 NDIS - ok
21:19:52.0239 5940 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:19:52.0248 5940 NdisTapi - ok
21:19:52.0329 5940 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:19:52.0341 5940 Ndisuio - ok
21:19:52.0437 5940 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:19:52.0460 5940 NdisWan - ok
21:19:52.0529 5940 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:19:52.0544 5940 NDProxy - ok
21:19:52.0659 5940 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:19:52.0670 5940 NetBIOS - ok
21:19:52.0777 5940 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:19:52.0806 5940 netbt - ok
21:19:52.0888 5940 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:19:52.0901 5940 nfrd960 - ok
21:19:52.0964 5940 npf (b9730495e0cf674680121e34bd95a73b) C:\Windows\system32\drivers\npf.sys
21:19:52.0978 5940 npf - ok
21:19:53.0055 5940 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:19:53.0066 5940 Npfs - ok
21:19:53.0127 5940 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:19:53.0138 5940 nsiproxy - ok
21:19:53.0312 5940 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:19:53.0399 5940 Ntfs - ok
21:19:53.0454 5940 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:19:53.0464 5940 ntrigdigi - ok
21:19:53.0513 5940 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:19:53.0520 5940 Null - ok
21:19:53.0848 5940 nvlddmkm (11d43d3eb27dce5165fa77161f35298b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:19:54.0211 5940 nvlddmkm - ok
21:19:54.0350 5940 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
21:19:54.0360 5940 nvraid - ok
21:19:54.0423 5940 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
21:19:54.0430 5940 nvstor - ok
21:19:54.0526 5940 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
21:19:54.0536 5940 nv_agp - ok
21:19:54.0624 5940 NwlnkFlt - ok
21:19:54.0668 5940 NwlnkFwd - ok
21:19:54.0779 5940 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
21:19:54.0794 5940 ohci1394 - ok
21:19:54.0985 5940 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:19:55.0015 5940 Parport - ok
21:19:55.0146 5940 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:19:55.0158 5940 partmgr - ok
21:19:55.0200 5940 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:19:55.0206 5940 Parvdm - ok
21:19:55.0255 5940 PCAMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\PCAMp50.sys
21:19:55.0274 5940 PCAMp50 - ok
21:19:55.0396 5940 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
21:19:55.0407 5940 PCASp50 - ok
21:19:55.0502 5940 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:19:55.0524 5940 pci - ok
21:19:55.0623 5940 pciide (b2fc76090ef1003463ccb07cabb35cff) C:\Windows\system32\drivers\pciide.sys
21:19:55.0633 5940 pciide - ok
21:19:55.0685 5940 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:19:55.0739 5940 pcmcia - ok
21:19:55.0847 5940 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:19:55.0945 5940 PEAUTH - ok
21:19:56.0139 5940 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:19:56.0153 5940 PptpMiniport - ok
21:19:56.0214 5940 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
21:19:56.0228 5940 Processor - ok
21:19:56.0424 5940 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:19:56.0439 5940 PSched - ok
21:19:56.0481 5940 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
21:19:56.0498 5940 PxHelp20 - ok
21:19:56.0571 5940 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
21:19:56.0603 5940 ql2300 - ok
21:19:56.0692 5940 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:19:56.0709 5940 ql40xx - ok
21:19:56.0795 5940 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:19:56.0815 5940 QWAVEdrv - ok
21:19:56.0946 5940 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:19:56.0953 5940 RasAcd - ok
21:19:57.0046 5940 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:19:57.0067 5940 Rasl2tp - ok
21:19:57.0148 5940 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:19:57.0160 5940 RasPppoe - ok
21:19:57.0245 5940 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:19:57.0258 5940 RasSstp - ok
21:19:57.0340 5940 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:19:57.0373 5940 rdbss - ok
21:19:57.0459 5940 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:19:57.0467 5940 RDPCDD - ok
21:19:57.0539 5940 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
21:19:57.0578 5940 rdpdr - ok
21:19:57.0681 5940 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:19:57.0689 5940 RDPENCDD - ok
21:19:57.0781 5940 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
21:19:57.0806 5940 RDPWD - ok
21:19:57.0887 5940 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
21:19:57.0899 5940 rimmptsk - ok
21:19:57.0930 5940 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
21:19:57.0952 5940 rimsptsk - ok
21:19:58.0054 5940 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:19:58.0067 5940 rspndr - ok
21:19:58.0120 5940 RTL8187B (e0ea9f5f94814f8a31f4b40175e1456e) C:\Windows\system32\DRIVERS\RTL8187B.sys
21:19:58.0154 5940 RTL8187B - ok
21:19:58.0305 5940 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:19:58.0323 5940 sbp2port - ok
21:19:58.0526 5940 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
