Sujet Précédent Sujet Suivant

TROJANS LIES A LIVE PROTECTION

Résolu/Fermé
DRONE_DU_COLLECTIF Messages postés 101 Date d'inscription lundi 28 mai 2012 Statut Membre Dernière intervention 22 février 2024 - 9 juin 2012 à 18:53
DRONE_DU_COLLECTIF Messages postés 101 Date d'inscription lundi 28 mai 2012 Statut Membre Dernière intervention 22 février 2024 - 12 juin 2012 à 22:08
Bonjour,
Il y a un programme se présentant comme un antivirus qui s'est installé sur un de mes ordinateurs (muni de XP) avec les droits d'Administrateur. Il se nomme LIVE PROTECTION.
Juste avant son apparition, le système a été littéralement submergé par une vague de TROJANS qui ont été bloqué par l'antivirus d'ORANGE.
Il est clair pour moi que ceux-ci ont été initiés par ce programme.
J'ai fermé l'accès à INTERNET.
J'ai essayé de me débarrasser des TROJANS en bootant avec un cd muni de PANDA SAFE mais le programme de Panda ne veut pas lancer de scan...
J'ai lancé un scan avec NORTON SECURITY SCAN qui me dit que tout va bien, qu'il n'y a aucun trojan.
En principe j''ai désinstallé LIVE PROTECTION mais dès que je me reconnecte au net, des trojans sont détectés par l'antivirus d'Orange et tout se bloque de façon indéfinie...
Merci pour toute aide !

A voir également:

7 réponses

Réponse 1 / 7
Utilisateur anonyme
9 juin 2012 à 18:55
Bonsoir

[*] Télécharger sur le bureau https://www.luanagames.com/index.fr.html (by tigzy)
[*] Quitter tous les programmes
[*] Lancer RogueKiller.exe.
[*] Attendre que le Prescan ait fini ...
[*] Cliquer sur Scan. Cliquer sur Rapport et copier coller le contenu du rapport

@+
1
Réponse 2 / 7
Utilisateur anonyme
9 juin 2012 à 21:49
Re

Si tu le penses!!!

Je te laisses décider;mais ce n'est pas gagné...

@+

1
Réponse 3 / 7
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 582
11 juin 2012 à 13:14
Hello

tu peux poster les rapports de TDSSKiller et cmbofix stp?
ça aide à améliorer les outils
1
Réponse 4 / 7
DRONE_DU_COLLECTIF Messages postés 101 Date d'inscription lundi 28 mai 2012 Statut Membre Dernière intervention 22 février 2024 2
9 juin 2012 à 21:45
Merci !
Ca sera pour la prochaine fois si ca recommence...
J'ai pu installer SPYBOT 1.6.2 et AVIRA.
Le système est sous contrôle apparemment.
J'ai récupéré l'accès à internet sans problème pour le moment.
Je croise les doigts...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
DRONE_DU_COLLECTIF Messages postés 101 Date d'inscription lundi 28 mai 2012 Statut Membre Dernière intervention 22 février 2024 2
10 juin 2012 à 17:30
Finalement, j'ai lancé ROGUEKILLER.
J'ai obtenu 3 rapports.
Les voici :
RogueKiller V7.5.4 [07/06/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: SONY [Droits d'admin]
Mode: Recherche -- Date: 10/06/2012 15:09:23

¤¤¤ Processus malicieux: 0 ¤¤¤

¤¤¤ Entrees de registre: 2 ¤¤¤
[ZeroAccess] HKCR\[...]\InprocServer32 : (\\.\globalroot\systemroot\Installer\{559f2757-518d-d670-0246-21a0ddba224a}\n.) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver: [CHARGE] ¤¤¤
SSDT[25] : NtClose @ 0x805BC538 -> HOOKED (Unknown @ 0xF7C0D66C)
SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (Unknown @ 0xF7C0D626)
SSDT[50] : NtCreateSection @ 0x805AB3D0 -> HOOKED (Unknown @ 0xF7C0D676)
SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0xF7C0D61C)
SSDT[63] : NtDeleteKey @ 0x80624472 -> HOOKED (Unknown @ 0xF7C0D62B)
SSDT[65] : NtDeleteValueKey @ 0x80624642 -> HOOKED (Unknown @ 0xF7C0D635)
SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0xF7C0D667)
SSDT[98] : NtLoadKey @ 0x806261FA -> HOOKED (Unknown @ 0xF7C0D63A)
SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0xF7C0D608)
SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0xF7C0D60D)
SSDT[177] : NtQueryValueKey @ 0x806221FA -> HOOKED (Unknown @ 0xF7C0D68F)
SSDT[193] : NtReplaceKey @ 0x806260AA -> HOOKED (Unknown @ 0xF7C0D644)
SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D7E -> HOOKED (Unknown @ 0xF7C0D680)
SSDT[204] : NtRestoreKey @ 0x806259B6 -> HOOKED (Unknown @ 0xF7C0D63F)
SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0xF7C0D67B)
SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0xF7C0D685)
SSDT[247] : NtSetValueKey @ 0x80622548 -> HOOKED (Unknown @ 0xF7C0D630)
SSDT[255] : NtSystemDebugControl @ 0x80617FAA -> HOOKED (Unknown @ 0xF7C0D68A)
SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0xF7C0D617)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7C0D69E)
S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7C0D6A3)
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF727AB40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF727AB40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF727AB40)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] dvd43llh.sys @ 0xF791BB20)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF727AB40)
IRP[IRP_MJ_DEVICE_CHANGE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF727AB40)

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
[...]


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK1234GSX +++++
--- User ---
[MBR] fe8e86f28926dc4215b3b71595605e8f
[BSP] 88446dfa687d2af5a923c2fa584677fd : Windows XP MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 8110 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16611210 | Size: 106360 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[1].txt >>
RKreport[1].txt

--------------------------------------------------------------
---------------------------------------------------------------
RogueKiller V7.5.4 [07/06/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: SONY [Droits d'admin]
Mode: Suppression -- Date: 10/06/2012 15:11:46

¤¤¤ Processus malicieux: 0 ¤¤¤

¤¤¤ Entrees de registre: 2 ¤¤¤
[ZeroAccess] HKCR\[...]\InprocServer32 : (\\.\globalroot\systemroot\Installer\{559f2757-518d-d670-0246-21a0ddba224a}\n.) -> REPLACED (c:\windows\system32\wbem\wbemess.dll)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver: [CHARGE] ¤¤¤
SSDT[25] : NtClose @ 0x805BC538 -> HOOKED (Unknown @ 0xF7C0D66C)
SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (Unknown @ 0xF7C0D626)
SSDT[50] : NtCreateSection @ 0x805AB3D0 -> HOOKED (Unknown @ 0xF7C0D676)
SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0xF7C0D61C)
SSDT[63] : NtDeleteKey @ 0x80624472 -> HOOKED (Unknown @ 0xF7C0D62B)
SSDT[65] : NtDeleteValueKey @ 0x80624642 -> HOOKED (Unknown @ 0xF7C0D635)
SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0xF7C0D667)
SSDT[98] : NtLoadKey @ 0x806261FA -> HOOKED (Unknown @ 0xF7C0D63A)
SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0xF7C0D608)
SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0xF7C0D60D)
SSDT[177] : NtQueryValueKey @ 0x806221FA -> HOOKED (Unknown @ 0xF7C0D68F)
SSDT[193] : NtReplaceKey @ 0x806260AA -> HOOKED (Unknown @ 0xF7C0D644)
SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D7E -> HOOKED (Unknown @ 0xF7C0D680)
SSDT[204] : NtRestoreKey @ 0x806259B6 -> HOOKED (Unknown @ 0xF7C0D63F)
SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0xF7C0D67B)
SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0xF7C0D685)
SSDT[247] : NtSetValueKey @ 0x80622548 -> HOOKED (Unknown @ 0xF7C0D630)
SSDT[255] : NtSystemDebugControl @ 0x80617FAA -> HOOKED (Unknown @ 0xF7C0D68A)
SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0xF7C0D617)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7C0D69E)
S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7C0D6A3)
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF727AB40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF727AB40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF727AB40)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] dvd43llh.sys @ 0xF791BB20)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF727AB40)
IRP[IRP_MJ_DEVICE_CHANGE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF727AB40)

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
[...]


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK1234GSX +++++
--- User ---
[MBR] fe8e86f28926dc4215b3b71595605e8f
[BSP] 88446dfa687d2af5a923c2fa584677fd : Windows XP MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 8110 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16611210 | Size: 106360 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

------------------------------------------------------------------------------------------
-----------------------------------------------------------------------------------------
RogueKiller V7.5.4 [07/06/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: SONY [Droits d'admin]
Mode: Recherche -- Date: 10/06/2012 16:02:40

¤¤¤ Processus malicieux: 0 ¤¤¤

¤¤¤ Entrees de registre: 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver: [CHARGE] ¤¤¤
SSDT[25] : NtClose @ 0x805BC538 -> HOOKED (Unknown @ 0xF7B784DC)
SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (Unknown @ 0xF7B78496)
SSDT[50] : NtCreateSection @ 0x805AB3D0 -> HOOKED (Unknown @ 0xF7B784E6)
SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0xF7B7848C)
SSDT[63] : NtDeleteKey @ 0x80624472 -> HOOKED (Unknown @ 0xF7B7849B)
SSDT[65] : NtDeleteValueKey @ 0x80624642 -> HOOKED (Unknown @ 0xF7B784A5)
SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0xF7B784D7)
SSDT[98] : NtLoadKey @ 0x806261FA -> HOOKED (Unknown @ 0xF7B784AA)
SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0xF7B78478)
SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0xF7B7847D)
SSDT[177] : NtQueryValueKey @ 0x806221FA -> HOOKED (Unknown @ 0xF7B784FF)
SSDT[193] : NtReplaceKey @ 0x806260AA -> HOOKED (Unknown @ 0xF7B784B4)
SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D7E -> HOOKED (Unknown @ 0xF7B784F0)
SSDT[204] : NtRestoreKey @ 0x806259B6 -> HOOKED (Unknown @ 0xF7B784AF)
SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0xF7B784EB)
SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0xF7B784F5)
SSDT[247] : NtSetValueKey @ 0x80622548 -> HOOKED (Unknown @ 0xF7B784A0)
SSDT[255] : NtSystemDebugControl @ 0x80617FAA -> HOOKED (Unknown @ 0xF7B784FA)
SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0xF7B78487)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7B7850E)
S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7B78513)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([MAJOR] dvd43llh.sys @ 0xF77ABB20)

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
[...]


