Se connecter / S'enregistrer
Votre question

Redirection Firefox [Résolu]

Tags :
  • Firefox
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Mai 2011 16:40:37

Bonjour,
Depuis quelques temps je dois me plier à la volonté de google et de firefox qui me redirige sans cesse vers des sites publicitaires ou bing..
J'ai Avast antivirus qui n'a, bien sur, rien détecté.
Enfin, dans mon gestionnaire des taches je peux observer 6 processus svchost qui sont assez inquietant..
Quelqu'un est il pret à m'aider ?
Merci de votre précieuse aide.

Autres pages sur : redirection firefox resolu

15 Mai 2011 17:20:57

Bonjour

1

Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.

    <@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**

    ++

    ****
    2


    telecharge sur ton bureau http://support.kaspersky.com/downloads/utils/tdsskiller... , dezippe le et execute le , un rapport sera crée ici:

    C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu

    tu as aussi directement l'executable là : http://support.kaspersky.com/downloads/utils/tdsskiller...

    o execute le , La fenêtre suivante va s'ouvrir::



    o Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
    o Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:



    o Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

    o Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.

    o Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.

    o Si Suspicious file est indiqué, laisse l'option cochée sur Skip

    o Clique sur Continue puis sur Reboot now pour redémarrer le PC.

    o Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).

    tutoriel--> http://support.kaspersky.com/viruses/solutions?qid=2082...


    15 Mai 2011 20:11:40

    Voila le premier rapport :

    .
    DDS (Ver_11-03-05.01) - NTFSx86
    Run by Marie-Pierre at 20:04:15,23 on 15/05/2011
    Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_21
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.502.162 [GMT 2:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Avi Player\AviPlayer.exe
    C:\Documents and Settings\Marie-Pierre\Application Data\Dropbox\bin\Dropbox.exe
    C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\Program Files\Fichiers communs\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe
    C:\Program Files\Fichiers communs\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Western Digital\WD IDN\WD Drive Manager\WDDMService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Documents and Settings\Marie-Pierre\Bureau\dds.scr
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Bar = hxxp://www.wanadoo.fr/go/page_recherche/
    uStart Page = hxxp://www.google.fr/
    uURLSearchHooks: H - No File
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: NTIECatcher Class: {c56cb6b0-0d96-11d6-8c65-b2868b609932} - c:\program files\xi\nettransport 2\NTIEHelper.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
    TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
    uRun: [Avi Player] "c:\program files\avi player\AviPlayer.exe" hmw
    uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
    uRun: [Google Update] "c:\documents and settings\marie-pierre\local settings\application data\google\update\GoogleUpdate.exe" /c
    mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
    mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
    mRun: [TPNF] c:\program files\toshiba\touchpad\TPTray.exe
    mRun: [TOSHIBA Accessibility] c:\program files\toshiba\accessibility\FnKeyHook.exe
    mRun: [HWSetup] c:\program files\toshiba\toshiba applet\HWSetup.exe hwSetUP
    mRun: [SVPWUTIL] c:\program files\toshiba\windows utilities\SVPWUTIL.exe SVPwUTIL
    mRun: [SmoothView] c:\program files\toshiba\utilitaire de zoom toshiba\SmoothView.exe
    mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
    mRun: [DWQueuedReporting] "c:\progra~1\fichie~1\micros~1\dw\dwtrig20.exe" -t
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    dRunOnce: [WUAppSetup] c:\program files\fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023
    StartupFolder: c:\docume~1\marie-~1\menudm~1\progra~1\dmarra~1\dropbox.lnk - c:\documents and settings\marie-pierre\application data\dropbox\bin\Dropbox.exe
    StartupFolder: c:\docume~1\marie-~1\menudm~1\progra~1\dmarra~1\lancem~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE
    IE: &Télécharger avec NetTransport - c:\program files\xi\nettransport 2\NTAddLink.html
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Tout t&élécharger avec NetTransport - c:\program files\xi\nettransport 2\NTAddList.html
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    TCP: NameServer = 93.188.163.244,93.188.160.214
    TCP: {063C4CE7-2726-4EC0-8AA1-A90376EB7619} = 93.188.163.244,93.188.160.214
    TCP: {E3622275-82A8-44D5-927E-760E837F0A83} = 93.188.163.244,93.188.160.214
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\docume~1\marie-~1\applic~1\mozilla\firefox\profiles\vzfpu3zf.default\
    FF - prefs.js: browser.startup.homepage - chrome://foxtab/content/homepage.html
    FF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dll
    FF - plugin: c:\documents and settings\marie-pierre\local settings\application data\google\update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-15 441176]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-2-8 307928]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-2-5 218688]
    R1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [2006-4-8 114496]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-2-8 19544]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-12 42184]
    R2 EmmaDevMgmtSvc;Emma Device Management;c:\program files\fichiers communs\sony ericsson\emma core\services\EmmaDeviceMgmt.exe [2010-8-24 306296]
    R2 EmmaUpdMgmtSvc;Emma Update Management;c:\program files\fichiers communs\sony ericsson\emma core\services\EmmaUpdateMgmt.exe [2010-8-24 162936]
    R2 WDDMService;WD IDN Drive Manager;c:\program files\western digital\wd IDN\wd drive manager\WDDMService.exe [2009-11-13 110592]
    R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-11-2 27632]
    S2 WDSmartWareBackgroundService;WD IDN Background Service;c:\program files\western digital\wd IDN\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
    S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-9-7 13224]
    S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2009-3-8 28672]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2010-8-7 11520]
    .
    =============== Created Last 30 ================
    .
    2011-05-15 12:37:48 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-05-09 12:05:20 -------- d-----w- c:\docume~1\marie-~1\locals~1\applic~1\Google
    2011-05-09 11:00:58 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2011-05-09 11:00:56 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
    2011-05-09 11:00:56 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
    2011-05-09 11:00:56 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
    2011-05-09 11:00:56 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
    2011-05-09 11:00:56 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
    2011-05-09 11:00:55 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
    2011-05-09 11:00:55 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
    .
    ==================== Find3M ====================
    .
    2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
    .
    ============= FINISH: 20:05:31,21 ===============

    Et le deuxieme :