21:19:58.0542 5940 sdbus - ok
21:19:58.0637 5940 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:19:58.0646 5940 secdrv - ok
21:19:58.0734 5940 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:19:58.0742 5940 Serenum - ok
21:19:58.0804 5940 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:19:58.0823 5940 Serial - ok
21:19:58.0940 5940 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:19:58.0952 5940 sermouse - ok
21:19:59.0121 5940 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
21:19:59.0126 5940 sffdisk - ok
21:19:59.0182 5940 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
21:19:59.0188 5940 sffp_mmc - ok
21:19:59.0278 5940 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
21:19:59.0283 5940 sffp_sd - ok
21:19:59.0336 5940 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
21:19:59.0340 5940 sfloppy - ok
21:19:59.0457 5940 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
21:19:59.0467 5940 sisagp - ok
21:19:59.0520 5940 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
21:19:59.0528 5940 SiSRaid2 - ok
21:19:59.0589 5940 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
21:19:59.0598 5940 SiSRaid4 - ok
21:19:59.0733 5940 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:19:59.0746 5940 Smb - ok
21:19:59.0850 5940 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:19:59.0860 5940 spldr - ok
21:19:59.0934 5940 SQTECH905C - ok
21:20:00.0005 5940 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:20:00.0068 5940 srv - ok
21:20:00.0212 5940 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:20:00.0223 5940 srv2 - ok
21:20:00.0269 5940 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:20:00.0279 5940 srvnet - ok
21:20:00.0352 5940 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
21:20:00.0353 5940 ssmdrv - ok
21:20:00.0512 5940 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:20:00.0520 5940 swenum - ok
21:20:00.0599 5940 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:20:00.0607 5940 Symc8xx - ok
21:20:00.0698 5940 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:20:00.0707 5940 Sym_hi - ok
21:20:00.0762 5940 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:20:00.0770 5940 Sym_u3 - ok
21:20:00.0952 5940 SynTP (d2aa5d5fdb821eb5f9366c5e3bc2d9ea) C:\Windows\system32\DRIVERS\SynTP.sys
21:20:00.0970 5940 SynTP - ok
21:20:01.0140 5940 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
21:20:01.0157 5940 Tcpip - ok
21:20:01.0284 5940 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
21:20:01.0295 5940 Tcpip6 - ok
21:20:01.0356 5940 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
21:20:01.0364 5940 tcpipreg - ok
21:20:01.0469 5940 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:20:01.0471 5940 TDPIPE - ok
21:20:01.0517 5940 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:20:01.0527 5940 TDTCP - ok
21:20:01.0597 5940 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:20:01.0611 5940 tdx - ok
21:20:01.0678 5940 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:20:01.0693 5940 TermDD - ok
21:20:01.0836 5940 TrueSight (0455d57c7fdb1252784202f2f7deb1d5) c:\windows\system32\drivers\TrueSight.sys
21:20:01.0846 5940 TrueSight - ok
21:20:01.0933 5940 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:20:01.0942 5940 tssecsrv - ok
21:20:02.0053 5940 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:20:02.0063 5940 tunmp - ok
21:20:02.0114 5940 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:20:02.0135 5940 tunnel - ok
21:20:02.0232 5940 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
21:20:02.0246 5940 uagp35 - ok
21:20:02.0352 5940 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:20:02.0358 5940 udfs - ok
21:20:02.0446 5940 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
21:20:02.0460 5940 uliagpkx - ok
21:20:02.0509 5940 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
21:20:02.0514 5940 uliahci - ok
21:20:02.0596 5940 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:20:02.0599 5940 UlSata - ok
21:20:02.0650 5940 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:20:02.0661 5940 ulsata2 - ok
21:20:02.0713 5940 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:20:02.0720 5940 umbus - ok
21:20:02.0820 5940 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
21:20:02.0827 5940 USBAAPL - ok
21:20:02.0920 5940 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:20:02.0921 5940 usbccgp - ok
21:20:03.0002 5940 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:20:03.0003 5940 usbcir - ok
21:20:03.0102 5940 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:20:03.0110 5940 usbehci - ok
21:20:03.0151 5940 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:20:03.0153 5940 usbhub - ok
21:20:03.0220 5940 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
21:20:03.0227 5940 usbohci - ok
21:20:03.0304 5940 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:20:03.0312 5940 usbprint - ok
21:20:03.0376 5940 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
21:20:03.0385 5940 usbscan - ok
21:20:03.0480 5940 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:20:03.0482 5940 USBSTOR - ok
21:20:03.0568 5940 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:20:03.0576 5940 usbuhci - ok