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK1234GSX +++++
--- User ---
[MBR] fe8e86f28926dc4215b3b71595605e8f
[BSP] 88446dfa687d2af5a923c2fa584677fd : Windows XP MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 8110 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16611210 | Size: 106360 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

------------------------------------------------------------------------
------------------------------------------------------------------------
--------------------------------------------------------------------------
FIN DES 3 RAPPORTS DE ROGUEKILLER.

Donc a été détecté ZEROACCES

J'ai téléchargé et lancé selon les conseils de RogueKiller le programme TDSSKILLER.

Après redémarrage, je me suis rendu compte que AVIRA détectait à répétition après suppression (théorique) TR/ATRAPS.GENZ

Donc j'ai installé et lancé COMBOFIX dont le traitement s'est poursuivi à terme sans encombre.

J'espère que c'est bon maintenant.
En tout cas, je ne réactiverai pas le BOOT RESEAU avant longtemps...

Merci Guillaume5188 pour les conseils éclairés !!!
0
Réponse 6 / 7
DRONE_DU_COLLECTIF Messages postés 101 Date d'inscription lundi 28 mai 2012 Statut Membre Dernière intervention 22 février 2024 2
12 juin 2012 à 22:03
Voici le rapport de TDSSKILLER :

15:15:01.0468 0724 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
15:15:01.0937 0724 ============================================================
15:15:01.0937 0724 Current date / time: 2012/06/10 15:15:01.0937
15:15:01.0937 0724 SystemInfo:
15:15:01.0937 0724
15:15:01.0937 0724 OS Version: 5.1.2600 ServicePack: 3.0
15:15:01.0937 0724 Product type: Workstation
15:15:01.0937 0724 ComputerName: NOM-DD1C58CE1B2
15:15:01.0937 0724 UserName: SONY
15:15:01.0937 0724 Windows directory: C:\WINDOWS
15:15:01.0937 0724 System windows directory: C:\WINDOWS
15:15:01.0937 0724 Processor architecture: Intel x86
15:15:01.0937 0724 Number of processors: 2
15:15:01.0937 0724 Page size: 0x1000
15:15:01.0937 0724 Boot type: Normal boot
15:15:01.0937 0724 ============================================================
15:15:04.0250 0724 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:15:04.0265 0724 ============================================================
15:15:04.0265 0724 \Device\Harddisk0\DR0:
15:15:04.0265 0724 MBR partitions:
15:15:04.0265 0724 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFD778A, BlocksNum 0xCFBC037
15:15:04.0265 0724 ============================================================
15:15:04.0296 0724 C: <-> \Device\Harddisk0\DR0\Partition0
15:15:04.0312 0724 ============================================================
15:15:04.0312 0724 Initialize success
15:15:04.0312 0724 ============================================================
15:15:15.0453 0692 ============================================================
15:15:15.0453 0692 Scan started
15:15:15.0453 0692 Mode: Manual;
15:15:15.0453 0692 ============================================================
15:15:15.0968 0692 Abiosdsk - ok
15:15:15.0984 0692 abp480n5 - ok
15:15:16.0031 0692 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:15:16.0031 0692 ACPI - ok
15:15:16.0062 0692 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:15:16.0062 0692 ACPIEC - ok
15:15:16.0203 0692 AdobeActiveFileMonitor4.0 (2486c8e3f14496341e90cf2ab8bc82ed) C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
15:15:16.0203 0692 AdobeActiveFileMonitor4.0 - ok
15:15:16.0281 0692 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:15:16.0296 0692 AdobeFlashPlayerUpdateSvc - ok
15:15:16.0296 0692 adpu160m - ok
15:15:16.0328 0692 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:15:16.0343 0692 aec - ok
15:15:16.0375 0692 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
15:15:16.0375 0692 AegisP - ok
15:15:16.0421 0692 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:15:16.0421 0692 AFD - ok
15:15:16.0421 0692 Aha154x - ok
15:15:16.0437 0692 aic78u2 - ok
15:15:16.0437 0692 aic78xx - ok
15:15:16.0484 0692 Alerter (758fdc60d41716ef889d849989b4b1cd) C:\WINDOWS\system32\alrsvc.dll
15:15:16.0515 0692 Alerter - ok
15:15:16.0546 0692 ALG (5e9a6658a2a69ae7eb195113b7a2e7a9) C:\WINDOWS\System32\alg.exe
15:15:16.0578 0692 ALG - ok
15:15:16.0593 0692 AliIde - ok
15:15:16.0593 0692 amsint - ok
15:15:16.0671 0692 AntiVirSchedulerService (27c9a4e1ef31c7a64de8fbc0aa568503) C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:15:16.0671 0692 AntiVirSchedulerService - ok
15:15:16.0718 0692 AntiVirService (e491888d529410d7bd8fbbad825795c8) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:15:16.0718 0692 AntiVirService - ok
15:15:16.0765 0692 ApfiltrService (b21fcbc58cb13bac70f74b5ac5da7409) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
15:15:16.0765 0692 ApfiltrService - ok
15:15:16.0828 0692 AppMgmt (f36c9f78fc902c8dce4d3b576bb0435a) C:\WINDOWS\System32\appmgmts.dll
15:15:16.0875 0692 AppMgmt - ok
15:15:16.0906 0692 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:15:16.0906 0692 Arp1394 - ok
15:15:16.0921 0692 asc - ok
15:15:16.0921 0692 asc3350p - ok
15:15:16.0937 0692 asc3550 - ok
15:15:17.0078 0692 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:15:17.0156 0692 aspnet_state - ok
15:15:17.0187 0692 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:15:17.0187 0692 AsyncMac - ok
15:15:17.0234 0692 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:15:17.0234 0692 atapi - ok
15:15:17.0250 0692 Atdisk - ok
15:15:17.0421 0692 ATE_PROCMON - ok
15:15:17.0625 0692 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:15:17.0625 0692 Atmarpc - ok
15:15:18.0078 0692 AudioSrv (b4005aef7873144634765b570dac466e) C:\WINDOWS\System32\audiosrv.dll
15:15:18.0109 0692 AudioSrv - ok
15:15:18.0171 0692 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:15:18.0171 0692 audstub - ok
15:15:18.0609 0692 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:15:18.0609 0692 avgntflt - ok
15:15:18.0828 0692 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:15:18.0828 0692 avipbb - ok
15:15:18.0859 0692 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:15:18.0859 0692 avkmgr - ok
15:15:18.0906 0692 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:15:18.0906 0692 Beep - ok
15:15:19.0015 0692 BITS (baa0b6e647c1ad593e9bae5cc31bcffb) C:\WINDOWS\system32\qmgr.dll
15:15:19.0125 0692 BITS - ok
15:15:19.0156 0692 Browser (06b54a7b1ef7cb16bfd0e208d343fa71) C:\WINDOWS\System32\browser.dll
15:15:19.0156 0692 Browser - ok
15:15:19.0187 0692 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:15:19.0187 0692 cbidf2k - ok
15:15:19.0203 0692 cd20xrnt - ok
15:15:19.0234 0692 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:15:19.0234 0692 Cdaudio - ok
15:15:19.0250 0692 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:15:19.0250 0692 Cdfs - ok
15:15:19.0265 0692 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:15:19.0265 0692 Cdrom - ok
15:15:19.0281 0692 Changer - ok
15:15:19.0296 0692 CiSvc (793ef38a5fd086c3c8e48a8a861562ed) C:\WINDOWS\system32\cisvc.exe
15:15:19.0343 0692 CiSvc - ok
15:15:19.0359 0692 ClipSrv (8b30cbb0c07d49b2658fb190946b0e7e) C:\WINDOWS\system32\clipsrv.exe
15:15:19.0390 0692 ClipSrv - ok
15:15:19.0468 0692 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:15:19.0578 0692 clr_optimization_v2.0.50727_32 - ok
15:15:19.0656 0692 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:15:19.0734 0692 clr_optimization_v4.0.30319_32 - ok
15:15:19.0765 0692 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:15:19.0765 0692 CmBatt - ok
15:15:19.0765 0692 CmdIde - ok
15:15:19.0796 0692 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:15:19.0796 0692 Compbatt - ok
15:15:19.0796 0692 COMSysApp - ok
15:15:19.0812 0692 Cpqarray - ok
15:15:19.0843 0692 CryptSvc (7a6d0b71035e123fdda2156a25578ad3) C:\WINDOWS\System32\cryptsvc.dll
15:15:19.0843 0692 CryptSvc - ok
15:15:19.0859 0692 dac2w2k - ok