    2011/05/15 20:09:41.0203 3100 TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29
    2011/05/15 20:09:41.0484 3100 ================================================================================
    2011/05/15 20:09:41.0484 3100 SystemInfo:
    2011/05/15 20:09:41.0484 3100
    2011/05/15 20:09:41.0484 3100 OS Version: 5.1.2600 ServicePack: 2.0
    2011/05/15 20:09:41.0484 3100 Product type: Workstation
    2011/05/15 20:09:41.0484 3100 ComputerName: JO
    2011/05/15 20:09:41.0484 3100 UserName: Marie-Pierre
    2011/05/15 20:09:41.0484 3100 Windows directory: C:\WINDOWS
    2011/05/15 20:09:41.0484 3100 System windows directory: C:\WINDOWS
    2011/05/15 20:09:41.0484 3100 Processor architecture: Intel x86
    2011/05/15 20:09:41.0484 3100 Number of processors: 1
    2011/05/15 20:09:41.0484 3100 Page size: 0x1000
    2011/05/15 20:09:41.0484 3100 Boot type: Normal boot
    2011/05/15 20:09:41.0484 3100 ================================================================================
    2011/05/15 20:09:41.0625 3100 Initialize success
    2011/05/15 20:09:42.0828 0792 ================================================================================
    2011/05/15 20:09:42.0828 0792 Scan started
    2011/05/15 20:09:42.0828 0792 Mode: Manual;
    2011/05/15 20:09:42.0828 0792 ================================================================================
    2011/05/15 20:09:43.0859 0792 Aavmker4 (3f6884eff406238d39aaa892218f1df7) C:\WINDOWS\system32\drivers\Aavmker4.sys
    2011/05/15 20:09:44.0078 0792 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    2011/05/15 20:09:44.0203 0792 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    2011/05/15 20:09:44.0328 0792 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
    2011/05/15 20:09:44.0468 0792 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
    2011/05/15 20:09:44.0609 0792 AgereSoftModem (b06d36c988152b4c8dea71235f6d1011) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
    2011/05/15 20:09:44.0843 0792 ALCXWDM (3cb2e2c258bfff962f90e26c0649c638) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
    2011/05/15 20:09:44.0968 0792 ApfiltrService (3ed81e8b4709d13e5a38db2d8e792b28) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
    2011/05/15 20:09:45.0046 0792 AR5211 (37e1a3630872b3ccaa45e2468f437df0) C:\WINDOWS\system32\DRIVERS\ar5211.sys
    2011/05/15 20:09:45.0140 0792 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    2011/05/15 20:09:45.0390 0792 aswFsBlk (7f08d9c504b015d81a8abd75c80028c5) C:\WINDOWS\system32\drivers\aswFsBlk.sys
    2011/05/15 20:09:45.0437 0792 aswMon2 (c2181ef6b54752273a0759a968c59279) C:\WINDOWS\system32\drivers\aswMon2.sys
    2011/05/15 20:09:45.0468 0792 aswRdr (ac48bdd4cd5d44af33087c06d6e9511c) C:\WINDOWS\system32\drivers\aswRdr.sys
    2011/05/15 20:09:45.0562 0792 aswSnx (b64134316fcd1f20e0f10ef3e65bd522) C:\WINDOWS\system32\drivers\aswSnx.sys
    2011/05/15 20:09:45.0609 0792 aswSP (d6788e3211afa9951ed7a4d617f68a4f) C:\WINDOWS\system32\drivers\aswSP.sys
    2011/05/15 20:09:45.0703 0792 aswTdi (4d100c45517809439c7b6dd98997fa00) C:\WINDOWS\system32\drivers\aswTdi.sys
    2011/05/15 20:09:45.0828 0792 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    2011/05/15 20:09:45.0921 0792 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
    2011/05/15 20:09:45.0984 0792 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    2011/05/15 20:09:46.0046 0792 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    2011/05/15 20:09:46.0156 0792 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    2011/05/15 20:09:46.0265 0792 CamDrL (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\WINDOWS\system32\DRIVERS\Camdrl.sys
    2011/05/15 20:09:46.0312 0792 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    2011/05/15 20:09:46.0359 0792 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    2011/05/15 20:09:46.0437 0792 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    2011/05/15 20:09:46.0468 0792 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
    2011/05/15 20:09:46.0796 0792 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    2011/05/15 20:09:47.0078 0792 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    2011/05/15 20:09:47.0125 0792 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    2011/05/15 20:09:47.0265 0792 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
    2011/05/15 20:09:47.0328 0792 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys
    2011/05/15 20:09:47.0390 0792 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\drivers\dmio.sys
    2011/05/15 20:09:47.0484 0792 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    2011/05/15 20:09:47.0593 0792 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
    2011/05/15 20:09:47.0656 0792 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
    2011/05/15 20:09:47.0718 0792 drvmcdb (f41619ae216b51d68dda163805eefaa9) C:\WINDOWS\system32\drivers\drvmcdb.sys
    2011/05/15 20:09:47.0765 0792 drvnddm (2ff629c1c443e25d0149b9dfb77e43a8) C:\WINDOWS\system32\drivers\drvnddm.sys
    2011/05/15 20:09:47.0843 0792 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
    2011/05/15 20:09:47.0937 0792 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
    2011/05/15 20:09:47.0984 0792 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
    2011/05/15 20:09:48.0078 0792 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys
    2011/05/15 20:09:48.0125 0792 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
    2011/05/15 20:09:48.0187 0792 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
    2011/05/15 20:09:48.0234 0792 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    2011/05/15 20:09:48.0281 0792 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    2011/05/15 20:09:48.0359 0792 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    2011/05/15 20:09:48.0421 0792 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
    2011/05/15 20:09:48.0500 0792 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
    2011/05/15 20:09:48.0562 0792 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    2011/05/15 20:09:48.0671 0792 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    2011/05/15 20:09:48.0843 0792 HTTP (cb77bb47e67e84deb17ba29632501730) C:\WINDOWS\system32\Drivers\HTTP.sys
    2011/05/15 20:09:49.0031 0792 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    2011/05/15 20:09:49.0343 0792 ialm (2aae7be67911f4aec9ad28e9cfb9096f) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
    2011/05/15 20:09:49.0453 0792 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
    2011/05/15 20:09:49.0578 0792 IntelIde (1367812f8a974e0c13a4888fa5e7ede6) C:\WINDOWS\system32\DRIVERS\intelide.sys
    2011/05/15 20:09:49.0625 0792 intelppm (dd5ad1e79ac26d3f8d8828ad4627f160) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    2011/05/15 20:09:49.0671 0792 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
    2011/05/15 20:09:49.0703 0792 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    2011/05/15 20:09:49.0750 0792 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    2011/05/15 20:09:49.0812 0792 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    2011/05/15 20:09:49.0890 0792 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    2011/05/15 20:09:49.0953 0792 irda (86c204836feec22510d434982d4221b8) C:\WINDOWS\system32\DRIVERS\irda.sys
    2011/05/15 20:09:50.0062 0792 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
    2011/05/15 20:09:50.0171 0792 isapnp (54632f1a7de61dc3615d756f2a90fa72) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    2011/05/15 20:09:50.0250 0792 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    2011/05/15 20:09:50.0296 0792 kbdhid (62dd5eefcec4ef4163f1168d4262a9e4) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    2011/05/15 20:09:50.0359 0792 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
    2011/05/15 20:09:50.0421 0792 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
    2011/05/15 20:09:50.0546 0792 libusb0 (34d6730e198a5b0fce0790a6b4769ef2) C:\WINDOWS\system32\drivers\libusb0.sys
    2011/05/15 20:09:50.0671 0792 LVUSBSta (64bc29c3a0388bfc580bb8b1346f7659) C:\WINDOWS\system32\drivers\LVUSBSta.sys
    2011/05/15 20:09:50.0750 0792 meiudf (6a75fd0b5f008d711dc44d9693e8d632) C:\WINDOWS\system32\Drivers\meiudf.sys
    2011/05/15 20:09:50.0812 0792 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    2011/05/15 20:09:50.0859 0792 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys
    2011/05/15 20:09:50.0906 0792 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    2011/05/15 20:09:50.0953 0792 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    2011/05/15 20:09:50.0984 0792 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
    2011/05/15 20:09:51.0062 0792 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    2011/05/15 20:09:51.0171 0792 MRxSmb (6f2d483b97b395544e59749c47963c6a) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    2011/05/15 20:09:51.0312 0792 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
    2011/05/15 20:09:51.0406 0792 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2011/05/15 20:09:51.0453 0792 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2011/05/15 20:09:51.0500 0792 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
    2011/05/15 20:09:51.0562 0792 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    2011/05/15 20:09:51.0625 0792 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
    2011/05/15 20:09:51.0671 0792 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
    2011/05/15 20:09:51.0718 0792 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    2011/05/15 20:09:51.0796 0792 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