21:20:03.0653 5940 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
21:20:03.0674 5940 usbvideo - ok
21:20:03.0811 5940 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
21:20:03.0822 5940 vga - ok
21:20:03.0896 5940 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:20:03.0904 5940 VgaSave - ok
21:20:03.0982 5940 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
21:20:03.0991 5940 viaagp - ok
21:20:04.0042 5940 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
21:20:04.0050 5940 ViaC7 - ok
21:20:04.0093 5940 viaide (689547ce911998d1e0da7a5992e025fc) C:\Windows\system32\drivers\viaide.sys
21:20:04.0101 5940 viaide - ok
21:20:04.0168 5940 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:20:04.0177 5940 volmgr - ok
21:20:04.0241 5940 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:20:04.0274 5940 volmgrx - ok
21:20:04.0373 5940 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:20:04.0406 5940 volsnap - ok
21:20:04.0508 5940 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
21:20:04.0522 5940 vsmraid - ok
21:20:04.0674 5940 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:20:04.0680 5940 WacomPen - ok
21:20:04.0794 5940 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:20:04.0802 5940 Wanarp - ok
21:20:04.0821 5940 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:20:04.0823 5940 Wanarpv6 - ok
21:20:04.0970 5940 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
21:20:04.0978 5940 Wd - ok
21:20:05.0104 5940 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
21:20:05.0158 5940 Wdf01000 - ok
21:20:05.0340 5940 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys
21:20:05.0346 5940 WmiAcpi - ok
21:20:05.0503 5940 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
21:20:05.0512 5940 WpdUsb - ok
21:20:05.0606 5940 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:20:05.0614 5940 ws2ifsl - ok
21:20:05.0821 5940 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:20:05.0825 5940 WUDFRd - ok
21:20:05.0930 5940 yukonwlh (f081ed0b8bd09d7f50ac9a30bbbb06bc) C:\Windows\system32\DRIVERS\yk60x86.sys
21:20:05.0935 5940 yukonwlh - ok
21:20:05.0976 5940 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:20:06.0026 5940 \Device\Harddisk0\DR0 - ok
21:20:06.0034 5940 Boot (0x1200) (0b3db4f23f43a9ca9d35fea28ae5d401) \Device\Harddisk0\DR0\Partition0
21:20:06.0039 5940 \Device\Harddisk0\DR0\Partition0 - ok
21:20:06.0043 5940 ============================================================
21:20:06.0043 5940 Scan finished
21:20:06.0043 5940 ============================================================
21:20:06.0071 3588 Detected object count: 0
21:20:06.0071 3588 Actual detected object count: 0
21:20:43.0498 5732 ============================================================
21:20:43.0498 5732 Scan started
21:20:43.0498 5732 Mode: Manual;
21:20:43.0498 5732 ============================================================
21:20:43.0834 5732 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:20:43.0837 5732 ACPI - ok
21:20:43.0886 5732 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
21:20:43.0890 5732 adp94xx - ok
21:20:43.0937 5732 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
21:20:43.0940 5732 adpahci - ok
21:20:43.0985 5732 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
21:20:43.0987 5732 adpu160m - ok
21:20:44.0090 5732 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
21:20:44.0092 5732 adpu320 - ok
21:20:44.0141 5732 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:20:44.0145 5732 AFD - ok
21:20:44.0184 5732 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
21:20:44.0185 5732 agp440 - ok
21:20:44.0214 5732 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:20:44.0215 5732 aic78xx - ok
21:20:44.0247 5732 aliide (e32a92e1574a467f7c762922f6162d76) C:\Windows\system32\drivers\aliide.sys
21:20:44.0248 5732 aliide - ok
21:20:44.0276 5732 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
21:20:44.0277 5732 amdagp - ok
21:20:44.0295 5732 amdide (b52b576cb0099a62f87214f371031561) C:\Windows\system32\drivers\amdide.sys
21:20:44.0296 5732 amdide - ok
21:20:44.0335 5732 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
21:20:44.0336 5732 AmdK7 - ok
21:20:44.0368 5732 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
21:20:44.0369 5732 AmdK8 - ok
21:20:44.0429 5732 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
21:20:44.0430 5732 arc - ok
21:20:44.0455 5732 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
21:20:44.0456 5732 arcsas - ok
21:20:44.0507 5732 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:20:44.0508 5732 AsyncMac - ok
21:20:44.0566 5732 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:20:44.0566 5732 atapi - ok
21:20:44.0665 5732 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
21:20:44.0666 5732 avgio - ok
21:20:44.0775 5732 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
21:20:44.0776 5732 avgntflt - ok
21:20:44.0847 5732 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
21:20:44.0848 5732 avipbb - ok
21:20:44.0880 5732 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:20:44.0881 5732 Beep - ok
21:20:44.0907 5732 blbdrive - ok