15:15:19.0859 0692 dac960nt - ok
15:15:19.0921 0692 DcomLaunch (0203b1aad358f206cb0a3c1f93cce17a) C:\WINDOWS\system32\rpcss.dll
15:15:19.0937 0692 DcomLaunch - ok
15:15:20.0000 0692 Dhcp (318f535dc05551d96deeb90b6d6904de) C:\WINDOWS\System32\dhcpcsvc.dll
15:15:20.0000 0692 Dhcp - ok
15:15:20.0000 0692 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:15:20.0000 0692 Disk - ok
15:15:20.0015 0692 dmadmin - ok
15:15:20.0140 0692 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
15:15:20.0140 0692 dmboot - ok
15:15:20.0171 0692 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
15:15:20.0171 0692 DMICall - ok
15:15:20.0203 0692 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
15:15:20.0203 0692 dmio - ok
15:15:20.0218 0692 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:15:20.0234 0692 dmload - ok
15:15:20.0250 0692 dmserver (6797c23d6b79935482d7f0e8ca5e5b67) C:\WINDOWS\System32\dmserver.dll
15:15:20.0296 0692 dmserver - ok
15:15:20.0328 0692 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:15:20.0328 0692 DMusic - ok
15:15:20.0359 0692 Dnscache (1a1e59377fb6cacd711cc5073c4a7d79) C:\WINDOWS\System32\dnsrslvr.dll
15:15:20.0359 0692 Dnscache - ok
15:15:20.0421 0692 Dot3svc (3fcf86f03d0302443c21ce6e5bbf7a25) C:\WINDOWS\System32\dot3svc.dll
15:15:20.0453 0692 Dot3svc - ok
15:15:20.0453 0692 dpti2o - ok
15:15:20.0531 0692 driverhardwarev2 (0f1189883690949ba7a9f68339587e51) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
15:15:20.0546 0692 driverhardwarev2 - ok
15:15:20.0578 0692 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:15:20.0578 0692 drmkaud - ok
15:15:20.0609 0692 dvd43llh (1fc1eed3ea0c3a0ecf8a95b97e1b4831) C:\WINDOWS\system32\DRIVERS\dvd43llh.sys
15:15:20.0609 0692 dvd43llh - ok
15:15:20.0656 0692 EapHost (8b5fc9087d2cab110bc2ed5cc5e7b8ac) C:\WINDOWS\System32\eapsvc.dll
15:15:20.0671 0692 EapHost - ok
15:15:20.0765 0692 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
15:15:20.0765 0692 ehRecvr - ok
15:15:20.0812 0692 ehSched (980eeea91776357518892c5544768e2b) C:\WINDOWS\eHome\ehSched.exe
15:15:20.0812 0692 ehSched - ok
15:15:20.0859 0692 ERSvc (94f948cb12c4d35483f1e815deb16c7b) C:\WINDOWS\System32\ersvc.dll
15:15:20.0859 0692 ERSvc - ok
15:15:20.0906 0692 Eventlog (c3fb1d70cb88722267949694ba51759e) C:\WINDOWS\system32\services.exe
15:15:20.0906 0692 Eventlog - ok
15:15:20.0968 0692 EventSystem (ec16ae9b37eacf871629227a3f3913fd) C:\WINDOWS\system32\es.dll
15:15:20.0968 0692 EventSystem - ok
15:15:21.0125 0692 EvtEng (a2ca7c9169f5781a261310dfadc52514) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
15:15:21.0140 0692 EvtEng - ok
15:15:21.0234 0692 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:15:21.0234 0692 Fastfat - ok
15:15:21.0265 0692 FastUserSwitchingCompatibility (1b8542f338cdd86929a084a455837158) C:\WINDOWS\System32\shsvcs.dll
15:15:21.0281 0692 FastUserSwitchingCompatibility - ok
15:15:21.0281 0692 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:15:21.0281 0692 Fdc - ok
15:15:21.0296 0692 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
15:15:21.0296 0692 Fips - ok
15:15:21.0328 0692 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:15:21.0328 0692 Flpydisk - ok
15:15:21.0343 0692 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:15:21.0343 0692 FltMgr - ok
15:15:21.0390 0692 FNETTHJM (9339335cfaf1ebd80734098ff938b32a) C:\WINDOWS\system32\drivers\fnetthjm.sys
15:15:21.0390 0692 FNETTHJM - ok
15:15:21.0468 0692 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:15:21.0531 0692 FontCache3.0.0.0 - ok
15:15:21.0562 0692 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:15:21.0562 0692 Fs_Rec - ok
15:15:21.0609 0692 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:15:21.0609 0692 Ftdisk - ok
15:15:21.0656 0692 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:15:21.0656 0692 Gpc - ok
15:15:21.0734 0692 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:15:21.0734 0692 gupdate - ok
15:15:21.0750 0692 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:15:21.0750 0692 gupdatem - ok
15:15:21.0796 0692 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:15:21.0796 0692 HDAudBus - ok
15:15:21.0843 0692 helpsvc (1247f83b705af0e796330442f7967cf8) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:15:21.0843 0692 helpsvc - ok
15:15:21.0859 0692 HidServ - ok
15:15:21.0875 0692 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:15:21.0875 0692 HidUsb - ok
15:15:21.0921 0692 hkmsvc (17b3c3d40cdba40c2e331d28be4de27f) C:\WINDOWS\System32\kmsvc.dll
15:15:21.0953 0692 hkmsvc - ok
15:15:21.0953 0692 hpn - ok
15:15:22.0000 0692 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:15:22.0000 0692 HPZid412 - ok
15:15:22.0000 0692 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:15:22.0000 0692 HPZipr12 - ok
15:15:22.0031 0692 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:15:22.0031 0692 HPZius12 - ok
15:15:22.0078 0692 HSFHWAZL (be0a81f4337367ce94bb20e65b3d57c8) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
15:15:22.0078 0692 HSFHWAZL - ok
15:15:22.0156 0692 HSF_DPV (b46aa158f25ccbf03b12971b4c7f4723) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
15:15:22.0171 0692 HSF_DPV - ok
15:15:22.0234 0692 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:15:22.0234 0692 HTTP - ok
15:15:22.0250 0692 HTTPFilter (bd31cface38d1800abdb43f4260af0d5) C:\WINDOWS\System32\w3ssl.dll
15:15:22.0281 0692 HTTPFilter - ok
15:15:22.0281 0692 i2omgmt - ok
15:15:22.0296 0692 i2omp - ok
15:15:22.0328 0692 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:15:22.0328 0692 i8042prt - ok
15:15:22.0453 0692 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
15:15:22.0468 0692 ialm - ok
15:15:22.0593 0692 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:15:22.0625 0692 IDriverT - ok
15:15:22.0765 0692 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:15:22.0890 0692 idsvc - ok
15:15:23.0000 0692 Image Converter video recording monitor for VAIO Entertainment (a16dedf58c40d8236578f0fbb520ea6d) C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
15:15:23.0031 0692 Image Converter video recording monitor for VAIO Entertainment - ok
15:15:23.0203 0692 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:15:23.0203 0692 Imapi - ok
15:15:23.0250 0692 ImapiService (c4221678bbaa55239c23632875759961) C:\WINDOWS\system32\imapi.exe
15:15:23.0265 0692 ImapiService - ok
15:15:23.0265 0692 ini910u - ok
15:15:23.0625 0692 IntcAzAudAddService (ab2fe0faa519880bd16e4a0792d633d2) C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:15:23.0687 0692 IntcAzAudAddService - ok
15:15:23.0796 0692 IntelIde - ok
15:15:23.0843 0692 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:15:23.0843 0692 intelppm - ok
15:15:23.0859 0692 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:15:23.0859 0692 Ip6Fw - ok
15:15:23.0906 0692 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:15:23.0906 0692 IpFilterDriver - ok
15:15:23.0953 0692 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:15:23.0953 0692 IpInIp - ok
15:15:23.0984 0692 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:15:23.0984 0692 IpNat - ok
15:15:24.0000 0692 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:15:24.0000 0692 IPSec - ok
15:15:24.0031 0692 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:15:24.0031 0692 IRENUM - ok
15:15:24.0078 0692 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:15:24.0078 0692 isapnp - ok
15:15:24.0218 0692 JavaQuickStarterService (a1509ba3a5fdc5366146e92b3d130eb5) C:\Program Files\Java\jre7\bin\jqs.exe
15:15:24.0218 0692 JavaQuickStarterService - ok
15:15:24.0250 0692 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:15:24.0250 0692 Kbdclass - ok
15:15:24.0296 0692 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:15:24.0296 0692 kmixer - ok
15:15:24.0343 0692 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:15:24.0359 0692 KSecDD - ok