    2011/05/15 20:09:51.0890 0792 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    2011/05/15 20:09:52.0000 0792 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    2011/05/15 20:09:52.0062 0792 Ndisuio (8d3ce6b579cde8d37acc690b67dc2106) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    2011/05/15 20:09:52.0093 0792 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    2011/05/15 20:09:52.0125 0792 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
    2011/05/15 20:09:52.0187 0792 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
    2011/05/15 20:09:52.0234 0792 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
    2011/05/15 20:09:52.0296 0792 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
    2011/05/15 20:09:52.0359 0792 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    2011/05/15 20:09:52.0406 0792 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
    2011/05/15 20:09:52.0500 0792 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
    2011/05/15 20:09:52.0593 0792 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    2011/05/15 20:09:52.0703 0792 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    2011/05/15 20:09:52.0750 0792 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    2011/05/15 20:09:52.0843 0792 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    2011/05/15 20:09:52.0906 0792 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\DRIVERS\parport.sys
    2011/05/15 20:09:52.0953 0792 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
    2011/05/15 20:09:53.0031 0792 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
    2011/05/15 20:09:53.0125 0792 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys
    2011/05/15 20:09:53.0171 0792 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
    2011/05/15 20:09:53.0234 0792 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    2011/05/15 20:09:53.0437 0792 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    2011/05/15 20:09:53.0500 0792 prodrv04 (4aa86b6f5fdf5ed32adc723b0e5b052d) C:\WINDOWS\System32\drivers\prodrv04.sys
    2011/05/15 20:09:53.0562 0792 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
    2011/05/15 20:09:53.0609 0792 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    2011/05/15 20:09:53.0671 0792 PxHelp20 (f3a3b00666a40c6914b7b2864f7dc1c0) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    2011/05/15 20:09:53.0796 0792 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    2011/05/15 20:09:53.0843 0792 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
    2011/05/15 20:09:53.0921 0792 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    2011/05/15 20:09:54.0015 0792 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    2011/05/15 20:09:54.0078 0792 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    2011/05/15 20:09:54.0156 0792 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    2011/05/15 20:09:54.0203 0792 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    2011/05/15 20:09:54.0265 0792 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
    2011/05/15 20:09:54.0343 0792 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys
    2011/05/15 20:09:54.0671 0792 RTL8023xp (1e7978c5e355407efdfc7b7328ef13e7) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
    2011/05/15 20:09:54.0828 0792 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
    2011/05/15 20:09:54.0875 0792 sdbus (02fc71b020ec8700ee8a46c58bc6f276) C:\WINDOWS\system32\DRIVERS\sdbus.sys
    2011/05/15 20:09:54.0937 0792 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    2011/05/15 20:09:55.0031 0792 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
    2011/05/15 20:09:55.0078 0792 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\drivers\Serial.sys
    2011/05/15 20:09:55.0125 0792 SerTVOutCtlr (c996c839a3261cab5409c61e5702b620) C:\WINDOWS\system32\drivers\EPIOMngr.sys
    2011/05/15 20:09:55.0171 0792 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
    2011/05/15 20:09:55.0265 0792 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    2011/05/15 20:09:55.0328 0792 SMCIRDA (a8eb0aa07632a4c936ff6f8eda5bdead) C:\WINDOWS\system32\DRIVERS\smcirda.sys
    2011/05/15 20:09:55.0437 0792 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
    2011/05/15 20:09:55.0562 0792 sptd (7f1b7c4d446cd3f926af45b8c48bd593) C:\WINDOWS\system32\Drivers\sptd.sys
    2011/05/15 20:09:55.0562 0792 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 7f1b7c4d446cd3f926af45b8c48bd593
    2011/05/15 20:09:55.0578 0792 sptd - detected LockedFile.Multi.Generic (1)
    2011/05/15 20:09:55.0656 0792 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys
    2011/05/15 20:09:55.0750 0792 Srv (7a0111577d8046633d5162a3ce15e9e1) C:\WINDOWS\system32\DRIVERS\srv.sys
    2011/05/15 20:09:55.0796 0792 SrvcEKIOMngr (3b01a9316255cdd17f9c8e79aa573406) C:\WINDOWS\system32\Drivers\EKIoMngr.sys
    2011/05/15 20:09:55.0843 0792 SrvcSSIOMngr (79b7af340d55861df1d69e7bac975fcc) C:\WINDOWS\system32\Drivers\SSIoMngr.sys
    2011/05/15 20:09:55.0906 0792 sscdbhk5 (1cbd1b58a32de97899f5290b05f856db) C:\WINDOWS\system32\drivers\sscdbhk5.sys
    2011/05/15 20:09:55.0984 0792 ssrtln (7fb07ac152d7a87e66204860002bd9a4) C:\WINDOWS\system32\drivers\ssrtln.sys
    2011/05/15 20:09:56.0140 0792 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    2011/05/15 20:09:56.0218 0792 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
    2011/05/15 20:09:56.0250 0792 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
    2011/05/15 20:09:56.0546 0792 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
    2011/05/15 20:09:56.0656 0792 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    2011/05/15 20:09:56.0718 0792 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
    2011/05/15 20:09:56.0765 0792 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
    2011/05/15 20:09:56.0812 0792 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
    2011/05/15 20:09:56.0890 0792 tfsnboio (2da3ca4022abb0802de7eeda574e78d6) C:\WINDOWS\system32\dla\tfsnboio.sys
    2011/05/15 20:09:56.0921 0792 tfsncofs (c8d6928759b77701c21dc90ad61197f2) C:\WINDOWS\system32\dla\tfsncofs.sys
    2011/05/15 20:09:56.0953 0792 tfsndrct (bacdef5510fa643683cddca418e49446) C:\WINDOWS\system32\dla\tfsndrct.sys
    2011/05/15 20:09:56.0984 0792 tfsndres (9cf2b32430c9bbd43ef1c3cae80940d3) C:\WINDOWS\system32\dla\tfsndres.sys
    2011/05/15 20:09:57.0031 0792 tfsnifs (6aef3ec0b64689536891a9b96e9d7b82) C:\WINDOWS\system32\dla\tfsnifs.sys
    2011/05/15 20:09:57.0062 0792 tfsnopio (7239873a72dd456f6e74e6987cdb9687) C:\WINDOWS\system32\dla\tfsnopio.sys
    2011/05/15 20:09:57.0109 0792 tfsnpool (b78631e3593ddd76a4a8ba7cb8e32302) C:\WINDOWS\system32\dla\tfsnpool.sys
    2011/05/15 20:09:57.0187 0792 tfsnudf (9e8b4abb93e5784fc4e5d3202566cc7a) C:\WINDOWS\system32\dla\tfsnudf.sys
    2011/05/15 20:09:57.0218 0792 tfsnudfa (056fa0a11ba4cd688e1e40e48ffee921) C:\WINDOWS\system32\dla\tfsnudfa.sys
    2011/05/15 20:09:57.0281 0792 tifm21 (8778a553003a3d37a550a1f9cff6be28) C:\WINDOWS\system32\drivers\tifm21.sys
    2011/05/15 20:09:57.0343 0792 TPwSav (ac768518be7b5bcf42728ccd3f7d34b4) C:\WINDOWS\system32\Drivers\TPwSav.sys
    2011/05/15 20:09:57.0406 0792 Tvs (b56840ed437a0c3f0bfc7224fb2fe0b8) C:\WINDOWS\system32\DRIVERS\Tvs.sys
    2011/05/15 20:09:57.0500 0792 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
    2011/05/15 20:09:57.0671 0792 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
    2011/05/15 20:09:57.0750 0792 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
    2011/05/15 20:09:57.0828 0792 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
    2011/05/15 20:09:57.0968 0792 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
    2011/05/15 20:09:58.0078 0792 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    2011/05/15 20:09:58.0156 0792 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    2011/05/15 20:09:58.0234 0792 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    2011/05/15 20:09:58.0296 0792 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    2011/05/15 20:09:58.0359 0792 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    2011/05/15 20:09:58.0406 0792 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    2011/05/15 20:09:58.0484 0792 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    2011/05/15 20:09:58.0546 0792 usb_rndisx (ae4df3b7d1db9373b08db4ed224e26b6) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
    2011/05/15 20:09:58.0593 0792 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
    2011/05/15 20:09:58.0687 0792 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys
    2011/05/15 20:09:58.0921 0792 w29n51 (c89da341fcc883a3d79dc11727484fc2) C:\WINDOWS\system32\DRIVERS\w29n51.sys
    2011/05/15 20:09:59.0031 0792 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    2011/05/15 20:09:59.0078 0792 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
    2011/05/15 20:09:59.0171 0792 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
    2011/05/15 20:09:59.0281 0792 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
    2011/05/15 20:09:59.0421 0792 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
    2011/05/15 20:09:59.0515 0792 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
    2011/05/15 20:09:59.0625 0792 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    2011/05/15 20:09:59.0687 0792 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    2011/05/15 20:09:59.0734 0792 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    2011/05/15 20:09:59.0968 0792 ================================================================================
    2011/05/15 20:09:59.0968 0792 Scan finished
    2011/05/15 20:09:59.0968 0792 ================================================================================
    2011/05/15 20:09:59.0984 3960 Detected object count: 1
    2011/05/15 20:10:02.0359 3960 LockedFile.Multi.Generic(sptd) - User select action: Skip