21:20:44.0954 5732 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:20:44.0955 5732 bowser - ok
21:20:44.0989 5732 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:20:44.0989 5732 BrFiltLo - ok
21:20:45.0098 5732 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:20:45.0099 5732 BrFiltUp - ok
21:20:45.0153 5732 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:20:45.0154 5732 Brserid - ok
21:20:45.0202 5732 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:20:45.0203 5732 BrSerWdm - ok
21:20:45.0298 5732 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:20:45.0299 5732 BrUsbMdm - ok
21:20:45.0363 5732 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:20:45.0364 5732 BrUsbSer - ok
21:20:45.0409 5732 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:20:45.0410 5732 BTHMODEM - ok
21:20:45.0509 5732 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:20:45.0511 5732 cdfs - ok
21:20:45.0575 5732 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:20:45.0576 5732 cdrom - ok
21:20:45.0624 5732 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
21:20:45.0625 5732 circlass - ok
21:20:45.0685 5732 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:20:45.0688 5732 CLFS - ok
21:20:45.0759 5732 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
21:20:45.0760 5732 CmBatt - ok
21:20:45.0859 5732 cmdide (c177dd90b5dc1dcaa96ccece752e6f0f) C:\Windows\system32\drivers\cmdide.sys
21:20:45.0860 5732 cmdide - ok
21:20:45.0931 5732 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
21:20:45.0931 5732 Compbatt - ok
21:20:45.0990 5732 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
21:20:45.0991 5732 crcdisk - ok
21:20:46.0044 5732 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
21:20:46.0044 5732 Crusoe - ok
21:20:46.0158 5732 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:20:46.0159 5732 DfsC - ok
21:20:46.0250 5732 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:20:46.0251 5732 disk - ok
21:20:46.0355 5732 Dokan (e5e3b2808e716621220b295810204a82) C:\Windows\system32\drivers\dokan.sys
21:20:46.0356 5732 Dokan - ok
21:20:46.0416 5732 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:20:46.0416 5732 drmkaud - ok
21:20:46.0494 5732 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:20:46.0500 5732 DXGKrnl - ok
21:20:46.0551 5732 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:20:46.0552 5732 E1G60 - ok
21:20:46.0591 5732 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:20:46.0594 5732 Ecache - ok
21:20:46.0650 5732 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
21:20:46.0653 5732 elxstor - ok
21:20:46.0790 5732 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:20:46.0792 5732 exfat - ok
21:20:46.0844 5732 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:20:46.0846 5732 fastfat - ok
21:20:46.0913 5732 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
21:20:46.0914 5732 fdc - ok
21:20:46.0984 5732 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:20:46.0986 5732 FileInfo - ok
21:20:47.0039 5732 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:20:47.0041 5732 Filetrace - ok
21:20:47.0089 5732 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
21:20:47.0090 5732 flpydisk - ok
21:20:47.0148 5732 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:20:47.0152 5732 FltMgr - ok
21:20:47.0224 5732 FNETDEVI (92fc10e8fcf01c36abd567f646b74658) C:\Windows\system32\drivers\FNETDEVI.SYS
21:20:47.0225 5732 FNETDEVI - ok
21:20:47.0302 5732 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:20:47.0304 5732 Fs_Rec - ok
21:20:47.0380 5732 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
21:20:47.0382 5732 gagp30kx - ok
21:20:47.0450 5732 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
21:20:47.0452 5732 GEARAspiWDM - ok
21:20:47.0547 5732 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\Windows\system32\drivers\grmnusb.sys
21:20:47.0548 5732 grmnusb - ok
21:20:47.0662 5732 HdAudAddService (4d8c3c087cb23a32f0aafee3d96b3568) C:\Windows\system32\drivers\CHDART.sys
21:20:47.0665 5732 HdAudAddService - ok
21:20:47.0763 5732 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:20:47.0772 5732 HDAudBus - ok
21:20:47.0846 5732 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:20:47.0847 5732 HidBth - ok
21:20:47.0915 5732 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:20:47.0916 5732 HidIr - ok
21:20:48.0039 5732 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:20:48.0041 5732 HidUsb - ok
21:20:48.0098 5732 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
21:20:48.0099 5732 HpCISSs - ok
21:20:48.0210 5732 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:20:48.0218 5732 HTTP - ok
21:20:48.0287 5732 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
21:20:48.0288 5732 i2omp - ok
21:20:48.0358 5732 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:20:48.0359 5732 i8042prt - ok
21:20:48.0454 5732 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\DRIVERS\iaStor.sys
21:20:48.0460 5732 iaStor - ok
21:20:48.0529 5732 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
21:20:48.0533 5732 iaStorV - ok
21:20:48.0633 5732 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:20:48.0635 5732 iirsp - ok
21:20:48.0715 5732 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