15:15:24.0390 0692 lanmanserver (1db8078a32e03ac8f5eb5e6dcac2aa34) C:\WINDOWS\System32\srvsvc.dll
15:15:24.0390 0692 lanmanserver - ok
15:15:24.0437 0692 lanmanworkstation (ad54ead46d92f413be189aabc1c59490) C:\WINDOWS\System32\wkssvc.dll
15:15:24.0453 0692 lanmanworkstation - ok
15:15:24.0453 0692 lbrtfdc - ok
15:15:24.0531 0692 LEX_AS_NIC_SERVICE_YNOS (c74ba069968543f4b1bd99b1f4899f92) C:\WINDOWS\system32\DRIVERS\ExpasAG.sys
15:15:24.0546 0692 LEX_AS_NIC_SERVICE_YNOS - ok
15:15:24.0593 0692 LmHosts (0f357c079ac529a844ab5b18e4eef881) C:\WINDOWS\System32\lmhsvc.dll
15:15:24.0593 0692 LmHosts - ok
15:15:24.0640 0692 maconfservice (3137b276c48d77dc05b7592e156e2880) C:\Program Files\ma-config.com\maconfservice.exe
15:15:24.0703 0692 maconfservice - ok
15:15:24.0765 0692 McrdSvc (52404cc76e9d53843bdf97564bb16bed) C:\WINDOWS\ehome\mcrdsvc.exe
15:15:24.0765 0692 McrdSvc - ok
15:15:24.0859 0692 MDM (2868e7dc2c450f76e36dab7ad9b49898) C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
15:15:24.0859 0692 MDM - ok
15:15:24.0890 0692 mdmxsdk (74f4372af97a587ecec527ec34955712) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:15:24.0890 0692 mdmxsdk - ok
15:15:24.0921 0692 Messenger (e67a66a3781c1a483f0f8992664cbe0d) C:\WINDOWS\System32\msgsvc.dll
15:15:24.0968 0692 Messenger - ok
15:15:25.0015 0692 MHN (184a03058c8cc399ea37dbeff6a8365a) C:\WINDOWS\System32\mhn.dll
15:15:25.0046 0692 MHN - ok
15:15:25.0078 0692 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
15:15:25.0078 0692 MHNDRV - ok
15:15:25.0109 0692 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:15:25.0109 0692 mnmdd - ok
15:15:25.0156 0692 mnmsrvc (d3a2870cd96cda7bcff3dc54f64087ad) C:\WINDOWS\system32\mnmsrvc.exe
15:15:25.0171 0692 mnmsrvc - ok
15:15:25.0203 0692 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
15:15:25.0203 0692 Modem - ok
15:15:25.0218 0692 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:15:25.0218 0692 Mouclass - ok
15:15:25.0250 0692 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:15:25.0250 0692 mouhid - ok
15:15:25.0281 0692 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:15:25.0281 0692 MountMgr - ok
15:15:25.0328 0692 MozillaMaintenance (6380ff81dd4d78b23398752d2f46ea43) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:15:25.0375 0692 MozillaMaintenance - ok
15:15:25.0375 0692 mraid35x - ok
15:15:25.0421 0692 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:15:25.0421 0692 MRxDAV - ok
15:15:25.0484 0692 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:15:25.0484 0692 MRxSmb - ok
15:15:25.0609 0692 MSCSPTISRV (f1534aca143ca86cd57672953754fab0) C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
15:15:25.0625 0692 MSCSPTISRV - ok
15:15:25.0640 0692 MSDTC (8648d670ae0d95c95e7bbb5b80661796) C:\WINDOWS\system32\msdtc.exe
15:15:25.0671 0692 MSDTC - ok
15:15:25.0718 0692 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:15:25.0718 0692 Msfs - ok
15:15:25.0718 0692 MSIServer - ok
15:15:25.0750 0692 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:15:25.0750 0692 MSKSSRV - ok
15:15:25.0765 0692 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:15:25.0765 0692 MSPCLOCK - ok
15:15:25.0781 0692 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:15:25.0781 0692 MSPQM - ok
15:15:25.0812 0692 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:15:25.0812 0692 mssmbios - ok
15:15:25.0843 0692 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:15:25.0843 0692 Mup - ok
15:15:25.0906 0692 napagent (69e4fbbabaeee1bff422e091da3171da) C:\WINDOWS\System32\qagentrt.dll
15:15:25.0953 0692 napagent - ok
15:15:25.0984 0692 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:15:26.0000 0692 NDIS - ok
15:15:26.0031 0692 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:15:26.0031 0692 NdisTapi - ok
15:15:26.0046 0692 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:15:26.0046 0692 Ndisuio - ok
15:15:26.0078 0692 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:15:26.0093 0692 NdisWan - ok
15:15:26.0125 0692 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:15:26.0125 0692 NDProxy - ok
15:15:26.0406 0692 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:15:26.0406 0692 NetBIOS - ok
15:15:26.0437 0692 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:15:26.0437 0692 NetBT - ok
15:15:26.0484 0692 NetDDE (5c9b1d83755b36237b70f95df3d46a52) C:\WINDOWS\system32\netdde.exe
15:15:26.0515 0692 NetDDE - ok
15:15:26.0531 0692 NetDDEdsdm (5c9b1d83755b36237b70f95df3d46a52) C:\WINDOWS\system32\netdde.exe
15:15:26.0531 0692 NetDDEdsdm - ok
15:15:26.0562 0692 Netlogon (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe
15:15:26.0562 0692 Netlogon - ok
15:15:26.0593 0692 Netman (be0cb143fa427d93440ded18db8c918b) C:\WINDOWS\System32\netman.dll
15:15:26.0593 0692 Netman - ok
15:15:26.0703 0692 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:15:26.0734 0692 NetTcpPortSharing - ok
15:15:26.0843 0692 NETw3x32 (f886500c285af271fdd33bf8ba7b32ef) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
15:15:26.0875 0692 NETw3x32 - ok
15:15:27.0156 0692 NETw4x32 (d57258165aba8162de8e29d71487fc4b) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
15:15:27.0187 0692 NETw4x32 - ok
15:15:27.0328 0692 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:15:27.0328 0692 NIC1394 - ok
15:15:27.0390 0692 Nla (6f5f546a92c7b6ae45db1d6910781eb0) C:\WINDOWS\System32\mswsock.dll
15:15:27.0390 0692 Nla - ok
15:15:27.0406 0692 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:15:27.0406 0692 Npfs - ok
15:15:27.0468 0692 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:15:27.0468 0692 Ntfs - ok
15:15:27.0484 0692 NtLmSsp (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe
15:15:27.0500 0692 NtLmSsp - ok
15:15:27.0562 0692 NtmsSvc (037d92b3a7853a183fcab77fb1d13d6c) C:\WINDOWS\system32\ntmssvc.dll
15:15:27.0609 0692 NtmsSvc - ok
15:15:27.0656 0692 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:15:27.0656 0692 Null - ok
15:15:27.0953 0692 nv (45231f169f9a384e93a11cf00e4530ab) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:15:27.0984 0692 nv - ok
15:15:28.0156 0692 NVSvc (f2206624cedcac5581d6f9f0f95a31fb) C:\WINDOWS\system32\nvsvc32.exe
15:15:28.0171 0692 NVSvc - ok
15:15:28.0218 0692 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:15:28.0218 0692 NwlnkFlt - ok
15:15:28.0218 0692 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:15:28.0218 0692 NwlnkFwd - ok
15:15:28.0265 0692 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:15:28.0265 0692 ohci1394 - ok
15:15:28.0453 0692 Orange update Core Service (fd209f8c2562c351f7a25b4ffcd8f856) C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
15:15:28.0531 0692 Orange update Core Service - ok
15:15:28.0578 0692 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
15:15:28.0609 0692 ose - ok
15:15:28.0671 0692 OXSDIDRV_x32 (257190d58444732b68919c573368b64d) C:\WINDOWS\system32\DRIVERS\OXSDIDRV_x32.sys
15:15:28.0671 0692 OXSDIDRV_x32 - ok
15:15:28.0718 0692 OXUDIDRV (8f534a8630f6baba92e14531f96906cd) C:\WINDOWS\system32\Drivers\OXUDIDRV_X32.sys
15:15:28.0718 0692 OXUDIDRV - ok
15:15:28.0812 0692 PACSPTISVR (17bb6b38de8c2bda692ca1db0cea7325) C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
15:15:28.0859 0692 PACSPTISVR - ok
15:15:28.0906 0692 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
15:15:28.0906 0692 Parport - ok
15:15:28.0937 0692 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:15:28.0937 0692 PartMgr - ok
15:15:28.0968 0692 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
15:15:28.0968 0692 ParVdm - ok
15:15:29.0000 0692 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
15:15:29.0000 0692 PCI - ok
15:15:29.0015 0692 PCIDump - ok
15:15:29.0046 0692 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:15:29.0046 0692 PCIIde - ok
15:15:29.0062 0692 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:15:29.0062 0692 Pcmcia - ok
15:15:29.0078 0692 PDCOMP - ok
15:15:29.0078 0692 PDFRAME - ok