    Merci de ton aide !
    Contenus similaires
    15 Mai 2011 21:41:17

    re
    Désactive ton antivirus et tout autre type de protection.
    Télécharge ComboFix de sUBs : Combofix
    Sauvegarde-le sur ton bureau et pas ailleurs!

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer

    <@_@>

    +++++++++++++++++++++
    15 Mai 2011 23:43:42

    Voila le rapport :

    ComboFix 11-05-15.03 - Marie-Pierre 15/05/2011 23:28:29.2.1 - x86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.502.222 [GMT 2:00]
    Lancé depuis: c:\documents and settings\Marie-Pierre\Bureau\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\Default User\WINDOWS
    c:\documents and settings\Marie-Pierre\Application Data\cacaoweb
    c:\documents and settings\Marie-Pierre\Application Data\cacaoweb\adstorage.db
    c:\documents and settings\Marie-Pierre\Application Data\cacaoweb\replicating3257B0A1A0DF43708C6932BA0E3C54E3.cacao
    c:\documents and settings\Marie-Pierre\Application Data\cacaoweb\storage.db
    c:\documents and settings\Marie-Pierre\WINDOWS
    c:\program files\cacaoweb\cacaoweb.exe
    c:\windows\system32\_000127_.tmp.dll
    c:\windows\system32\config\systemprofile\WINDOWS
    c:\windows\system32\rnaph.dll
    c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    .
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-15 au 2011-05-15 ))))))))))))))))))))))))))))))))))))
    .
    .
    2011-05-15 12:37 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-05-09 12:05 . 2011-05-09 12:10 -------- d-----w- c:\documents and settings\Marie-Pierre\Local Settings\Application Data\Google
    2011-05-09 11:00 . 2011-04-14 16:47 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
    2011-05-09 11:00 . 2011-04-14 16:47 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
    2011-05-09 11:00 . 2011-04-14 16:47 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
    2011-05-09 11:00 . 2011-04-14 16:47 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
    2011-05-09 11:00 . 2011-04-14 16:47 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
    2011-05-09 11:00 . 2011-04-14 16:47 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
    2011-05-09 11:00 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
    2011-05-09 11:00 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-05-10 12:10 . 2010-08-05 11:18 40112 ----a-w- c:\windows\avastSS.scr
    2011-05-10 12:10 . 2009-02-08 12:33 199304 ----a-w- c:\windows\system32\aswBoot.exe
    2011-05-10 12:03 . 2009-02-08 12:33 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-05-10 12:02 . 2009-02-08 12:33 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-05-10 12:02 . 2009-02-08 12:33 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
    2011-05-10 12:02 . 2009-02-08 12:33 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
    2011-05-10 11:59 . 2009-02-08 12:33 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-05-10 11:59 . 2009-02-08 12:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
    2011-05-10 11:59 . 2009-02-08 12:33 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-04-14 16:47 . 2011-05-09 11:00 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Marie-Pierre\Application Data\Dropbox\bin\DropboxExt.13.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Marie-Pierre\Application Data\Dropbox\bin\DropboxExt.13.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Marie-Pierre\Application Data\Dropbox\bin\DropboxExt.13.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-03-02 65536]
    "Avi Player"="c:\program files\Avi Player\AviPlayer.exe" [2007-09-05 629760]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2003-10-30 192512]
    "PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-11-17 1077327]
    "TPNF"="c:\program files\TOSHIBA\TouchPad\TPTray.exe" [2004-11-29 53248]
    "TOSHIBA Accessibility"="c:\program files\TOSHIBA\Accessibility\FnKeyHook.exe" [2004-12-07 24576]
    "HWSetup"="c:\program files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-12-23 28672]
    "SVPWUTIL"="c:\program files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2005-02-25 65536]
    "SmoothView"="c:\program files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2004-11-15 118784]
    "Tvs"="c:\program files\TOSHIBA\Tvs\TvsTray.exe" [2004-11-12 73728]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
    "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "WUAppSetup"="c:\program files\Fichiers communs\logishrd\WUApp32.exe" [2007-02-03 430080]
    .
    c:\documents and settings\Marie-Pierre\Menu D‚marrer\Programmes\D‚marrage\
    Dropbox.lnk - c:\documents and settings\Marie-Pierre\Application Data\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
    Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2004-6-17 59080]
    .
    c:\documents and settings\Marie-Pierre\Menu D‚marrer\Programmes\D‚marrage\
    Dropbox.lnk - c:\documents and settings\Marie-Pierre\Application Data\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
    Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2004-6-17 59080]
    .
    c:\documents and settings\Marie-Pierre\Menu D‚marrer\Programmes\D‚marrage\
    Dropbox.lnk - c:\documents and settings\Marie-Pierre\Application Data\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
    Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2004-6-17 59080]
    .
    c:\documents and settings\Marie-Pierre\Menu D‚marrer\Programmes\D‚marrage\
    Dropbox.lnk - c:\documents and settings\Marie-Pierre\Application Data\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
    Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2004-6-17 59080]
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
    path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
    backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^CD du logiciel supplémentaire.lnk]
    path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\CD du logiciel supplémentaire.lnk
    backup=c:\windows\pss\CD du logiciel supplémentaire.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^EPSON Status Monitor 3 Environment Check 2.lnk]
    path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check 2.lnk
    backup=c:\windows\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^RAMASST.lnk]
    path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk
    backup=c:\windows\pss\RAMASST.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WDDMStatus.lnk]
    path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\WDDMStatus.lnk
    backup=c:\windows\pss\WDDMStatus.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WDSmartWare.lnk]
    path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\WDSmartWare.lnk
    backup=c:\windows\pss\WDSmartWare.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinZip Quick Pick.lnk]
    path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk
    backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Marie-Pierre^Menu Démarrer^Programmes^Démarrage^eSKernel.lnk]
    path=c:\documents and settings\Marie-Pierre\Menu Démarrer\Programmes\Démarrage\eSKernel.lnk
    backup=c:\windows\pss\eSKernel.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CFSServ.exe]
    CFSServ.exe -NoClient [X]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
    2004-10-28 13:37 88363 ----a-w- c:\windows\agrsmmsg.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEKEY]
    2005-01-21 20:48 675840 ----a-w- c:\program files\TOSHIBA\E-KEY\CeEKey.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
    2005-01-14 00:05 122939 ----a-w- c:\windows\system32\dla\tfswctrl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
    2007-01-13 07:47 163840 ----a-w- c:\windows\system32\hkcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
    2007-01-13 07:47 131072 ----a-w- c:\windows\system32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2009-11-12 15:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]
    2003-09-05 16:16 184320 ----a-w- c:\program files\ltmoh\ltmoh.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
    2007-01-13 07:46 135168 ----a-w- c:\windows\system32\igfxpers.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2010-05-14 09:44 248552 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TCtryIOHook]
    2005-02-16 13:43 28672 ----a-w- c:\windows\system32\TCtrlIOHook.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain]
    2005-01-21 09:28 266240 ----a-w- c:\windows\system32\TPSMain.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\X'nBeep]
    2007-01-06 21:37 1067520 ----a-w- c:\program files\X'nBeep 1.1\XnBeep.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zooming]
    2004-07-14 15:07 24576 ----a-w- c:\windows\system32\ZoomingHook.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Sony Ericsson\\SEMC OMSI Module\\SEMC OMSI Module.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
    "c:\\Documents and Settings\\Marie-Pierre\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "5730:UDP"= 5730:UDP:MGS
    .
    R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/10/2008 19:20 716272]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [15/05/2011 14:37 441176]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [08/02/2009 14:33 307928]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [05/02/2011 20:29 218688]
    R1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [08/04/2006 15:57 114496]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [08/02/2009 14:33 19544]
    R2 EmmaDevMgmtSvc;Emma Device Management;c:\program files\Fichiers communs\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe [24/08/2010 12:13 306296]
    R2 EmmaUpdMgmtSvc;Emma Update Management;c:\program files\Fichiers communs\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe [24/08/2010 12:13 162936]
    R2 WDDMService;WD IDN Drive Manager;c:\program files\Western Digital\WD IDN\WD Drive Manager\WDDMService.exe [13/11/2009 11:28 110592]
    R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [02/11/2010 20:49 27632]
    S2 WDSmartWareBackgroundService;WD IDN Background Service;c:\program files\Western Digital\WD IDN\Front Parlor\WDSmartWareBackgroundService.exe [16/06/2009 08:58 20480]
    S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [07/09/2010 20:17 13224]
    S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [08/03/2009 21:35 28672]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [07/08/2010 17:04 11520]
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2011-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2882308516-916618624-3490476284-1006Core.job
    - c:\documents and settings\Marie-Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-09 12:05]
    .
    2011-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2882308516-916618624-3490476284-1006UA.job
    - c:\documents and settings\Marie-Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-09 12:05]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.fr/
    IE: &Télécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddLink.html
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Tout t&élécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddList.html
    FF - ProfilePath - c:\documents and settings\Marie-Pierre\Application Data\Mozilla\Firefox\Profiles\vzfpu3zf.default\
    FF - prefs.js: browser.startup.homepage - chrome://foxtab/content/homepage.html
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    MSConfigStartUp-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
    MSConfigStartUp-NDSTray - NDSTray.exe
    MSConfigStartUp-Sony Ericsson PC Companion - c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
    MSConfigStartUp-TFncKy - TFncKy.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-05-15 23:37
    Windows 5.1.2600 Service Pack 2 NTFS
    .
    Recherche de processus cachés ...
    .
    Recherche d'éléments en démarrage automatique cachés ...
    .
    Recherche de fichiers cachés ...
    .
    .
    C:\## aswSnx private storage
    .
    Scan terminé avec succès
    Fichiers cachés: 1
    .
    **************************************************************************
    .
    Heure de fin: 2011-05-15 23:41:51
    ComboFix-quarantined-files.txt 2011-05-15 21:41
    .
    Avant-CF: 29 437 128 704 octets libres
    Après-CF: 29 407 580 160 octets libres
    .
    - - End Of File - - 26DE47DFD3067E61AE2F650016D06810
    17 Mai 2011 15:35:56

    ESETSmartInstaller@High as downloader log:
    all ok
    # version=7
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6427
    # api_version=3.0.2
    # EOSSerial=7b7b1f6a018d4043844825be4b8de4b0
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=false
    # antistealth_checked=true
    # utc_time=2011-05-17 01:26:37
    # local_time=2011-05-17 03:26:37 (+0100, Paris, Madrid)
    # country="France"
    # lang=1036
    # osver=5.1.2600 NT Service Pack 2
    # compatibility_mode=770 16774141 100 100 169435 82343341 0 0
    # compatibility_mode=8192 67108863 100 0 6783 6783 0 0
    # scanned=71158
    # found=2
    # cleaned=0
    # scan_time=5344
    C:\Program Files\Avi Player\AviPlayer.exe Win32/Ivefound.AviPlayer application (impossible de nettoyer) 00000000000000000000000000000000 I
    ${Memory} Win32/Ivefound.AviPlayer application 00000000000000000000000000000000 I


    Et voila ! Vous trouvez quelque chose ? :) 
    17 Mai 2011 21:33:34

    Bonsoir
    comment se comporte ton pc?
    17 Mai 2011 22:12:08

    Plutot pas mal pour l'instant !
    Je n'ai d'ailleurs plus de redirection, enfin il me semble, je te tiendrai au courant la dessus !
    De plus, avast vient de m'informer de risques d'infection de svchost 5 fois ! Cependant, ils sont toujours présents dans les processus..

    Merci
    17 Mai 2011 22:24:40

    Citation :
    De plus, avast vient de m'informer de risques d'infection de svchost 5 fois ! Cependant, ils sont toujours présents dans les processus..

    tu peux me donner le message d'alerte?

    C'est curieux...


    Télécharge GMER à partir de ce lien : http://www.gmer.net/files.php – clic sur « Download EXE » et télécharge le fichier sur ton bureau.
    Voir le tutorial GMER, ça peut peut-être t’aider : http://www.malekal.com/tutorial_GMER.php

    Désactive tes logiciels de protection (antivirus, antispyware etc) et ferme tous les programmes ouverts.
    Double-clic sur le fichier GMER téléchargé.
    Une fois lancé, fais un clic droit sur le fond blanc (comme ci-dessus) et clic sur « Only Non MS files »
    Clic en bas à droite sur le bouton « Scan » pour lancer le scan.



    Lorsque le scan est terminé, clic sur « Copy »

    Ouvre le bloc-note et clic sur le Menu Edition / Coller
    Le rapport doit alors apparaître.
    Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
    17 Mai 2011 22:40:46

    Alors je viens de revoir le message : il m'annonce qu'une menace est détécté (énorme panneau rouge, etc..) 5 fois avec comme domaine C://......./svchost.exe.
    Pas eu le temps de faire un printscreen..
    Je te post le prochain rapport dans peu de temps !
    17 Mai 2011 22:45:35

    GMER 1.0.15.15627 - http://www.gmer.net
    Rootkit scan 2011-05-17 22:43:32
    Windows 5.1.2600 Service Pack 2
    Running: ivzgqu3o.exe; Driver: C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp\pxtdypow.sys