21:20:48.0716 5732 intelide - ok
21:20:48.0765 5732 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:20:48.0766 5732 intelppm - ok
21:20:48.0850 5732 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:20:48.0852 5732 IpFilterDriver - ok
21:20:48.0896 5732 IpInIp - ok
21:20:48.0969 5732 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
21:20:48.0971 5732 IPMIDRV - ok
21:20:49.0052 5732 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:20:49.0055 5732 IPNAT - ok
21:20:49.0129 5732 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:20:49.0130 5732 IRENUM - ok
21:20:49.0179 5732 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
21:20:49.0180 5732 isapnp - ok
21:20:49.0253 5732 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:20:49.0254 5732 iScsiPrt - ok
21:20:49.0287 5732 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:20:49.0288 5732 iteatapi - ok
21:20:49.0309 5732 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:20:49.0310 5732 iteraid - ok
21:20:49.0353 5732 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:20:49.0353 5732 kbdclass - ok
21:20:49.0376 5732 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:20:49.0378 5732 kbdhid - ok
21:20:49.0445 5732 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
21:20:49.0449 5732 KSecDD - ok
21:20:49.0526 5732 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:20:49.0528 5732 lltdio - ok
21:20:49.0586 5732 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
21:20:49.0587 5732 LSI_FC - ok
21:20:49.0683 5732 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
21:20:49.0684 5732 LSI_SAS - ok
21:20:49.0728 5732 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
21:20:49.0729 5732 LSI_SCSI - ok
21:20:49.0808 5732 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:20:49.0810 5732 luafv - ok
21:20:49.0869 5732 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
21:20:49.0870 5732 megasas - ok
21:20:49.0942 5732 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:20:49.0943 5732 Modem - ok
21:20:50.0026 5732 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:20:50.0027 5732 monitor - ok
21:20:50.0107 5732 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:20:50.0109 5732 mouclass - ok
21:20:50.0142 5732 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:20:50.0143 5732 mouhid - ok
21:20:50.0186 5732 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:20:50.0187 5732 MountMgr - ok
21:20:50.0252 5732 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
21:20:50.0253 5732 mpio - ok
21:20:50.0330 5732 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:20:50.0332 5732 mpsdrv - ok
21:20:50.0395 5732 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:20:50.0396 5732 Mraid35x - ok
21:20:50.0498 5732 MREMP50 (80b2ec735495823ae5771a5f603e73bd) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
21:20:50.0499 5732 MREMP50 - ok
21:20:50.0505 5732 MREMP50a64 - ok
21:20:50.0557 5732 MRESP50 (37d7c22f7e26da90e2d2d260e5d27846) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
21:20:50.0558 5732 MRESP50 - ok
21:20:50.0566 5732 MRESP50a64 - ok
21:20:50.0728 5732 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:20:50.0731 5732 MRxDAV - ok
21:20:50.0779 5732 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:20:50.0781 5732 mrxsmb - ok
21:20:50.0917 5732 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:20:50.0920 5732 mrxsmb10 - ok
21:20:50.0983 5732 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:20:50.0985 5732 mrxsmb20 - ok
21:20:51.0043 5732 msahci (2681302b63b318cbea6c82902ac5428c) C:\Windows\system32\drivers\msahci.sys
21:20:51.0044 5732 msahci - ok
21:20:51.0112 5732 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
21:20:51.0114 5732 msdsm - ok
21:20:51.0212 5732 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:20:51.0214 5732 Msfs - ok
21:20:51.0263 5732 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:20:51.0265 5732 msisadrv - ok
21:20:51.0356 5732 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:20:51.0358 5732 MSKSSRV - ok
21:20:51.0424 5732 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:20:51.0427 5732 MSPCLOCK - ok
21:20:51.0478 5732 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:20:51.0481 5732 MSPQM - ok
21:20:51.0617 5732 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:20:51.0621 5732 MsRPC - ok
21:20:51.0695 5732 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:20:51.0699 5732 mssmbios - ok
21:20:51.0765 5732 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:20:51.0767 5732 MSTEE - ok
21:20:51.0856 5732 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:20:51.0857 5732 Mup - ok
21:20:51.0926 5732 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:20:51.0929 5732 NativeWifiP - ok
21:20:52.0048 5732 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:20:52.0069 5732 NDIS - ok
21:20:52.0154 5732 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:20:52.0155 5732 NdisTapi - ok
21:20:52.0211 5732 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:20:52.0213 5732 Ndisuio - ok
21:20:52.0295 5732 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:20:52.0297 5732 NdisWan - ok