15:15:29.0093 0692 PDRELI - ok
15:15:29.0093 0692 PDRFRAME - ok
15:15:29.0109 0692 perc2 - ok
15:15:29.0125 0692 perc2hib - ok
15:15:29.0187 0692 PlugPlay (c3fb1d70cb88722267949694ba51759e) C:\WINDOWS\system32\services.exe
15:15:29.0187 0692 PlugPlay - ok
15:15:29.0250 0692 Pml Driver HPZ12 (9d84376931440f3679beef2a414fa493) C:\WINDOWS\system32\HPZipm12.exe
15:15:29.0250 0692 Pml Driver HPZ12 - ok
15:15:29.0281 0692 PolicyAgent (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe
15:15:29.0281 0692 PolicyAgent - ok
15:15:29.0312 0692 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:15:29.0312 0692 PptpMiniport - ok
15:15:29.0312 0692 ProtectedStorage (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe
15:15:29.0312 0692 ProtectedStorage - ok
15:15:29.0343 0692 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:15:29.0343 0692 PSched - ok
15:15:29.0390 0692 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:15:29.0390 0692 Ptilink - ok
15:15:29.0421 0692 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:15:29.0421 0692 PxHelp20 - ok
15:15:29.0437 0692 ql1080 - ok
15:15:29.0437 0692 Ql10wnt - ok
15:15:29.0453 0692 ql12160 - ok
15:15:29.0453 0692 ql1240 - ok
15:15:29.0468 0692 ql1280 - ok
15:15:29.0500 0692 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:15:29.0500 0692 RasAcd - ok
15:15:29.0546 0692 RasAuto (78da9ccdac683ef5aa87d1c919f6d221) C:\WINDOWS\System32\rasauto.dll
15:15:29.0578 0692 RasAuto - ok
15:15:29.0609 0692 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:15:29.0609 0692 Rasl2tp - ok
15:15:29.0656 0692 RasMan (0a48df90b4784f9b90a2671af992c914) C:\WINDOWS\System32\rasmans.dll
15:15:29.0656 0692 RasMan - ok
15:15:29.0671 0692 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:15:29.0671 0692 RasPppoe - ok
15:15:29.0671 0692 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:15:29.0671 0692 Raspti - ok
15:15:29.0734 0692 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:15:29.0734 0692 Rdbss - ok
15:15:29.0765 0692 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:15:29.0765 0692 RDPCDD - ok
15:15:29.0796 0692 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:15:29.0812 0692 rdpdr - ok
15:15:29.0859 0692 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
15:15:29.0859 0692 RDPWD - ok
15:15:29.0890 0692 RDSessMgr (9f63d9c5b238ed1c375d417eff3d5be7) C:\WINDOWS\system32\sessmgr.exe
15:15:29.0921 0692 RDSessMgr - ok
15:15:29.0953 0692 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:15:29.0953 0692 redbook - ok
15:15:30.0093 0692 RegSrvc (8477d7c3ee18513911547785a06eaf70) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
15:15:30.0109 0692 RegSrvc - ok
15:15:30.0156 0692 RemoteAccess (7da370c31673c99497bd07068ee6e354) C:\WINDOWS\System32\mprdim.dll
15:15:30.0187 0692 RemoteAccess - ok
15:15:30.0234 0692 RemoteRegistry (e598d81197e2e0ec42a0c55772bb00e8) C:\WINDOWS\system32\regsvc.dll
15:15:30.0234 0692 RemoteRegistry - ok
15:15:30.0281 0692 RpcLocator (499c59a2584f6d4ea41e944da571d993) C:\WINDOWS\system32\locator.exe
15:15:30.0312 0692 RpcLocator - ok
15:15:30.0390 0692 RpcSs (0203b1aad358f206cb0a3c1f93cce17a) C:\WINDOWS\system32\rpcss.dll
15:15:30.0390 0692 RpcSs - ok
15:15:30.0421 0692 RSVP (414964844f4793acb868d057e8ed997e) C:\WINDOWS\system32\rsvp.exe
15:15:30.0468 0692 RSVP - ok
15:15:30.0578 0692 S24EventMonitor (e087728d371709c1817ef6487f3e2e73) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
15:15:30.0609 0692 S24EventMonitor - ok
15:15:30.0640 0692 s24trans (15f598ddaafae02102438f09d4d14461) C:\WINDOWS\system32\DRIVERS\s24trans.sys
15:15:30.0656 0692 s24trans - ok
15:15:30.0671 0692 SamSs (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe
15:15:30.0671 0692 SamSs - ok
15:15:30.0703 0692 SCardSvr (67949cc8a865296c1333c96a4e1a2d66) C:\WINDOWS\System32\SCardSvr.exe
15:15:30.0734 0692 SCardSvr - ok
15:15:30.0781 0692 Schedule (55f5c5c1be1a78e285033e432ba01597) C:\WINDOWS\system32\schedsvc.dll
15:15:30.0796 0692 Schedule - ok
15:15:30.0843 0692 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:15:30.0843 0692 Secdrv - ok
15:15:30.0843 0692 seclogon (5ac311c0af2af5ec221670bb8dc479d3) C:\WINDOWS\System32\seclogon.dll
15:15:30.0859 0692 seclogon - ok
15:15:30.0875 0692 SENS (3531366f38f453d08fe72e7b32dfe786) C:\WINDOWS\system32\sens.dll
15:15:30.0875 0692 SENS - ok
15:15:30.0906 0692 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
15:15:30.0921 0692 Serial - ok
15:15:30.0968 0692 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:15:30.0968 0692 Sfloppy - ok
15:15:31.0015 0692 ShellHWDetection (1b8542f338cdd86929a084a455837158) C:\WINDOWS\System32\shsvcs.dll
15:15:31.0015 0692 ShellHWDetection - ok
15:15:31.0031 0692 Simbad - ok
15:15:31.0093 0692 SNC (be6038e0a7d2e2fe69107e41a0265831) C:\WINDOWS\system32\Drivers\SonyNC.sys
15:15:31.0093 0692 SNC - ok
15:15:31.0093 0692 Sparrow - ok
15:15:31.0125 0692 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:15:31.0125 0692 splitter - ok
15:15:31.0171 0692 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:15:31.0171 0692 Spooler - ok
15:15:31.0250 0692 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
15:15:31.0250 0692 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
15:15:31.0265 0692 sptd ( LockedFile.Multi.Generic ) - warning
15:15:31.0265 0692 sptd - detected LockedFile.Multi.Generic (1)
15:15:31.0406 0692 SPTISRV (3980b48dff300a7e4139f5c64da65f5c) C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
15:15:31.0437 0692 SPTISRV - ok
15:15:31.0453 0692 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
15:15:31.0468 0692 sr - ok
15:15:31.0500 0692 srservice (6ed29124a1c83bd0cf6b26bd01ca6f6f) C:\WINDOWS\system32\srsvc.dll
15:15:31.0515 0692 srservice - ok
15:15:31.0562 0692 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:15:31.0562 0692 Srv - ok
15:15:31.0609 0692 SSDPSRV (ea9e0db8684cef2fd3badd671df5a112) C:\WINDOWS\System32\ssdpsrv.dll
15:15:31.0609 0692 SSDPSRV - ok
15:15:31.0656 0692 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:15:31.0656 0692 ssmdrv - ok
15:15:31.0703 0692 SSScsiSV (3dbade5b4aa47c245a69e99d72b8e73b) C:\Program Files\Fichiers communs\Sony Shared\Avlib\SSScsiSV.exe
15:15:31.0765 0692 SSScsiSV - ok
15:15:31.0859 0692 StarWindServiceAE (b1691af4a072cb674d600db16dd7308e) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
15:15:31.0859 0692 StarWindServiceAE - ok
15:15:31.0921 0692 stisvc (d76b0e8a4ecad1adcc75fd14a7acc54c) C:\WINDOWS\system32\wiaservc.dll
15:15:31.0937 0692 stisvc - ok
15:15:31.0968 0692 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:15:31.0968 0692 swenum - ok
15:15:32.0000 0692 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:15:32.0000 0692 swmidi - ok
15:15:32.0000 0692 SwPrv - ok
15:15:32.0265 0692 Symantec Core LC (96bb13ef21dd3887e43a1263f97c6c2e) C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
15:15:32.0703 0692 Symantec Core LC - ok
15:15:32.0703 0692 symc810 - ok
15:15:32.0703 0692 symc8xx - ok
15:15:32.0765 0692 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
15:15:32.0765 0692 symlcbrd - ok
15:15:32.0765 0692 sym_hi - ok
15:15:32.0781 0692 sym_u3 - ok
15:15:32.0796 0692 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:15:32.0796 0692 sysaudio - ok
15:15:32.0859 0692 SysmonLog (0899061318a6b1d9596aabfc77f45e44) C:\WINDOWS\system32\smlogsvc.exe
15:15:32.0890 0692 SysmonLog - ok
15:15:32.0953 0692 TapiSrv (8e5231171ad6595ff002e848cc54fcd7) C:\WINDOWS\System32\tapisrv.dll
15:15:32.0953 0692 TapiSrv - ok
15:15:33.0031 0692 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:15:33.0031 0692 Tcpip - ok
15:15:33.0078 0692 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:15:33.0078 0692 TDPIPE - ok
15:15:33.0109 0692 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:15:33.0109 0692 TDTCP - ok
15:15:33.0140 0692 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:15:33.0140 0692 TermDD - ok