    ---- Modules - GMER 1.0.15 ----

    Module spdh.sys F84E5000-F85E2000 (1036288 bytes)
    Module drvmcdb.sys (Device Driver/Sonic Solutions) F83F1000-F8406000 (86016 bytes)
    Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) F8893000-F8898000 (20480 bytes)
    Module \SystemRoot\system32\DRIVERS\igxpmp32.sys (Intel Graphics Miniport Driver/Intel Corporation) F503E000-F55A7000 (5672960 bytes)
    Module \SystemRoot\system32\DRIVERS\Rtlnicxp.sys (Realtek 10/100/1000 NDIS 5.1 Driver /Realtek Semiconductor Corporation ) F4FF5000-F5007000 (73728 bytes)
    Module \SystemRoot\system32\DRIVERS\w29n51.sys (Intel® Wireless LAN Driver/Intel® Corporation) F4CE2000-F4FF5000 (3223552 bytes)
    Module \SystemRoot\system32\drivers\tifm21.sys (tifm21.sys/Texas Instruments) F4CBB000-F4CE2000 (159744 bytes)
    Module \SystemRoot\system32\drivers\ALCXWDM.SYS (Realtek AC'97 Audio Driver (WDM)/Realtek Semiconductor Corp.) F4A7C000-F4CAA000 (2285568 bytes)
    Module \SystemRoot\system32\DRIVERS\Tvs.sys (TOSHIBA Audio Filter Driver/TOSHIBA Corporation) F89FB000-F8A03000 (32768 bytes)
    Module \SystemRoot\system32\DRIVERS\wowxt_kern_i386.sys F8A0B000-F8A12000 (28672 bytes)
    Module \SystemRoot\system32\DRIVERS\tsxt_kern_i386.sys F88BB000-F88C3000 (32768 bytes)
    Module \SystemRoot\system32\DRIVERS\AGRSM.sys (SoftModem Device Driver/Agere Systems) F48FE000-F4A35000 (1273856 bytes)
    Module \SystemRoot\system32\DRIVERS\Apfiltr.sys (Alps Pointing-device Driver/Alps Electric Co., Ltd.) F48E5000-F48FE000 (102400 bytes)
    Module \SystemRoot\system32\drivers\sscdbhk5.sys (Shared Driver Component/Sonic Solutions) F8B7B000-F8B7D000 (8192 bytes)
    Module \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) F895B000-F8961000 (24576 bytes)
    Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) F89E3000-F89E8000 (20480 bytes)
    Module \SystemRoot\system32\DRIVERS\seehcri.sys (seehcri Driver/Sony Ericsson Mobile Communications) F88C3000-F88C9000 (24576 bytes)
    Module \SystemRoot\system32\DRIVERS\dtsoftbus01.sys (DAEMON Tools Virtual Bus Driver/DT Soft Ltd) F4829000-F4864000 (241664 bytes)
    Module \SystemRoot\system32\drivers\ssrtln.sys (Shared Driver Component/Sonic Solutions) F88FB000-F8901000 (24576 bytes)
    Module \SystemRoot\System32\Drivers\meiudf.sys (DVD-RAM UDF File System Driver/Matsushita Electric Industrial Co.,Ltd.) AA6C1000-AA6D8000 (94208 bytes)
    Module \SystemRoot\System32\Drivers\aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) F86B3000-F86BD000 (40960 bytes)
    Module \SystemRoot\System32\Drivers\aswRdr.SYS (avast! TDI RDR Driver/AVAST Software) F89AB000-F89B0000 (20480 bytes)
    Module \SystemRoot\System32\Drivers\TPwSav.sys (IO Driver For TOSHIBA Power Saver/TOSHIBA ) F8AB7000-F8ABA000 (12288 bytes)
    Module \SystemRoot\System32\Drivers\SSIoMngr.sys (IoManager Application/COMPAL ELECTRONIC INC.) F8BC3000-F8BC5000 (8192 bytes)
    Module \SystemRoot\System32\Drivers\EKIoMngr.sys (IoManager Application/COMPAL ELECTRONIC INC.) F8BC7000-F8BC9000 (8192 bytes)
    Module \SystemRoot\system32\drivers\EPIOMngr.sys (IoManager Application/COMPAL ELECTRONIC INC.) F8B09000-F8B0B000 (8192 bytes)
    Module \SystemRoot\System32\drivers\prodrv04.sys (Star Force copy protection driver/Protection Technology Co.) AA593000-AA5AF000 (114688 bytes)
    Module \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) AA4DA000-AA524000 (303104 bytes)
    Module \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) AA442000-AA4B2000 (458752 bytes)
    Module \SystemRoot\System32\Drivers\Aavmker4.SYS (avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP/AVAST Software) F89BB000-F89C1000 (24576 bytes)
    Module \SystemRoot\System32\igxpgd32.dll (Intel Graphics 2D Driver/Intel Corporation) BF024000-BF04E000 (172032 bytes)
    Module \SystemRoot\System32\igxprd32.dll (Intel Graphics 2D Rotation Driver/Intel Corporation) BF012000-BF024000 (73728 bytes)
    Module \SystemRoot\System32\igxpdv32.DLL (Component GHAL Driver/Intel Corporation) BF04E000-BF1CC000 (1564672 bytes)
    Module \SystemRoot\System32\igxpdx32.DLL (DirectDraw(R) Driver for Intel(R) Graphics Technology/Intel Corporation) BF1CC000-BF436000 (2531328 bytes)
    Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated) BFFA0000-BFFE6000 (286720 bytes)
    Module \SystemRoot\System32\Drivers\aswFsBlk.SYS (avast! File System Access Blocking Driver/AVAST Software) AA396000-AA399000 (12288 bytes)
    Module \SystemRoot\system32\drivers\drvnddm.sys (Device Driver Manager/Sonic Solutions) AA780000-AA78A000 (40960 bytes)
    Module \SystemRoot\system32\dla\tfsndres.sys (Drive Letter Access Component/Sonic Solutions) F8C51000-F8C52000 (4096 bytes)
    Module \SystemRoot\system32\dla\tfsnifs.sys (Drive Letter Access Component/Sonic Solutions) AA1BC000-AA1D2000 (90112 bytes)
    Module \SystemRoot\system32\dla\tfsnopio.sys (Drive Letter Access Component/Sonic Solutions) AA216000-AA21A000 (16384 bytes)
    Module \SystemRoot\system32\dla\tfsnpool.sys (Drive Letter Access Component/Sonic Solutions) F8B73000-F8B75000 (8192 bytes)
    Module \SystemRoot\system32\dla\tfsnboio.sys (Drive Letter Access Component/Sonic Solutions) F8943000-F894A000 (28672 bytes)
    Module \SystemRoot\system32\dla\tfsncofs.sys (Drive Letter Access Component/Sonic Solutions) AA770000-AA779000 (36864 bytes)
    Module \SystemRoot\system32\dla\tfsndrct.sys (Drive Letter Access Component/Sonic Solutions) F8C54000-F8C55000 (4096 bytes)
    Module \SystemRoot\system32\dla\tfsnudf.sys (Drive Letter Access Component/Sonic Solutions) AA1A3000-AA1BC000 (102400 bytes)
    Module \SystemRoot\system32\dla\tfsnudfa.sys (Drive Letter Access Component/Sonic Solutions) AA18A000-AA1A3000 (102400 bytes)
    Module \SystemRoot\system32\DRIVERS\netdevio.sys (Network Device Usermode I/O protocol/TOSHIBA Corporation.) AA1EA000-AA1ED000 (12288 bytes)
    Module \SystemRoot\System32\Drivers\aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software) A9FCD000-A9FE4000 (94208 bytes)
    Module \SystemRoot\system32\DRIVERS\atksgt.sys A9A5E000-A9AA1000 (274432 bytes)
    Module \SystemRoot\system32\DRIVERS\lirsgt.sys AA2FA000-AA2FF000 (20480 bytes)
    Module \??\C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp\pxtdypow.sys (GMER) A7A73000-A7A8C000 (102400 bytes)

    ---- Processes - GMER 1.0.15 ----

    Process C:\WINDOWS\Explorer.EXE (Explorateur Windows/Microsoft Corporation) 256
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Program Files\Alwil Software\Avast5\ashShell.dll (avast! Shell Extension/AVAST Software) 0x64E40000
    Library C:\Documents and Settings\Marie-Pierre\Application Data\Dropbox\bin\DropboxExt.13.dll (Dropbox Shell Extension/Dropbox, Inc.) 0x10000000
    Library C:\WINDOWS\system32\igfxpph.dll (igfxpph Module/Intel Corporation) 0x015E0000
    Library C:\WINDOWS\system32\hccutils.DLL (hccutils Module/Intel Corporation) 0x014C0000
    Library C:\WINDOWS\system32\igfxres.dll (igfxres Module/Intel Corporation) 0x01650000
    Library C:\WINDOWS\system32\igfxress.dll (igfxress Module/Intel Corporation) 0x024D0000
    Library C:\WINDOWS\system32\igfxsrvc.dll (igfxsrvc Module/Intel Corporation) 0x016A0000
    Library C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Shell Extension DLL/WinZip Computing, Inc.) 0x16200000
    Library C:\Program Files\WinRAR\rarext.dll 0x01C60000

    Process C:\Program Files\Apoint2K\Apoint.exe (Alps Pointing-device Driver/Alps Electric Co., Ltd.) 480
    Library C:\Program Files\Apoint2K\Apoint.exe (Alps Pointing-device Driver/Alps Electric Co., Ltd.) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\WINDOWS\system32\VXDIF.DLL (Vxdif/Alps Electric Co., Ltd.) 0x10000000
    Library C:\Program Files\Apoint2K\ApMain.DLL (Alps Pointing-device Driver/Alps Electric Co., Ltd.) 0x00B30000
    Library C:\Program Files\Apoint2K\ApCommon.dll (Alps Pointing-device Driver/Alps Electric Co., Ltd.) 0x00B50000
    Library C:\Program Files\Apoint2K\ApDual.dll (Alps Pointing-device Driver/Alps Electric Co., Ltd.) 0x00B70000
    Library C:\Program Files\Apoint2K\ApPad.dll (Alps Pointing-device Driver/Alps Electric Co., Ltd.) 0x00B90000
    Library C:\Program Files\Apoint2K\EzCapt.dll (Alps Pointing-device Driver/Alps Electric Co., Ltd.) 0x00C00000
    Library C:\Program Files\Apoint2K\EzLaunch.dll (Alps Pointing-device Driver/Alps Electric Co., Ltd.) 0x00C20000
    Library C:\Program Files\Apoint2K\ApStick.dll (Alps Pointing-device Driver/ALPS Electric Co., Ltd.) 0x00C60000
    Library C:\Program Files\Apoint2K\ApOthers.dll (Alps Pointing-device Driver/Alps Electric Co., Ltd.) 0x00C90000
    Library C:\Program Files\Apoint2K\ApMouse.dll (Alps Pointing-device Driver/ALPS Electric Co., Ltd.) 0x00CB0000
    Library C:\Program Files\Apoint2K\EzAuto.dll (Alps pointing device extension/Alps Electric Co., Ltd.) 0x00D60000
    Library C:\Program Files\Apoint2K\ApString.dll (Alps Pointing-device Driver/Alps Electric Co., Ltd.) 0x00DE0000