21:20:52.0365 5732 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:20:52.0367 5732 NDProxy - ok
21:20:52.0440 5732 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:20:52.0442 5732 NetBIOS - ok
21:20:52.0513 5732 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:20:52.0516 5732 netbt - ok
21:20:52.0592 5732 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:20:52.0594 5732 nfrd960 - ok
21:20:52.0635 5732 npf (b9730495e0cf674680121e34bd95a73b) C:\Windows\system32\drivers\npf.sys
21:20:52.0636 5732 npf - ok
21:20:52.0748 5732 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:20:52.0750 5732 Npfs - ok
21:20:52.0809 5732 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:20:52.0815 5732 nsiproxy - ok
21:20:52.0960 5732 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:20:52.0978 5732 Ntfs - ok
21:20:53.0091 5732 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:20:53.0092 5732 ntrigdigi - ok
21:20:53.0150 5732 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:20:53.0153 5732 Null - ok
21:20:53.0497 5732 nvlddmkm (11d43d3eb27dce5165fa77161f35298b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:20:53.0574 5732 nvlddmkm - ok
21:20:53.0766 5732 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
21:20:53.0768 5732 nvraid - ok
21:20:53.0828 5732 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
21:20:53.0828 5732 nvstor - ok
21:20:53.0931 5732 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
21:20:53.0933 5732 nv_agp - ok
21:20:53.0974 5732 NwlnkFlt - ok
21:20:54.0018 5732 NwlnkFwd - ok
21:20:54.0095 5732 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
21:20:54.0097 5732 ohci1394 - ok
21:20:54.0190 5732 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:20:54.0191 5732 Parport - ok
21:20:54.0273 5732 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:20:54.0275 5732 partmgr - ok
21:20:54.0328 5732 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:20:54.0329 5732 Parvdm - ok
21:20:54.0450 5732 PCAMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\PCAMp50.sys
21:20:54.0451 5732 PCAMp50 - ok
21:20:54.0490 5732 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
21:20:54.0491 5732 PCASp50 - ok
21:20:54.0574 5732 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:20:54.0576 5732 pci - ok
21:20:54.0618 5732 pciide (b2fc76090ef1003463ccb07cabb35cff) C:\Windows\system32\drivers\pciide.sys
21:20:54.0619 5732 pciide - ok
21:20:54.0668 5732 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:20:54.0671 5732 pcmcia - ok
21:20:54.0750 5732 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:20:54.0761 5732 PEAUTH - ok
21:20:54.0879 5732 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:20:54.0881 5732 PptpMiniport - ok
21:20:54.0921 5732 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
21:20:54.0922 5732 Processor - ok
21:20:55.0064 5732 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:20:55.0067 5732 PSched - ok
21:20:55.0132 5732 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
21:20:55.0133 5732 PxHelp20 - ok
21:20:55.0209 5732 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
21:20:55.0219 5732 ql2300 - ok
21:20:55.0321 5732 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:20:55.0323 5732 ql40xx - ok
21:20:55.0413 5732 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:20:55.0415 5732 QWAVEdrv - ok
21:20:55.0502 5732 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:20:55.0505 5732 RasAcd - ok
21:20:55.0586 5732 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:20:55.0589 5732 Rasl2tp - ok
21:20:55.0655 5732 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:20:55.0658 5732 RasPppoe - ok
21:20:55.0719 5732 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:20:55.0721 5732 RasSstp - ok
21:20:55.0792 5732 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:20:55.0796 5732 rdbss - ok
21:20:55.0833 5732 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:20:55.0835 5732 RDPCDD - ok
21:20:55.0946 5732 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
21:20:55.0951 5732 rdpdr - ok
21:20:56.0011 5732 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:20:56.0014 5732 RDPENCDD - ok
21:20:56.0099 5732 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
21:20:56.0104 5732 RDPWD - ok
21:20:56.0195 5732 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
21:20:56.0195 5732 rimmptsk - ok
21:20:56.0225 5732 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
21:20:56.0226 5732 rimsptsk - ok
21:20:56.0327 5732 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:20:56.0328 5732 rspndr - ok
21:20:56.0382 5732 RTL8187B (e0ea9f5f94814f8a31f4b40175e1456e) C:\Windows\system32\DRIVERS\RTL8187B.sys
21:20:56.0385 5732 RTL8187B - ok
21:20:56.0446 5732 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:20:56.0447 5732 sbp2port - ok
21:20:56.0556 5732 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
21:20:56.0558 5732 sdbus - ok
21:20:56.0600 5732 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:20:56.0602 5732 secdrv - ok
21:20:56.0687 5732 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:20:56.0688 5732 Serenum - ok
21:20:56.0734 5732 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Il me faut la suite du rapport, héberge-le sur pjjoint ^^