15:15:33.0171 0692 TermService (710bc85a8c22626ee094439e3ea0d38c) C:\WINDOWS\System32\termsrv.dll
15:15:33.0187 0692 TermService - ok
15:15:33.0218 0692 Themes (1b8542f338cdd86929a084a455837158) C:\WINDOWS\System32\shsvcs.dll
15:15:33.0234 0692 Themes - ok
15:15:33.0296 0692 ti21sony (26587ce8e6c6f16b8b4e7e2c16fa00bf) C:\WINDOWS\system32\drivers\ti21sony.sys
15:15:33.0296 0692 ti21sony - ok
15:15:33.0343 0692 TlntSvr (d859a9d2f026ce5804485068ffd6eaf2) C:\WINDOWS\system32\tlntsvr.exe
15:15:33.0375 0692 TlntSvr - ok
15:15:33.0390 0692 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
15:15:33.0406 0692 toshidpt - ok
15:15:33.0406 0692 TosIde - ok
15:15:33.0453 0692 tosporte (b2842672056ca33f0a4aab3e5cbbf181) C:\WINDOWS\system32\DRIVERS\tosporte.sys
15:15:33.0453 0692 tosporte - ok
15:15:33.0484 0692 Tosrfbd (926ca0b7fd2fa62d82c33b3117936070) C:\WINDOWS\system32\Drivers\tosrfbd.sys
15:15:33.0484 0692 Tosrfbd - ok
15:15:33.0500 0692 Tosrfbnp (1ae2ba74b2a4f5a358b13fcd35258c30) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
15:15:33.0515 0692 Tosrfbnp - ok
15:15:33.0531 0692 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
15:15:33.0531 0692 Tosrfcom - ok
15:15:33.0578 0692 Tosrfhid (5dbf390aab62dd0d4d43a9278614e001) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
15:15:33.0578 0692 Tosrfhid - ok
15:15:33.0593 0692 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
15:15:33.0593 0692 tosrfnds - ok
15:15:33.0640 0692 TosRfSnd (ab6fd13d7efa2634fa6bdf84c7ef0696) C:\WINDOWS\system32\drivers\TosRfSnd.sys
15:15:33.0640 0692 TosRfSnd - ok
15:15:33.0656 0692 Tosrfusb (d870fd6ce9060b73289f47e88630ee0e) C:\WINDOWS\system32\Drivers\tosrfusb.sys
15:15:33.0656 0692 Tosrfusb - ok
15:15:33.0703 0692 TrkWks (e1a84a5067627407a53c2c4f8d8a1d2e) C:\WINDOWS\system32\trkwks.dll
15:15:33.0703 0692 TrkWks - ok
15:15:33.0750 0692 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:15:33.0750 0692 Udfs - ok
15:15:33.0750 0692 ultra - ok
15:15:33.0812 0692 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:15:33.0812 0692 Update - ok
15:15:33.0859 0692 upnphost (bd8166a495b02308f364b36249475f22) C:\WINDOWS\System32\upnphost.dll
15:15:33.0906 0692 upnphost - ok
15:15:33.0921 0692 UPS (1edc93d7bd731b5ca6248ae245099b60) C:\WINDOWS\System32\ups.exe
15:15:33.0937 0692 UPS - ok
15:15:33.0953 0692 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:15:33.0953 0692 usbccgp - ok
15:15:34.0000 0692 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:15:34.0000 0692 usbehci - ok
15:15:34.0015 0692 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:15:34.0015 0692 usbhub - ok
15:15:34.0046 0692 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:15:34.0046 0692 usbprint - ok
15:15:34.0109 0692 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:15:34.0109 0692 usbscan - ok
15:15:34.0140 0692 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:15:34.0140 0692 USBSTOR - ok
15:15:34.0187 0692 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:15:34.0187 0692 usbuhci - ok
15:15:34.0296 0692 VAIO Entertainment TV Device Arbitration Service (fb1a8f8cbd361fc1f0d144d5018c97f3) C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
15:15:34.0343 0692 VAIO Entertainment TV Device Arbitration Service - ok
15:15:34.0421 0692 VAIO Event Service (1d5425783d92f34c63075fa0c4e2c3d5) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
15:15:34.0437 0692 VAIO Event Service - ok
15:15:34.0640 0692 VAIOMediaPlatform-IntegratedServer-AppServer (3f8c67061b6c0795068bb2bb252fa374) C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
15:15:34.0734 0692 VAIOMediaPlatform-IntegratedServer-AppServer - ok
15:15:34.0859 0692 VAIOMediaPlatform-IntegratedServer-HTTP (ded309af31cb6ebe06d72cc1a10d5566) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
15:15:34.0890 0692 VAIOMediaPlatform-IntegratedServer-HTTP - ok
15:15:34.0953 0692 VAIOMediaPlatform-IntegratedServer-UPnP (a530cd1825c86e4ef32518b5e192bf09) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
15:15:35.0000 0692 VAIOMediaPlatform-IntegratedServer-UPnP - ok
15:15:35.0093 0692 VCI (55a47a048e5fd13977ca47df39cba5ff) C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
15:15:35.0140 0692 VCI - ok
15:15:35.0218 0692 Vcsw - ok
15:15:35.0343 0692 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:15:35.0343 0692 VgaSave - ok
15:15:35.0359 0692 ViaIde - ok
15:15:35.0375 0692 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
15:15:35.0375 0692 VolSnap - ok
15:15:35.0437 0692 VSS (5a4da252b2c0550ab83d129c02cf6c19) C:\WINDOWS\System32\vssvc.exe
15:15:35.0484 0692 VSS - ok
15:15:35.0531 0692 VzCdbSvc (af9ebc7cf22a18e2369346067f555953) C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
15:15:35.0531 0692 VzCdbSvc - ok
15:15:35.0562 0692 VzFw (37d04941a5b52027ee32d2685f0f72ba) C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
15:15:35.0562 0692 VzFw - ok
15:15:35.0593 0692 W32Time (c1f726ee0b043b074a68992bc4aef8fd) C:\WINDOWS\system32\w32time.dll
15:15:35.0593 0692 W32Time - ok
15:15:35.0625 0692 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:15:35.0625 0692 Wanarp - ok
15:15:35.0625 0692 WDICA - ok
15:15:35.0640 0692 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:15:35.0640 0692 wdmaud - ok
15:15:35.0671 0692 WebClient (714670e64fbe6d28d99871ed9a52a334) C:\WINDOWS\System32\webclnt.dll
15:15:35.0671 0692 WebClient - ok
15:15:35.0765 0692 winachsf (317dc24899ad7a06e3430bf45f292989) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:15:35.0765 0692 winachsf - ok
15:15:35.0875 0692 winmgmt (5e9deae9980ff34bcd6dde2e9e2bf911) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:15:35.0875 0692 winmgmt - ok
15:15:35.0921 0692 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:15:35.0953 0692 WmdmPmSN - ok
15:15:36.0046 0692 Wmi (31c1fd0bbdc5b81c21edba4331edae55) C:\WINDOWS\System32\advapi32.dll
15:15:36.0062 0692 Wmi - ok
15:15:36.0093 0692 WmiApSrv (4e8e8a58f56b25d0795f484e5eb7f898) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:15:36.0109 0692 WmiApSrv - ok
15:15:36.0375 0692 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:15:36.0437 0692 WPFFontCache_v0400 - ok
15:15:36.0484 0692 wuauserv (75d6c5c3d2c93b1f9931e5dfb693ae2a) C:\WINDOWS\system32\wuauserv.dll
15:15:36.0515 0692 wuauserv - ok
15:15:36.0593 0692 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:15:36.0593 0692 WudfPf - ok
15:15:36.0609 0692 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:15:36.0609 0692 WudfRd - ok
15:15:36.0640 0692 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:15:36.0687 0692 WudfSvc - ok
15:15:36.0765 0692 WZCSVC (c336e54ee0c291a02f004667db1e66cb) C:\WINDOWS\System32\wzcsvc.dll
15:15:36.0781 0692 WZCSVC - ok
15:15:36.0812 0692 xmlprov (f92a87fdda0c11c8604fbc2b864fa726) C:\WINDOWS\System32\xmlprov.dll
15:15:36.0859 0692 xmlprov - ok
15:15:36.0906 0692 yukonwxp (87f126d0f8dc176b282924df0417075e) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
15:15:36.0921 0692 yukonwxp - ok
15:15:36.0953 0692 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
15:15:37.0484 0692 \Device\Harddisk0\DR0 - ok
15:15:37.0500 0692 Boot (0x1200) (0f93c03d199586fee1b971c24de26c1a) \Device\Harddisk0\DR0\Partition0
15:15:37.0500 0692 \Device\Harddisk0\DR0\Partition0 - ok
15:15:37.0500 0692 ============================================================
15:15:37.0500 0692 Scan finished
15:15:37.0500 0692 ============================================================
15:15:37.0515 3904 Detected object count: 1
15:15:37.0515 3904 Actual detected object count: 1
15:17:26.0859 3904 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
15:17:26.0921 3904 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
15:17:26.0921 3904 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
15:17:26.0937 3904 C:\WINDOWS\system32\Drivers\sptd.sys - will be deleted on reboot
15:17:26.0937 3904 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
15:17:59.0078 2924 Deinitialize success