    Process C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (PadTouch Main/TOSHIBA) 488
    Library C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (PadTouch Main/TOSHIBA) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Program Files\TOSHIBA\Touch and Launch\PadHook.dll (PadTouch Dll/ ) 0x10000000
    Library C:\Program Files\Alwil Software\Avast5\ashShell.dll (avast! Shell Extension/AVAST Software) 0x64E40000
    Library C:\Documents and Settings\Marie-Pierre\Application Data\Dropbox\bin\DropboxExt.13.dll (Dropbox Shell Extension/Dropbox, Inc.) 0x01370000

    Process C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (TPTray Application/COMPAL ELECTRONIC INC.) 500
    Library C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (TPTray Application/COMPAL ELECTRONIC INC.) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Program Files\TOSHIBA\TouchPad\TPECioCtl.dll 0x10000000
    Library C:\WINDOWS\system32\EBLib.dll 0x00370000
    Library C:\WINDOWS\system32\CeTPPolicy.dll (CeTPPolicy DLL/COMPAL ELECTRONIC INC.) 0x00260000

    Process C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe (TOSHIBA Accessibility Hotkey Hook/TOSHIBA) 512
    Library C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe (TOSHIBA Accessibility Hotkey Hook/TOSHIBA) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (SmoothView/TOSHIBA Corporation) 572
    Library C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (SmoothView/TOSHIBA Corporation) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Virtual Sound Taskbar Module/TOSHIBA Corporation) 588
    Library C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Virtual Sound Taskbar Module/TOSHIBA Corporation) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\WINDOWS\system32\TvsCtrl.dll (TOSHIBA Virtual Sound DLL/TOSHIBA Corporation) 0x10000000
    Library C:\Program Files\TOSHIBA\Tvs\TvsRes.dll (TOSHIBA Virtual Sound/TOSHIBA Corporation) 0x00A60000

    Process C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (CD/DVD Drive Acoustic Silencer/TOSHIBA) 604
    Library C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (CD/DVD Drive Acoustic Silencer/TOSHIBA) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Program Files\Avi Player\AviPlayer.exe 616
    Library C:\Program Files\Avi Player\AviPlayer.exe 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\system32\ctfmon.exe (CTF Loader/Microsoft Corporation) 692
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Program Files\Apoint2K\Apntex.exe (Alps Pointing-device Driver for Windows NT/2000/XP/Alps Electric Co., Ltd.) 712
    Library C:\Program Files\Apoint2K\Apntex.exe (Alps Pointing-device Driver for Windows NT/2000/XP/Alps Electric Co., Ltd.) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\WINDOWS\system32\VXDIF.DLL (Vxdif/Alps Electric Co., Ltd.) 0x10000000

    Process C:\WINDOWS\system32\winlogon.exe (Application d'ouverture de session Windows NT/Microsoft Corporation) 776
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\system32\services.exe (Applications Services et Contrôleur/Microsoft Corporation) 820
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) 832
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) 1004
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1024
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1072
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1236
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Documents and Settings\Marie-Pierre\Application Data\Dropbox\bin\Dropbox.exe 1352
    Library C:\Documents and Settings\Marie-Pierre\Application Data\Dropbox\bin\Dropbox.exe 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Documents and Settings\Marie-Pierre\Application Data\Dropbox\bin\PYTHON25.DLL (Python Core/Python Software Foundation) 0x1E000000

    Process C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Office OneNote Quick Launcher/Microsoft Corporation) 1364
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1448
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) 1504
    Library C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1532
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1724
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\WINDOWS\system32\CNMLM58.DLL (BJ Language Monitor/CANON INC.) 0x66F40000
    Library C:\WINDOWS\system32\CNMLM93.DLL (IJ Language Monitor/CANON INC.) 0x67380000
    Library C:\WINDOWS\system32\mdimon.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00DD0000
    Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD58.DLL (Canon BJ Print Processor Dispatcher/CANON INC.) 0x00F20000
    Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD93.DLL (IJ Print Processor Dispatcher/CANON INC.) 0x67200000
    Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00F30000

    Process C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (avast! Service/AVAST Software) 1804
    Library C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (avast! Service/AVAST Software) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (Common functions/AVAST Software) 0x64C80000
    Library C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll (Antivirus HW dependent library/AVAST Software) 0x64C00000
    Library C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll (Antivirus independent functions/AVAST Software) 0x64C40000
    Library C:\Program Files\Alwil Software\Avast5\ashBase.dll (Basic Functionality Module/AVAST Software) 0x64500000
    Library C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll (Antivirus engine loader/AVAST Software) 0x64BC0000
    Library C:\Program Files\Alwil Software\Avast5\1036\Base.dll (avast! French Basic Module/AVAST Software) 0x66080000
    Library C:\Program Files\Alwil Software\Avast5\ashServ.dll (avast! antivirus service/AVAST Software) 0x65080000
    Library C:\Program Files\Alwil Software\Avast5\aswAux.dll (avast! Auxiliary Library/AVAST Software) 0x64580000
    Library C:\Program Files\Alwil Software\Avast5\ashTask.dll (Task Handling Module/AVAST Software) 0x64800000
    Library C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll (avast! TaskEx library/AVAST Software) 0x647C0000
    Library C:\Program Files\Alwil Software\Avast5\aswLog.dll (avast! Log library/AVAST Software) 0x64700000
    Library C:\Program Files\Alwil Software\Avast5\aswSqLt.dll (avast! SQLite library/AVAST Software) 0x64840000
    Library C:\Program Files\Alwil Software\Avast5\aswProperty.dll (avast! Property Storage library/AVAST Software) 0x64740000
    Library C:\Program Files\Alwil Software\Avast5\Aavm4h.dll (avast! Asynchronous Virus Monitor (AAVM)/AVAST Software) 0x65000000
    Library C:\Program Files\Alwil Software\Avast5\AavmRpch.dll (avast! AAVM Remote Procedure Call Library/AVAST Software) 0x65400000
    Library C:\Program Files\Alwil Software\Avast5\aswIdle.dll (avast! Idle Hook Library/AVAST Software) 0x64A00000
    Library C:\Program Files\Alwil Software\Avast5\aswDld.dll (aswDld Dynamic Link Library/AVAST Software) 0x646C0000
    Library C:\Program Files\Alwil Software\Avast5\AhResBhv.dll (avast! Behavior Shield AAVM Provider Library/AVAST Software) 0x65920000
    Library C:\Program Files\Alwil Software\Avast5\AhResJs.dll (avast! Script Blocking AAVM Provider Library/AVAST Software) 0x65860000
    Library C:\Program Files\Alwil Software\Avast5\AhResMai.dll (avast! e-Mail Scanner AAVM Provider Library/AVAST Software) 0x65840000
    Library C:\Program Files\Alwil Software\Avast5\AhResMes.dll (avast! Messenger scanner AAVM Provider Library/AVAST Software) 0x65880000
    Library C:\Program Files\Alwil Software\Avast5\AhResNS.dll (avast! Network Shield AAVM Provider Library/AVAST Software) 0x658C0000
    Library C:\Program Files\Alwil Software\Avast5\AhResP2P.dll (avast! P2P Shield AAVM Provider Library/AVAST Software) 0x658A0000
    Library C:\Program Files\Alwil Software\Avast5\AhResStd.dll (avast! Standard Shield AAVM Provider Library/AVAST Software) 0x65800000
    Library C:\Program Files\Alwil Software\Avast5\AhResWS.dll (avast! HTTP Scanner AAVM Provider Library/AVAST Software) 0x658E0000
    Library C:\Program Files\Alwil Software\Avast5\defs\11051701\aswEngin.dll (High level antivirus engine/AVAST Software) 0x08470000
    Library C:\Program Files\Alwil Software\Avast5\defs\11051701\aswCmnOS.dll (Antivirus HW dependent library/AVAST Software) 0x061D0000
    Library C:\Program Files\Alwil Software\Avast5\defs\11051701\aswCmnIS.dll (Antivirus independent functions/AVAST Software) 0x06200000
    Library C:\Program Files\Alwil Software\Avast5\defs\11051701\aswCmnBS.dll (Common functions/AVAST Software) 0x06240000
    Library C:\Program Files\Alwil Software\Avast5\defs\11051701\aswScan.dll (Low level antivirus engine/AVAST Software) 0x065C0000
    Library C:\Program Files\Alwil Software\Avast5\defs\11051701\algo.dll 0x085A0000

    Process C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (Service of ConfigFree./TOSHIBA CORPORATION) 1908
    Library C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (Service of ConfigFree./TOSHIBA CORPORATION) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll (ConfigFree(TM) API/TOSHIBA CORPORATION) 0x10000000
    Library C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll (TCP/IP API for ConfigFree./TOSHIBA CORPORATION) 0x00370000