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

https://pjjoint.malekal.com/files.php?id=20120312_k11c13m8j14f13

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Ok encore des problèmes ?

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Non j'ai démarré et cela semble bien fonctionné. Merci pour tout.
Cordialement.

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Ok on va encore attendre 1/2 jours et si ça ne revient pas demain soir je serais là pour finir la désinfection =)

@+

Réponse 13 / 18

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Salut,

** Télécharge Dr Web CureIt : ici sur ton Bureau.

- Double clique sur drweb-cureit.exe et ensuite clique sur Analyse.

- Clique sur Commencer le scan à l'invite de l'analyse rapide.

PS: S'il trouve des processus infectés, clique Oui.

Note : Une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".

- Lorsque le scan rapide est terminé, clique sur le menu Options
puis Changer la configuration.

- Choisis l'onglet Scanner, et décoche Analyse heuristique. Clique ensuite sur Ok.

- Sur la fenêtre principale, cliques sur Analyse complète.

- Cliques sur la flèche verte à droite.

- Le scan débute

- Si des éléments néfastes sont trouvés, cliques sur Oui pour tout à l'invite Désinfecter ?

- Lorsque le scan sera terminé, cliques sur Tout sélectionner puis sur Quarantaine.

- De retour au menu principal, cliques sur Fichier et choisis Enregistrer le rapport. Sauvegarde le rapport sur ton Bureau.

- Ferme Dr.Web Cureit

- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).

- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.

Canned speech issu de FEI : https://2011n2.forumgratuit.org/login

Réponse 14 / 18

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Le processus analyse s'est arrêté et l'ordinateur a redémarré alors que le scann complet n'était pas fini. Il a cependant trouvé Trojan down Loader4 qu'il a désinfecté.
Dois je recommencer le scann ?

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Oui recommence-le en mode sans avec pris en charge réseau, il me faut le rapport :-)

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Je ferai cela demain.
Merci bonne soirée.

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Ok Bonne nuit :-)

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Bonsoir,
Après plus de 6 H de scann l'ordi s'est une nouvelle fois arrêté (il a supprimé un Trojan). Mais il a bien fonctionné aujourd'hui en dehors de cela.

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Salut,

Oui dr.web est particulièrement puissant =)

Tu as le rapport ?

Réponse 15 / 18

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Salut,

Tu as un problème matérielle, le pc boot ?