----------------------------------------------
------------------------------------------------
FIN DU RAPPORT DE TDSSKILLER

--------------------------------------------------------------------------------

RAPPORT DE COMBOFIX :

ComboFix 12-06-09.02 - SONY 10/06/2012 16:25:15.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.463 [GMT 2:00]
Lancé depuis: c:\documents and settings\SONY\Bureau\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\SONY\Application Data\PriceGong
c:\documents and settings\SONY\Bureau\Live Security Platinum.lnk
c:\documents and settings\SONY\Local Settings\Application Data\{559f2757-518d-d670-0246-21a0ddba224a}
c:\documents and settings\SONY\Local Settings\Application Data\{559f2757-518d-d670-0246-21a0ddba224a}\@
c:\documents and settings\SONY\Local Settings\Application Data\{559f2757-518d-d670-0246-21a0ddba224a}\n
c:\documents and settings\SONY\Local Settings\Application Data\{559f2757-518d-d670-0246-21a0ddba224a}\U\00000001.@
c:\documents and settings\SONY\Local Settings\Application Data\{559f2757-518d-d670-0246-21a0ddba224a}\U\80000000.@
c:\documents and settings\SONY\WINDOWS
c:\windows\Installer\{559f2757-518d-d670-0246-21a0ddba224a}
c:\windows\Installer\{559f2757-518d-d670-0246-21a0ddba224a}\@
c:\windows\Installer\{559f2757-518d-d670-0246-21a0ddba224a}\n
c:\windows\Installer\{559f2757-518d-d670-0246-21a0ddba224a}\U\80000000.@
c:\windows\Installer\{559f2757-518d-d670-0246-21a0ddba224a}\U\800000cb.@
c:\windows\system32\SET1E.tmp
c:\windows\system32\SET20.tmp
c:\windows\system32\SET29.tmp
c:\windows\system32\SET2A.tmp
c:\windows\system32\SET37.tmp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-05-10 au 2012-06-10 ))))))))))))))))))))))))))))))))))))
.
.
2012-06-10 13:17 . 2012-06-10 13:17 -------- d-----w- C:\TDSSKiller_Quarantine
2012-06-10 13:05 . 2012-06-10 13:05 1520128 ----a-w- C:\RogueKiller.exe
2012-06-10 11:51 . 2012-06-10 11:51 -------- d-----r- c:\documents and settings\LocalService\Favoris
2012-06-10 11:19 . 2012-06-10 11:19 -------- d-----w- c:\program files\CONEXANT
2012-06-09 18:37 . 2012-06-10 11:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2012-06-09 18:37 . 2012-06-09 18:37 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-06-09 17:39 . 2012-06-09 17:39 -------- d-----w- c:\documents and settings\SONY\Application Data\Avira
2012-06-09 17:33 . 2012-06-09 19:12 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-06-09 17:33 . 2011-12-01 15:55 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-06-09 17:33 . 2011-12-01 15:55 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-06-09 17:33 . 2012-06-09 17:33 -------- d-----w- c:\program files\Avira
2012-06-09 17:33 . 2012-06-09 17:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2012-06-09 17:11 . 2012-06-10 11:10 -------- d-----w- c:\program files\Anti Trojan Elite
2012-06-09 13:55 . 2012-06-09 13:55 -------- d-----w- c:\documents and settings\SONY\Application Data\F-Secure
2012-06-09 13:54 . 2012-06-09 15:59 -------- d-----w- c:\documents and settings\All Users\Application Data\F4D55EFF000073236306D8ABD151FC4E
2012-06-08 06:52 . 2012-05-08 16:40 6737808 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{4BBDE138-F2B3-4B81-BE24-FB74598B8F41}\mpengine.dll
2012-06-07 07:12 . 2012-06-07 07:12 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-07 07:12 . 2012-06-07 07:12 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-05 07:54 . 2012-06-05 07:54 -------- d-----w- c:\program files\DVDFab 8 Qt
2012-06-01 20:07 . 2012-06-01 20:07 -------- d--h--w- c:\windows\PIF
2012-06-01 19:30 . 2012-06-01 19:30 -------- d-----w- c:\program files\Marvell
2012-06-01 19:23 . 2012-01-16 09:06 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-06-01 19:23 . 2012-06-01 19:23 -------- d-----w- C:\Intel
2012-06-01 19:19 . 2012-06-01 19:19 -------- d-----w- c:\documents and settings\SONY\Application Data\Intel
2012-06-01 19:19 . 2012-06-01 19:19 -------- d-----w- c:\documents and settings\LocalService\Application Data\Intel
2012-06-01 19:19 . 2012-06-01 19:19 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Intel
2012-06-01 19:17 . 2008-03-13 01:25 2530176 ----a-w- c:\windows\system32\drivers\NETw4x32.sys
2012-06-01 19:17 . 2007-08-08 13:29 2772992 ----a-w- c:\windows\system32\NETw4r32.dll
2012-06-01 19:17 . 2007-08-08 13:28 684032 ----a-w- c:\windows\system32\NETw4c32.dll
2012-06-01 19:17 . 2012-06-01 19:17 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Intel
2012-06-01 19:17 . 2012-06-01 19:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Intel
2012-06-01 17:10 . 2012-06-01 20:21 -------- d-----w- C:\__DRIVERS_CZ1_TOUS_MES_DRIVERS
2012-06-01 17:02 . 2012-06-01 17:03 -------- d-----w- c:\program files\ma-config.com
2012-06-01 17:02 . 2012-06-01 17:03 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2012-05-31 07:55 . 2012-05-31 07:55 -------- d-----w- C:\DriveKey
2012-05-30 10:35 . 2012-05-30 10:35 -------- d-----w- C:\MODIFIER CLE ACTIVATION WINDOWS
2012-05-30 10:29 . 2012-05-30 13:06 -------- d-----w- C:\CLE BOOTABLE
2012-05-28 21:10 . 2012-05-28 21:18 -------- d-----w- C:\INTEL 855 PM CHIPSET DRIVER
2012-05-21 14:40 . 2012-06-10 13:13 2127960 ----a-w- C:\TDSSKiller.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-09 07:29 . 2012-04-06 07:29 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-09 07:29 . 2011-08-23 08:14 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-01 19:19 . 2006-09-04 12:59 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys
2012-05-31 13:22 . 2006-09-04 03:51 606208 ----a-w- c:\windows\system32\crypt32.dll
2012-05-08 16:40 . 2012-01-07 16:34 6737808 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-04-11 13:51 . 2004-08-04 00:48 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:51 . 2006-09-04 03:52 1862400 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:51 . 2006-09-04 03:52 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-27 14:48 . 2006-09-04 03:53 299424 ----a-w- c:\windows\system32\drivers\yk51x86.sys
2012-06-07 07:12 . 2012-05-09 08:52 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-03-20 217544]
"orangeinside"="c:\documents and settings\SONY\Application Data\Orange\OrangeInside\one\OrangeInside.exe" [2010-09-16 858624]
"MailNotifier"="c:\program files\Orange\MailNotifier\MailNotifier.exe" [2010-11-04 634368]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-11-17 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-31 7561216]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 45056]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-04-05 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-04-05 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-04-05 118784]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2006-08-27 217088]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"VAIO Update 2"="c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-11 151552]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2005-03-03 483328]
"dvd43"="c:\program files\dvd43\dvd43_tray.exe" [2009-10-23 827904]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"F5D7050v3"="c:\program files\Belkin\F5D7050v3\Belkinwcui.exe" [2007-10-30 1654784]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2011-05-04 252136]
"NUSB3MON"="c:\program files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2008-03-04 999424]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2008-03-04 1101824]
"Anti Trojan Elite"="c:\program files\Anti Trojan Elite\TJEnder.exe" [2009-06-14 4076544]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-12-01 258512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2006-4-7 1773568]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-06-20 14:11 73728 ----a-w- c:\windows\system32\VESWinlogon.dll
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [09/06/2012 19:33 36000]
R2 AntiVirSchedulerService;Avira Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [09/06/2012 19:33 86224]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [04/09/2006 05:53 226304]
S2 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [03/07/2010 19:09 136176]
S2 Orange update Core Service;Orange update Core Service;c:\program files\Orange\OrangeUpdate\Service\OUCore.exe [20/05/2011 11:13 1055872]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06/04/2012 09:29 257224]
S3 FNETTHJM;Freecom Turbo USB 2.0;c:\windows\system32\drivers\fnetthjm.sys [27/11/2010 16:25 24448]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [03/07/2010 19:09 136176]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [25/11/2011 16:36 311928]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [09/05/2012 10:54 113120]
S3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\drivers\OXSDIDRV_x32.sys [28/09/2009 09:55 52656]
S3 OXUDIDRV;OXUDIDRV;c:\windows\system32\drivers\OXUDIDRV_x32.sys [28/03/2012 19:18 24880]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504]
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - 95300683
*Deregistered* - 95300683
*Deregistered* - TrueSight
.
Contenu du dossier 'Tâches planifiées'
.
2012-06-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 07:29]
.
2012-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 17:09]
.
2012-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 17:09]
.
2012-06-09 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
2012-06-09 c:\windows\Tasks\Norton Security Scan for SONY.job
- c:\progra~1\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-19 00:45]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
uInternet Connection Wizard,ShellNext = hxxp://www.club-vaio.com/fr/
IE: ajouter cette page à vos favoris Orange - c:\documents and settings\SONY\Application Data\Orange\OrangeInside\src\addfavorites_ht
0
Réponse 7 / 7
DRONE_DU_COLLECTIF Messages postés 101 Date d'inscription lundi 28 mai 2012 Statut Membre Dernière intervention 22 février 2024 2
12 juin 2012 à 22:08
VOICI LE RAPPORT COMPLET DE COMBOFIX (qui a été tronqué plus haut...) :