    Process C:\WINDOWS\system32\DVDRAMSV.exe (Service of RAMAsst for Windows XP/Matsushita Electric Industrial Co., Ltd.) 1964
    Library C:\WINDOWS\system32\DVDRAMSV.exe (Service of RAMAsst for Windows XP/Matsushita Electric Industrial Co., Ltd.) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Program Files\Fichiers communs\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe (Emma Device Management Service/Sony Ericsson Mobile Communications) 1984
    Library C:\Program Files\Fichiers communs\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe (Emma Device Management Service/Sony Ericsson Mobile Communications) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Program Files\Fichiers communs\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe (Emma Update Management Service/Sony Ericsson Mobile Communications) 1996
    Library C:\Program Files\Fichiers communs\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe (Emma Update Management Service/Sony Ericsson Mobile Communications) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (EPSON Printer Status Agent/SEIKO EPSON CORPORATION) 2008
    Library C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (EPSON Printer Status Agent/SEIKO EPSON CORPORATION) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\WINDOWS\system32\EBAPI2.DLL (EBAPI for Consumer/SEIKO EPSON CORPORATION) 0x10000000
    Library C:\Program Files\Fichiers communs\EPSON\EBAPI\EBPLPT.DLL (LPT Bidirectional Provier/SEIKO EPSON CORPORATION) 0x010C0000

    Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 2148
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\WINDOWS\System32\strmfilt.dll (Stream Filter Library/Microsoft Corporation) 0x5A1F0000

    Process C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) 2172
    Library C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000
    Library C:\PROGRA~1\FICHIE~1\SYSTEM\MSMAPI\1036\MSMAPI32.DLL (Extended MAPI 1.0 for Windows NT/Microsoft Corporation) 0x35F70000

    Process C:\WINDOWS\system32\PnkBstrA.exe 2228
    Library C:\WINDOWS\system32\PnkBstrA.exe 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\system32\PnkBstrB.exe 2432
    Library C:\WINDOWS\system32\PnkBstrB.exe 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Program Files\Alwil Software\Avast5\AvastUI.exe (avast! Antivirus/AVAST Software) 2492
    Library C:\Program Files\Alwil Software\Avast5\AvastUI.exe (avast! Antivirus/AVAST Software) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\aswUtil.dll (avast! Utility library/AVAST Software) 0x64780000
    Library C:\Program Files\Alwil Software\Avast5\ashBase.dll (Basic Functionality Module/AVAST Software) 0x64500000
    Library C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll (Antivirus engine loader/AVAST Software) 0x64BC0000
    Library C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll (Antivirus HW dependent library/AVAST Software) 0x64C00000
    Library C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll (Antivirus independent functions/AVAST Software) 0x64C40000
    Library C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (Common functions/AVAST Software) 0x64C80000
    Library C:\Program Files\Alwil Software\Avast5\ashTask.dll (Task Handling Module/AVAST Software) 0x64800000
    Library C:\Program Files\Alwil Software\Avast5\aswAux.dll (avast! Auxiliary Library/AVAST Software) 0x64580000
    Library C:\Program Files\Alwil Software\Avast5\aswLog.dll (avast! Log library/AVAST Software) 0x64700000
    Library C:\Program Files\Alwil Software\Avast5\aswSqLt.dll (avast! SQLite library/AVAST Software) 0x64840000
    Library C:\Program Files\Alwil Software\Avast5\aswProperty.dll (avast! Property Storage library/AVAST Software) 0x64740000
    Library C:\Program Files\Alwil Software\Avast5\1036\Base.dll (avast! French Basic Module/AVAST Software) 0x66080000
    Library C:\Program Files\Alwil Software\Avast5\aswData.dll (avast! UI Layer library/AVAST Software) 0x64680000
    Library C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll (avast! TaskEx library/AVAST Software) 0x647C0000
    Library C:\Program Files\Alwil Software\Avast5\Aavm4h.dll (avast! Asynchronous Virus Monitor (AAVM)/AVAST Software) 0x65000000
    Library C:\Program Files\Alwil Software\Avast5\AavmRpch.dll (avast! AAVM Remote Procedure Call Library/AVAST Software) 0x65400000
    Library C:\Program Files\Alwil Software\Avast5\1036\UILangRes.dll (UILangRes/AVAST Software) 0x660C0000
    Library C:\Program Files\Alwil Software\Avast5\CommonRes.dll (Common UI resources/AVAST Software) 0x66100000
    Library C:\WINDOWS\system32\l3codeca.acm (MPEG Layer-3 Audio Codec for MSACM/Fraunhofer Institut Integrierte Schaltungen IIS) 0x58640000

    Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 2588
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WD Drive Manager Service/WDC) 2636
    Library C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WD Drive Manager Service/WDC) 0x00400000
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\WINDOWS\system32\wbem\wmiapsrv.exe (Service de la carte de performance WMI/Microsoft Corporation) 3012
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    Process C:\Documents and Settings\Marie-Pierre\Bureau\ivzgqu3o.exe 3068
    Library C:\Documents and Settings\Marie-Pierre\Bureau\ivzgqu3o.exe 0x00400000

    Process C:\WINDOWS\system32\wscntfy.exe (Windows Security Center Notification App/Microsoft Corporation) 3672
    Library C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) 0x64D00000