Fais ceci si il ne démarre plus :

Éteins le PC puis débranche le câble d'alimentation du PC et la batterie (si portable) puis appuye 30 secondes sur le bouton de démarrage du PC puis relâche-le puis rebranche le câble et ou la batterie et allume ton PC .

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Bonjour,
Je clôture le sujet, le PC fonctionne parfaitement.
Merci pour cette aide très précieuse.

Réponse 16 / 18

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

OK merci

Réponse 17 / 18

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Salut,

Pour Désinstaller les outils de désinfections :

** Télécharge Delfix : ici puis exécute Delfix sur ton bureau.

* Clique sur le bouton « Suppression » et poste son rapport sur ton prochain message.

* Pour le désinstaller, il suffit de le relancer et cliquer sur le bouton de désinstallation.

Après :

------------------------------------------------------------------------------------------------------

* Télécharge PureRa (par l''editeur de JavaRa) : ici

- Lance-le (clic droit "executer en tant qu''administrateur" pour Vista/7)

- clique sur "Clean"

- L''outil va faire son scan puis son nettoyage

- à la fin du scan tu auras une ligne comme ca :

Total space cleaned: 7657532 bytes

- Donne moi juste cette ligne.

----------------------------------------------------------------------------------------------------

Pour optimiser ton pc :

* Télécharge Glary Utilities : ici

-Installe-le et nettoie et optimise ton pc avec.

----------------------------------------------------------------------------------------------------

Tu peux garder Malwarebyte's et télécharger CCleaner et faire des nettoyages régulièrement et Revo uninstaller pour désinstaller proprement tes logiciels. ;-)

----------------------------------------------------------------------------------------------------

Télécharge aussi WOT et ADBlock pour ton navigateur et pour plus de sécurité pour ton pc.

----------------------------------------------------------------------------------------------------

Un peu de lecture :

Sécuriser son ordinateur : ici

/!\ à faire /!\ Activer Détection PUP/LPI : ici

----------------------------------------------------------------------------------------------------
Tu dois vérifier chaque mois que Adobe Flash Player et JAVA sont à jours.

**Il te faut un bon antivirus comme Avast ou Avira etc... et un bon firewall comme Comodo Firewall.

N'oublie pas de mettre le sujet en ---> résolu <---

Si tu as encore des problèmes n'hésite pas à revenir sur CCM ou à me contacter :-)

@+

-------> dr.pc1 <-------

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Bonjour, ci-dessous rapport

# DelFix v8.8 - Rapport créé le 23/03/2012 à 10:39:06
# Mis à jour le 12/02/12 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : patrick - PC-DE-PATRICK (Administrateur)
# Exécuté depuis : C:\Users\patrick\Desktop\delfix.exe
# Option [Suppression]

~~~~~~ Dossiers(s) ~~~~~~

Supprimé : C:\USBFix
Supprimé : C:\ZHP
Supprimé : C:\Users\patrick\DoctorWeb
Supprimé : C:\Program Files\ZHPDiag

~~~~~~ Fichier(s) ~~~~~~

Supprimé : C:\UsbFix.txt
Supprimé : C:\UsbFix_Upload_Me_PC-DE-PATRICK.zip

~~~~~~ Registre ~~~~~~

Clé Supprimée : HKCU\Software\IDAVLab
Clé Supprimée : HKLM\SOFTWARE\IDAVLab
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DWPROT

~~~~~~ Autres ~~~~~~

-> Prefetch Vidé

*************************

DelFix[S1].txt - [829 octets] - [23/03/2012 10:39:06]

########## EOF - C:\DelFix[S1].txt - [952 octets] ##########

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

Salut,

Ok tu peux passer à la suite :-)

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

J'ai fait nettoyage avec PureRa mais je n'ai pas la ligne demandée c'est toujours indiqué:
Scanning for files

landrezac Messages postés 67 Date d'inscription Statut Membre Dernière intervention

Je viens d'avoir total space cleaned 0 bytes

dr.pc1 Messages postés 4607 Date d'inscription Statut Contributeur Dernière intervention 1 039

ok tu peux finir ;-)

Réponse 18 / 18

Profil bloqué

Je peux t'aider mais quel est la marque de ton PC ?

Landrezac

Merci
Packard Bell

Profil bloqué

derient mais tu a déjà ta réponce :P

Landrezac

Profil bloqué

DESSOUS ;D

Votre réponse