ComboFix 12-06-09.02 - SONY 10/06/2012 16:25:15.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.463 [GMT 2:00]
Lancé depuis: c:\documents and settings\SONY\Bureau\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\SONY\Application Data\PriceGong
c:\documents and settings\SONY\Bureau\Live Security Platinum.lnk
c:\documents and settings\SONY\Local Settings\Application Data\{559f2757-518d-d670-0246-21a0ddba224a}
c:\documents and settings\SONY\Local Settings\Application Data\{559f2757-518d-d670-0246-21a0ddba224a}\@
c:\documents and settings\SONY\Local Settings\Application Data\{559f2757-518d-d670-0246-21a0ddba224a}\n
c:\documents and settings\SONY\Local Settings\Application Data\{559f2757-518d-d670-0246-21a0ddba224a}\U\00000001.@
c:\documents and settings\SONY\Local Settings\Application Data\{559f2757-518d-d670-0246-21a0ddba224a}\U\80000000.@
c:\documents and settings\SONY\WINDOWS
c:\windows\Installer\{559f2757-518d-d670-0246-21a0ddba224a}
c:\windows\Installer\{559f2757-518d-d670-0246-21a0ddba224a}\@
c:\windows\Installer\{559f2757-518d-d670-0246-21a0ddba224a}\n
c:\windows\Installer\{559f2757-518d-d670-0246-21a0ddba224a}\U\80000000.@
c:\windows\Installer\{559f2757-518d-d670-0246-21a0ddba224a}\U\800000cb.@
c:\windows\system32\SET1E.tmp
c:\windows\system32\SET20.tmp
c:\windows\system32\SET29.tmp
c:\windows\system32\SET2A.tmp
c:\windows\system32\SET37.tmp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-05-10 au 2012-06-10 ))))))))))))))))))))))))))))))))))))
.
.
2012-06-10 13:17 . 2012-06-10 13:17 -------- d-----w- C:\TDSSKiller_Quarantine
2012-06-10 13:05 . 2012-06-10 13:05 1520128 ----a-w- C:\RogueKiller.exe
2012-06-10 11:51 . 2012-06-10 11:51 -------- d-----r- c:\documents and settings\LocalService\Favoris
2012-06-10 11:19 . 2012-06-10 11:19 -------- d-----w- c:\program files\CONEXANT
2012-06-09 18:37 . 2012-06-10 11:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2012-06-09 18:37 . 2012-06-09 18:37 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-06-09 17:39 . 2012-06-09 17:39 -------- d-----w- c:\documents and settings\SONY\Application Data\Avira
2012-06-09 17:33 . 2012-06-09 19:12 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-06-09 17:33 . 2011-12-01 15:55 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-06-09 17:33 . 2011-12-01 15:55 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-06-09 17:33 . 2012-06-09 17:33 -------- d-----w- c:\program files\Avira
2012-06-09 17:33 . 2012-06-09 17:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2012-06-09 17:11 . 2012-06-10 11:10 -------- d-----w- c:\program files\Anti Trojan Elite
2012-06-09 13:55 . 2012-06-09 13:55 -------- d-----w- c:\documents and settings\SONY\Application Data\F-Secure
2012-06-09 13:54 . 2012-06-09 15:59 -------- d-----w- c:\documents and settings\All Users\Application Data\F4D55EFF000073236306D8ABD151FC4E
2012-06-08 06:52 . 2012-05-08 16:40 6737808 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{4BBDE138-F2B3-4B81-BE24-FB74598B8F41}\mpengine.dll
2012-06-07 07:12 . 2012-06-07 07:12 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-07 07:12 . 2012-06-07 07:12 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-05 07:54 . 2012-06-05 07:54 -------- d-----w- c:\program files\DVDFab 8 Qt
2012-06-01 20:07 . 2012-06-01 20:07 -------- d--h--w- c:\windows\PIF
2012-06-01 19:30 . 2012-06-01 19:30 -------- d-----w- c:\program files\Marvell
2012-06-01 19:23 . 2012-01-16 09:06 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-06-01 19:23 . 2012-06-01 19:23 -------- d-----w- C:\Intel
2012-06-01 19:19 . 2012-06-01 19:19 -------- d-----w- c:\documents and settings\SONY\Application Data\Intel
2012-06-01 19:19 . 2012-06-01 19:19 -------- d-----w- c:\documents and settings\LocalService\Application Data\Intel
2012-06-01 19:19 . 2012-06-01 19:19 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Intel
2012-06-01 19:17 . 2008-03-13 01:25 2530176 ----a-w- c:\windows\system32\drivers\NETw4x32.sys
2012-06-01 19:17 . 2007-08-08 13:29 2772992 ----a-w- c:\windows\system32\NETw4r32.dll
2012-06-01 19:17 . 2007-08-08 13:28 684032 ----a-w- c:\windows\system32\NETw4c32.dll
2012-06-01 19:17 . 2012-06-01 19:17 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Intel
2012-06-01 19:17 . 2012-06-01 19:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Intel
2012-06-01 17:10 . 2012-06-01 20:21 -------- d-----w- C:\__DRIVERS_CZ1_TOUS_MES_DRIVERS
2012-06-01 17:02 . 2012-06-01 17:03 -------- d-----w- c:\program files\ma-config.com
2012-06-01 17:02 . 2012-06-01 17:03 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2012-05-31 07:55 . 2012-05-31 07:55 -------- d-----w- C:\DriveKey
2012-05-30 10:35 . 2012-05-30 10:35 -------- d-----w- C:\MODIFIER CLE ACTIVATION WINDOWS
2012-05-30 10:29 . 2012-05-30 13:06 -------- d-----w- C:\CLE BOOTABLE
2012-05-28 21:10 . 2012-05-28 21:18 -------- d-----w- C:\INTEL 855 PM CHIPSET DRIVER
2012-05-21 14:40 . 2012-06-10 13:13 2127960 ----a-w- C:\TDSSKiller.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-09 07:29 . 2012-04-06 07:29 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-09 07:29 . 2011-08-23 08:14 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-01 19:19 . 2006-09-04 12:59 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys
2012-05-31 13:22 . 2006-09-04 03:51 606208 ----a-w- c:\windows\system32\crypt32.dll
2012-05-08 16:40 . 2012-01-07 16:34 6737808 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-04-11 13:51 . 2004-08-04 00:48 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:51 . 2006-09-04 03:52 1862400 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:51 . 2006-09-04 03:52 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-27 14:48 . 2006-09-04 03:53 299424 ----a-w- c:\windows\system32\drivers\yk51x86.sys
2012-06-07 07:12 . 2012-05-09 08:52 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-03-20 217544]
"orangeinside"="c:\documents and settings\SONY\Application Data\Orange\OrangeInside\one\OrangeInside.exe" [2010-09-16 858624]
"MailNotifier"="c:\program files\Orange\MailNotifier\MailNotifier.exe" [2010-11-04 634368]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-11-17 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-31 7561216]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 45056]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-04-05 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-04-05 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-04-05 118784]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2006-08-27 217088]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"VAIO Update 2"="c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-11 151552]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2005-03-03 483328]
"dvd43"="c:\program files\dvd43\dvd43_tray.exe" [2009-10-23 827904]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"F5D7050v3"="c:\program files\Belkin\F5D7050v3\Belkinwcui.exe" [2007-10-30 1654784]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2011-05-04 252136]
"NUSB3MON"="c:\program files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2008-03-04 999424]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2008-03-04 1101824]
"Anti Trojan Elite"="c:\program files\Anti Trojan Elite\TJEnder.exe" [2009-06-14 4076544]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-12-01 258512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2006-4-7 1773568]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-06-20 14:11 73728 ----a-w- c:\windows\system32\VESWinlogon.dll
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [09/06/2012 19:33 36000]
R2 AntiVirSchedulerService;Avira Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [09/06/2012 19:33 86224]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [04/09/2006 05:53 226304]
S2 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [03/07/2010 19:09 136176]
S2 Orange update Core Service;Orange update Core Service;c:\program files\Orange\OrangeUpdate\Service\OUCore.exe [20/05/2011 11:13 1055872]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06/04/2012 09:29 257224]
S3 FNETTHJM;Freecom Turbo USB 2.0;c:\windows\system32\drivers\fnetthjm.sys [27/11/2010 16:25 24448]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [03/07/2010 19:09 136176]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [25/11/2011 16:36 311928]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [09/05/2012 10:54 113120]
S3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\drivers\OXSDIDRV_x32.sys [28/09/2009 09:55 52656]
S3 OXUDIDRV;OXUDIDRV;c:\windows\system32\drivers\OXUDIDRV_x32.sys [28/03/2012 19:18 24880]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504]
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - 95300683
*Deregistered* - 95300683
*Deregistered* - TrueSight
.
Contenu du dossier 'Tâches planifiées'
.
2012-06-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 07:29]
.
2012-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 17:09]
.
2012-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 17:09]
.
2012-06-09 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
2012-06-09 c:\windows\Tasks\Norton Security Scan for SONY.job
- c:\progra~1\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-19 00:45]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
uInternet Connection Wizard,ShellNext = hxxp://www.club-vaio.com/fr/
IE: ajouter cette page à vos favoris Orange - c:\documents and settings\SONY\Application Data\Orange\OrangeInside\src\addfavorites_html\addfavorites.html
IE: Ajouter un site de support RSS à VAIO Information FLOW - c:\program files\Sony\VAIO Information FLOW\aiesc.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: envoyer le texte sélectionné par sms - c:\documents and settings\SONY\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html
IE: envoyer par sms - c:\documents and settings\SONY\Application Data\Orange\OrangeInside\src\sendsms_html\sendsms.html
IE: envoyer un mail - c:\documents and settings\SONY\Application Data\Orange\OrangeInside\src\sendmail_html\sendmail.html
IE: orange.fr - c:\documents and settings\SONY\Application Data\Orange\OrangeInside\src\orange_html\orange.html
IE: rechercher le texte sélectionné - c:\documents and settings\SONY\Application Data\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html
Trusted Zone: orange.fr\logicielsgratuits
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\SONY\Application Data\Mozilla\Firefox\Profiles\9luevnsr.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
FF - prefs.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
SafeBoot-95300683.sys
SafeBoot-WinDefend
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-10 16:37
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(892)
c:\windows\system32\VESWinlogon.dll
c:\windows\system32\netprovcredman.dll
.
Heure de fin: 2012-06-10 16:41:13
ComboFix-quarantined-files.txt 2012-06-10 14:41
.
Avant-CF: 8 785 567 744 octets libres
Après-CF: 8 832 929 792 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - AC1D193221D8E9B035CD44FC2AA094D7

-------------------------------------------------------------
-------------------------------------------------------------
FIN DU RAPPORT DE COMBOFIX
0

Discussions similaires

Live tiktok
Dialmari -
PouletAffectueux12 -

10 réponses
comment avoir accès à ma boîte mail live.fr
mag -
Redbart -

1 réponse
comment regarder mes mails "live.fr"
gweny19101 -
Dih -

8 réponses
Problème de live sur tik tok
Ethan -
roldens224abit -

63 réponses
Rav antivirus
cavalier33 -
cavalier33 -

2 réponses