    ---- Services - GMER 1.0.15 ----

    Service (avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP/AVAST Software) [SYSTEM] Aavmker4
    Service C:\WINDOWS\system32\DRIVERS\AGRSM.sys (SoftModem Device Driver/Agere Systems) [MANUAL] AgereSoftModem
    Service C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek AC'97 Audio Driver (WDM)/Realtek Semiconductor Corp.) [MANUAL] ALCXWDM
    Service C:\WINDOWS\system32\DRIVERS\Apfiltr.sys (Alps Pointing-device Driver/Alps Electric Co., Ltd.) [MANUAL] ApfiltrService
    Service C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) [AUTO] Apple Mobile Device
    Service C:\WINDOWS\system32\DRIVERS\ar5211.sys (Driver for Atheros AR5001 Wireless Network Adapter/Atheros Communications, Inc.) [MANUAL] AR5211
    Service (avast! File System Access Blocking Driver/AVAST Software) [AUTO] aswFsBlk
    Service (avast! File System Filter Driver for Windows XP/AVAST Software) [AUTO] aswMon2
    Service (avast! TDI RDR Driver/AVAST Software) [SYSTEM] aswRdr
    Service (avast! Virtualization Driver/AVAST Software) [SYSTEM] aswSnx
    Service (avast! self protection module/AVAST Software) [SYSTEM] aswSP
    Service (avast! TDI Filter Driver/AVAST Software) [SYSTEM] aswTdi
    Service C:\WINDOWS\system32\DRIVERS\atksgt.sys [AUTO] atksgt
    Service C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (avast! Service/AVAST Software) [AUTO] avast! Antivirus
    Service C:\WINDOWS\system32\DRIVERS\Camdrl.sys (Universal Serial Bus Camera Driver/Logitech Inc.) [MANUAL] CamDrL
    Service C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp\catchme.sys [MANUAL] catchme
    Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (Service of ConfigFree./TOSHIBA CORPORATION) [AUTO] CFSvcs
    Service C:\WINDOWS\system32\drivers\drvmcdb.sys (Device Driver/Sonic Solutions) [BOOT] drvmcdb
    Service drvncdb
    Service C:\WINDOWS\system32\drivers\drvnddm.sys (Device Driver Manager/Sonic Solutions) [AUTO] drvnddm
    Service C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys (DAEMON Tools Virtual Bus Driver/DT Soft Ltd) [SYSTEM] dtsoftbus01
    Service C:\WINDOWS\system32\DVDRAMSV.exe (Service of RAMAsst for Windows XP/Matsushita Electric Industrial Co., Ltd.) [AUTO] DVD-RAM_Service
    Service C:\Program Files\Fichiers communs\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe (Emma Device Management Service/Sony Ericsson Mobile Communications) [AUTO] EmmaDevMgmtSvc
    Service C:\Program Files\Fichiers communs\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe (Emma Update Management Service/Sony Ericsson Mobile Communications) [AUTO] EmmaUpdMgmtSvc
    Service C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (EPSON Printer Status Agent/SEIKO EPSON CORPORATION) [AUTO] EPSONStatusAgent2
    Service C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) [MANUAL] GEARAspiWDM
    Service C:\WINDOWS\system32\DRIVERS\ggflt.sys (SEMC USB Flash Driver Filter/Sony Ericsson Mobile Communications) [MANUAL] ggflt
    Service C:\WINDOWS\system32\DRIVERS\ggsemc.sys (SEMC USB Flash Driver/Sony Ericsson Mobile Communications) [MANUAL] ggsemc
    Service C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Graphics Miniport Driver/Intel Corporation) [MANUAL] ialm
    Service C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (32-bit)/Apple Inc.) [MANUAL] iPod Service
    Service C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) [AUTO] JavaQuickStarterService
    Service C:\WINDOWS\system32\drivers\libusb0.sys (LibUSB-Win32 - Kernel Driver/http://libusb-win32.sourceforge.net) [MANUAL] libusb0
    Service C:\WINDOWS\system32\DRIVERS\lirsgt.sys [AUTO] lirsgt
    Service C:\WINDOWS\system32\drivers\LVUSBSta.sys (USB Statistic Driver/Logitech Inc.) [MANUAL] LVUSBSta
    Service C:\WINDOWS\System32\Drivers\meiudf.sys (DVD-RAM UDF File System Driver/Matsushita Electric Industrial Co.,Ltd.) [SYSTEM] meiudf
    Service MSDTC Bridge 3.0.0.0
    Service C:\WINDOWS\system32\DRIVERS\netdevio.sys (Network Device Usermode I/O protocol/TOSHIBA Corporation.) [AUTO] Netdevio
    Service Outlook
    Service C:\WINDOWS\system32\PnkBstrA.exe [AUTO] PnkBstrA
    Service C:\WINDOWS\system32\PnkBstrB.exe [AUTO] PnkBstrB
    Service C:\WINDOWS\System32\drivers\prodrv04.sys (Star Force copy protection driver/Protection Technology Co.) [SYSTEM] prodrv04
    Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
    Service C:\WINDOWS\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20
    Service C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys (Realtek 10/100/1000 NDIS 5.1 Driver /Realtek Semiconductor Corporation ) [MANUAL] RTL8023xp
    Service C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek RTL8139 NDIS 5.0 Driver/Realtek Semiconductor Corporation) [MANUAL] rtl8139
    Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv
    Service C:\WINDOWS\system32\DRIVERS\seehcri.sys (seehcri Driver/Sony Ericsson Mobile Communications) [MANUAL] seehcri
    Service C:\WINDOWS\system32\drivers\EPIOMngr.sys (IoManager Application/COMPAL ELECTRONIC INC.) [SYSTEM] SerTVOutCtlr
    Service ServiceModelEndpoint 3.0.0.0
    Service ServiceModelOperation 3.0.0.0
    Service ServiceModelService 3.0.0.0
    Service C:\WINDOWS\system32\DRIVERS\smcirda.sys (SMSC IrCC NDIS 5.0 IrDA FIR Device Driver/SMSC) [MANUAL] SMCIRDA
    Service SMSvcHost 3.0.0.0
    Service C:\WINDOWS\System32\Drivers\sptd.sys [BOOT] sptd
    Service C:\WINDOWS\System32\Drivers\EKIoMngr.sys (IoManager Application/COMPAL ELECTRONIC INC.) [SYSTEM] SrvcEKIOMngr
    Service C:\WINDOWS\System32\Drivers\SSIoMngr.sys (IoManager Application/COMPAL ELECTRONIC INC.) [SYSTEM] SrvcSSIOMngr
    Service C:\WINDOWS\system32\drivers\sscdbhk5.sys (Shared Driver Component/Sonic Solutions) [SYSTEM] sscdbhk5
    Service C:\WINDOWS\system32\drivers\ssrtln.sys (Shared Driver Component/Sonic Solutions) [SYSTEM] ssrtln
    Service C:\Program Files\TOSHIBA\Accessibility\StickyMesger.sys [SYSTEM] StickyMesger
    Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip
    Service C:\WINDOWS\system32\dla\tfsnboio.sys (Drive Letter Access Component/Sonic Solutions) [AUTO] tfsnboio
    Service C:\WINDOWS\system32\dla\tfsncofs.sys (Drive Letter Access Component/Sonic Solutions) [AUTO] tfsncofs
    Service C:\WINDOWS\system32\dla\tfsndrct.sys (Drive Letter Access Component/Sonic Solutions) [AUTO] tfsndrct
    Service C:\WINDOWS\system32\dla\tfsndres.sys (Drive Letter Access Component/Sonic Solutions) [AUTO] tfsndres
    Service C:\WINDOWS\system32\dla\tfsnifs.sys (Drive Letter Access Component/Sonic Solutions) [AUTO] tfsnifs
    Service C:\WINDOWS\system32\dla\tfsnopio.sys (Drive Letter Access Component/Sonic Solutions) [AUTO] tfsnopio
    Service C:\WINDOWS\system32\dla\tfsnpool.sys (Drive Letter Access Component/Sonic Solutions) [AUTO] tfsnpool
    Service C:\WINDOWS\system32\dla\tfsnudf.sys (Drive Letter Access Component/Sonic Solutions) [AUTO] tfsnudf
    Service C:\WINDOWS\system32\dla\tfsnudfa.sys (Drive Letter Access Component/Sonic Solutions) [AUTO] tfsnudfa
    Service C:\WINDOWS\system32\drivers\tifm21.sys (tifm21.sys/Texas Instruments) [MANUAL] tifm21
    Service [MANUAL] TlntSvr
    Service C:\WINDOWS\System32\Drivers\TPwSav.sys (IO Driver For TOSHIBA Power Saver/TOSHIBA ) [SYSTEM] TPwSav
    Service C:\WINDOWS\system32\DRIVERS\Tvs.sys (TOSHIBA Audio Filter Driver/TOSHIBA Corporation) [MANUAL] Tvs
    Service C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple Mobile Device USB Driver/Apple, Inc.) [MANUAL] USBAAPL
    Service C:\WINDOWS\system32\DRIVERS\w29n51.sys (Intel® Wireless LAN Driver/Intel® Corporation) [MANUAL] w29n51
    Service C:\WINDOWS\system32\DRIVERS\wdcsam.sys (WD SCSI Architecture Model (SAM) driver/Western Digital Technologies) [MANUAL] WDC_SAM
    Service C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WD Drive Manager Service/WDC) [AUTO] WDDMService
    Service C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (WDSmartWareBackgroundService/Memeo) [AUTO] WDSmartWareBackgroundService
    Service Windows Workflow Foundation 3.0.0.0

    ---- EOF - GMER 1.0.15 ----




    N.B : De plus, depuis tout a l'heure Avast me détecte des fichiers inféctés, alors que cela ne lui était jamais arrivé... :) 
    18 Mai 2011 18:33:38

    Bonjour
    On va regarder de plus près...

    Télécharge SystemLook à partir d'un des liens ci dessous sur ton Bureau.
    http://jpshortstuff.247fixes.com/SystemLook.exe

    * Double-click SystemLook.exe pour le lancer.
    * Clic droit/copier le contenu du cadre ci dessous ,et clic droit/coller dans le cadre blanc de SystemLook:

    :filefind
    svchost.exe


    * Click le bouton Look pour commencer le scan.
    * Laisse l'outil travailler, cela peut prendre quelques minutes.
    * Copie-colle dans ta prochaine réponse le rapport\contenu du fichier texte qui s'affiche

    Note: Le rapport peut aussi être trouvé sur ton Bureau nommé SystemLook.txt

    ++++++++++++++


    Poste moi un rapport de scan avast stp.
    18 Mai 2011 20:11:33

    Voila le rapport de SystemLook :

    SystemLook 04.09.10 by jpshortstuff
    Log created at 20:07 on 18/05/2011 by Marie-Pierre
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "svchost.exe"
    C:\WINDOWS\ERDNT\cache\svchost.exe --a---- 14336 bytes [21:39 15/05/2011] [11:00 05/08/2004] 1BD6C2F707A275CB7C16FD99FE0F31CA
    C:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\svchost.exe --a--c- 14336 bytes [02:34 14/04/2008] [02:34 14/04/2008] E4BDF223CD75478BF44567B4D5C2634D
    C:\WINDOWS\system32\svchost.exe --a---- 14336 bytes [07:07 17/03/2005] [11:00 05/08/2004] 1BD6C2F707A275CB7C16FD99FE0F31CA

    -= EOF =-


    Je commence mon scan avast
    5 Juin 2011 16:50:32

    Je suis désolé du retard, j'étais en vacances.. :) 
    Alors mon scan Avast n'a détecté aucun virus, mon probleme de redirection est résolu, je te remercie !
    Par contre en ce qui concerne cette histoire de processus svchost je ne comprends pas, j'ai maintenant en permanence ce processus qui tourne, il monopolise en permanence 200 000Ko dans l'utilisation de la mémoire et mon UC est souvent bloqué aux alentours de 70% alors qu'il tournait a 5% auparavant..

    En tout cas merci de ton aide.

    P.S : ce probleme est apparu lorsque j'ai installé la derniere version de Firefox 4.0 et google chrome, j'ai depuis réinstaller la version 3.0 et désinstaller google chrome meme si je suppose qu'il n'y a pas de lien..
    5 Juin 2011 23:00:20

    Bonsoir
    Citation :
    P.S : ce probleme est apparu lorsque j'ai installé la derniere version de Firefox 4.0 et google chrome, j'ai depuis réinstaller la version 3.0 et désinstaller google chrome meme si je suppose qu'il n'y a pas de lien..

    Désinstalle cette version pour voir si c'est lié.
    Il me semble avoir lu ça quelque part mais je me souviens plus où. :/ 
    6 Juin 2011 13:28:58

    Bonjour,
    J'ai désinstaller mozilla, rien ne change si ce n'est que mon ordinateur rame encore plus avec IE..
    Ce processus svchost est étrange, lorsque j'allume mon ordinateur, il ne prend pas beaucoup de place, puis au fur et à mesure de mon utilisation il gonfle jusqu'a m'empecher completement l'utilisation de mon ordi, je suis alors obligé de redemarrer..
    6 Juin 2011 21:49:48

    Bonsoir
    ça bricolerait pas depuis l'installation d'avast 5 par hasard... :whistle: 
    9 Juin 2011 20:21:50

    Haha, comment peux-tu deviner ?
    J'ai effectivement fait la mise a jour Avast il n'y a pas longtemps..
    Une solution ? :) 
    9 Juin 2011 22:03:20

    Ok, et bien voila, j'ai changé d'AV..
    Je pense que nous arrivons à la fin de mes problèmes ?! j'en profite pour te dire que le nouvel AV n'a pas trouvé de virus.. :) 
    En tout cas, merci beaucoup pour ton aide et pour ton temps !

    Jonathan
    10 Juin 2011 21:42:23

    cool :o 



    Supprime/Désinstalle tous les programmes utilisés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!


    ~Clique, sur ton premier message, sur le bouton "Editer" et marque [résolu] dans le titre.

    Clique ensuite sur "Valider votre message"

    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 

    +++
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS