Se connecter / S'enregistrer
Votre question

Malwares détectés avec MBAM [résolu]

Tags :
  • Virus
  • Anti malware
  • Sécurité
Dernière réponse : dans Sécurité et virus
5 Décembre 2011 07:21:36

Bonjour à tous,

Suite à un changement de PC donc reconnexion de mes vieux disques durs externes pour remettre mes sauvegardes sur le nouveau, j'ai été alerté par Avira Antivir d'une tentative d'intrusion, que j'ai évidemment bloqué.
A la suite de cela, j'ai donc fait un scan complet de mes disques dur internes et externes avec MalwareBytes Anti Malware.
Il a trouvé 7 nuisibles.

Dois-je vérifier qu'il n'y a rien d'autre ? Est-ce bon après ce passage ?

Voici le rapport ainsi qu'un rapport HiJack This en dessous
MBAM
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 8311

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

05/12/2011 01:30:45
mbam-log-2011-12-05 (01-30-45).txt

Type d'examen: Examen complet (C:\|E:\|G:\|H:\|)
Elément(s) analysé(s): 585604
Temps écoulé: 48 minute(s), 9 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
g:\system volume information\_restore{d1442000-d2bf-415b-b6f6-b49d1ccd16c7}\RP78\A0011550.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
g:\system volume information\_restore{d1442000-d2bf-415b-b6f6-b49d1ccd16c7}\RP103\A0022028.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\Users\Vincent\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Vincent\AppData\Local\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Vincent\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Vincent\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.

HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:20:32, on 05/12/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\CTHELPER.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\hijack\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1711858444-2453988907-2872363982-1000\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User 'Vincent')
O4 - HKUS\S-1-5-21-1711858444-2453988907-2872363982-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1711858444-2453988907-2872363982-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://www.ma-config.com/plugins/MaConfig_5_2_2_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/curre...
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Cobian Backup 10 (CobianBackup10) - Luis Cobian, CobianSoft - C:\Program Files (x86)\Cobian Backup 10\cbService.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Look 'n' Stop Service (lnssvcVista) - Soft4Ever - C:\Program Files\Soft4Ever\looknstop\LnsSvcVista.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 21551 bytes

Autres pages sur : malwares detectes mbam

5 Décembre 2011 19:25:16

Bonsoir
on va vérifier:

Télécharge DDS de sUBs sur ton bureau.
L'outil ne nécessite pas d'installation.

Lance-le en cliquant sur l'icône dds.scr:

Cette fenêtre DOS va apparaitre:



Le scan ne doit pas dépasser trois minutes.

Deux rapports seront générés, Enregistre les rapports DDS.txt et Attach.txt.



Poste le rapport DDS.txt, tu ne fourniras le rapport Attach.txt que s'il t'est demandé.


<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**

++
5 Décembre 2011 19:38:25

Et voilà DDS.txt (je voulais l'envoyer sur Cijoint.fr mais le site semble être down).

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Admin at 19:32:55 on 2011-12-05
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8162.6699 [GMT 1:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
FW: Look 'n' Stop Firewall *Enabled* {E26CE775-4C82-5170-9BEE-E4E4E35B4E07}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Soft4Ever\looknstop\LnsSvcVista.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Cobian Backup 10\cbService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\CTHELPER.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://www.ma-config.com/plugins/MaConfig_5_2_2_0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
TCP: Interfaces\{0B897BF5-0C21-402D-92D7-F0BAABEE94BF} : DhcpNameServer = 212.27.40.240 212.27.40.241
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun-x64: [CTHelper] CTHELPER.EXE
mRun-x64: [CTxfiHlp] CTXFIHLP.EXE
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
mRun-x64: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2hc49zxo.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files\ma-config.com\nphardwaredetection.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 lnsfw1;lnsfw1;C:\Windows\system32\drivers\lnsfw1.sys --> C:\Windows\system32\drivers\lnsfw1.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-2 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-12-2 269480]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe [2011-12-2 67584]
R2 CobianBackup10;Cobian Backup 10;C:\Program Files (x86)\Cobian Backup 10\cbService.exe [2011-12-2 1125376]
R2 lnssvcVista;Look 'n' Stop Service;C:\Program Files\Soft4Ever\looknstop\LnsSvcVista.exe -r --> C:\Program Files\Soft4Ever\looknstop\LnsSvcVista.exe -r [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2011-12-4 2348864]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-23 381248]
R3 automap;Automap MIDI Driver;C:\Windows\system32\DRIVERS\automap.sys --> C:\Windows\system32\DRIVERS\automap.sys [?]
R3 COMMONFX.SYS;COMMONFX.SYS;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
R3 CTEDSPIO.SYS;CTEDSPIO.SYS;C:\Windows\system32\drivers\CTEDSPIO.SYS --> C:\Windows\system32\drivers\CTEDSPIO.SYS [?]
R3 CTEDSPSY.SYS;CTEDSPSY.SYS;C:\Windows\system32\drivers\CTEDSPSY.SYS --> C:\Windows\system32\drivers\CTEDSPSY.SYS [?]
R3 lnsfw;Look 'n' Stop Driver;C:\Windows\system32\DRIVERS\lnsfw.sys --> C:\Windows\system32\DRIVERS\lnsfw.sys [?]
R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 COMMONFX;COMMONFX;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
S3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
S3 CTAUDFX.SYS;CTAUDFX.SYS;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
S3 CTAUDFX;CTAUDFX;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
S3 CTEAPSFX.SYS;CTEAPSFX.SYS;C:\Windows\system32\drivers\CTEAPSFX.SYS --> C:\Windows\system32\drivers\CTEAPSFX.SYS [?]
S3 CTEAPSFX;CTEAPSFX;C:\Windows\system32\drivers\CTEAPSFX.SYS --> C:\Windows\system32\drivers\CTEAPSFX.SYS [?]
S3 CTEDSPFX.SYS;CTEDSPFX.SYS;C:\Windows\system32\drivers\CTEDSPFX.SYS --> C:\Windows\system32\drivers\CTEDSPFX.SYS [?]
S3 CTEDSPFX;CTEDSPFX;C:\Windows\system32\drivers\CTEDSPFX.SYS --> C:\Windows\system32\drivers\CTEDSPFX.SYS [?]
S3 CTEDSPIO;CTEDSPIO;C:\Windows\system32\drivers\CTEDSPIO.SYS --> C:\Windows\system32\drivers\CTEDSPIO.SYS [?]
S3 CTEDSPSY;CTEDSPSY;C:\Windows\system32\drivers\CTEDSPSY.SYS --> C:\Windows\system32\drivers\CTEDSPSY.SYS [?]
S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\Windows\system32\drivers\CTERFXFX.SYS --> C:\Windows\system32\drivers\CTERFXFX.SYS [?]
S3 CTERFXFX;CTERFXFX;C:\Windows\system32\drivers\CTERFXFX.SYS --> C:\Windows\system32\drivers\CTERFXFX.SYS [?]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
S3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
S3 CTSBLFX.SYS;CTSBLFX.SYS;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
S3 CTSBLFX;CTSBLFX;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
S3 driverhardwarev2x64;driverhardwarev2x64;C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-7-21 16640]
S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\x64\maconfservice.exe [2011-11-14 427640]
S3 NvnUsbAudio;Novation USB Audio Driver;C:\Windows\system32\DRIVERS\nvnusbaudio.sys --> C:\Windows\system32\DRIVERS\nvnusbaudio.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-12-05 06:19:22 -------- d-----w- C:\Program Files (x86)\hijack
2011-12-04 23:25:20 -------- d-----w- C:\Users\Admin\AppData\Roaming\Malwarebytes
2011-12-04 23:24:31 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-04 23:24:27 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-04 23:24:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-04 23:15:07 -------- d-----w- C:\Program Files (x86)\Cycling '74
2011-12-04 23:11:30 710496 ----a-w- C:\Program Files (x86)\Uninstall Information\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}\unins000.exe
2011-12-04 22:57:40 20824 ----a-w- C:\Windows\System32\nvnusbaudio_coinst.dll
2011-12-04 22:57:40 -------- d-----w- C:\Program Files\Novation
2011-12-04 22:57:09 -------- d-----w- C:\Program Files (x86)\Novation
2011-12-04 18:48:21 -------- d-----w- C:\Program Files\Sony
2011-12-04 18:43:50 -------- d-----w- C:\Users\Admin\AppData\Local\Mozilla
2011-12-04 13:36:10 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-12-04 13:26:33 -------- d-----w- C:\ProgramData\ma-config.com
2011-12-04 13:26:33 -------- d-----w- C:\Program Files\ma-config.com
2011-12-04 13:13:49 -------- d-----w- C:\Windows\SysWow64\spool
2011-12-04 13:10:47 -------- d-----w- C:\Users\Admin\AppData\Roaming\Sony Creative Software Inc
2011-12-04 13:10:42 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2011-12-04 13:06:41 -------- d-----w- C:\Users\Admin\AppData\Roaming\NVIDIA
2011-12-04 10:12:33 158056 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin
2011-12-03 14:32:52 -------- d-----w- C:\Users\Admin\AppData\Roaming\Daichi
2011-12-03 14:32:51 -------- d-----w- C:\Users\Admin\AppData\Roaming\Keolab
2011-12-03 14:32:01 -------- d-----w- C:\Users\Admin\AppData\Roaming\MSPS
2011-12-03 12:39:58 -------- d-----w- C:\Users\Admin\AppData\Local\Focusrite_Audio_Engineeri
2011-12-03 12:37:04 -------- d-----w- C:\Users\Admin\AppData\Roaming\Ableton
2011-12-03 12:35:41 -------- d-----w- C:\Users\Admin\AppData\Local\Novation
2011-12-03 12:29:24 -------- d-----w- C:\Users\Admin\AppData\Roaming\EmuPatchMixDSP
2011-12-03 12:29:24 -------- d-----w- C:\Users\Admin\AppData\Local\looknstop
2011-12-03 12:29:06 -------- d-----w- C:\Users\Admin\AppData\Local\VirtualStore
2011-12-02 22:46:22 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Professional
2011-12-02 22:45:23 -------- d-----w- C:\ProgramData\Propellerhead Software
2011-12-02 22:05:19 692575 ----a-w- C:\Program Files (x86)\Uninstall Information\{ABAF1232-6213-4062-9D52-04E04A730CEA}\unins000.exe
2011-12-02 21:34:32 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-12-02 21:21:35 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2011-12-02 20:42:55 -------- d-----w- C:\Windows\Panther
2011-12-02 20:42:42 -------- d-sh--w- C:\Boot
2011-12-02 20:11:40 -------- d-----w- C:\Program Files (x86)\IK Multimedia
2011-12-02 20:10:29 -------- d-----w- C:\ProgramData\IK Multimedia
2011-12-02 20:02:47 -------- d-----w- C:\Users\Admin\AppData\Local\Apps
2011-12-02 20:02:46 -------- d-----w- C:\Users\Admin\AppData\Local\Deployment
2011-12-02 19:37:31 -------- d-----w- C:\Users\Admin\AppData\Local\Sony
2011-12-02 19:37:31 -------- d-----w- C:\Program Files (x86)\Sony
2011-12-02 19:20:36 839680 ----a-w- C:\Windows\SysWow64\lameACM.acm
2011-12-02 19:20:36 216064 ----a-w- C:\Windows\SysWow64\lagarith.dll
2011-12-02 19:20:36 175616 ----a-w- C:\Windows\SysWow64\unrar.dll
2011-12-02 19:20:36 151552 ----a-w- C:\Windows\SysWow64\ac3acm.acm
2011-12-02 19:20:35 74752 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2011-12-02 19:20:35 650752 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2011-12-02 19:20:35 630784 ----a-w- C:\Windows\SysWow64\vp7vfw.dll
2011-12-02 19:20:35 243200 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
2011-12-02 19:20:34 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2011-12-02 19:12:02 -------- d-----w- C:\Users\Admin\AppData\Roaming\uTorrent
2011-12-02 19:12:02 -------- d-----w- C:\Program Files (x86)\uTorrent
2011-12-02 18:55:13 -------- d-----w- C:\Program Files (x86)\Unlocker
2011-12-02 18:53:54 370176 ----a-w- C:\Windows\SysWow64\BlueCtrl.dll
2011-12-02 18:53:54 207360 ----a-w- C:\Windows\BlueRem.exe
2011-12-02 18:53:54 -------- d-----w- C:\Windows\SysWow64\digilogue
2011-12-02 18:40:33 -------- d-----w- C:\ProgramData\Wave Arts
2011-12-02 18:30:34 -------- d-----r- C:\Samples
2011-12-02 18:03:28 -------- d-----w- C:\Program Files (x86)\Vstplugins
2011-12-02 18:01:05 101376 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2011-12-02 17:57:01 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-12-02 17:56:27 53080 ----a-w- C:\Windows\System32\drivers\nvnusbaudio.sys
2011-12-02 17:55:50 19800 ----a-w- C:\Windows\System32\drivers\automap.sys
2011-12-02 17:39:36 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-12-02 17:39:35 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-12-02 17:39:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-12-02 17:39:35 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-12-02 17:39:35 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-12-02 16:56:00 -------- d-----w- C:\Users\Admin\AppData\Local\Safe mirror
2011-12-02 16:53:22 82784 ----a-w- C:\Windows\System32\drivers\lnsfw1.sys
2011-12-02 16:53:22 66400 ----a-w- C:\Windows\System32\drivers\lnsfw.sys
2011-12-02 16:53:22 47104 ----a-w- C:\Windows\System32\fwapi.dll
2011-12-02 16:53:13 -------- d-----w- C:\Program Files\Soft4Ever
2011-12-02 16:47:48 -------- d-----w- C:\Program Files (x86)\Soft4Ever
2011-12-02 16:45:28 -------- d-----w- C:\Program Files (x86)\WinAce
2011-12-02 16:43:13 279616 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2011-12-02 16:43:10 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2011-12-02 16:40:24 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2011-12-02 16:36:08 -------- d-----w- C:\Program Files\CCleaner
2011-12-02 16:33:54 -------- d-----w- C:\ProgramData\Ableton
2011-12-02 16:32:50 368640 ----a-w- C:\Windows\SysWow64\ReWire.dll
2011-12-02 16:32:50 233472 ----a-w- C:\Windows\SysWow64\REX Shared Library.dll
2011-12-02 16:31:43 -------- d-----w- C:\Program Files (x86)\Ableton
2011-12-02 16:18:32 87040 ----a-w- C:\Windows\System32\pdfcmnnt.dll
2011-12-02 16:18:32 662288 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX
2011-12-02 16:18:32 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX
2011-12-02 16:18:32 1071088 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2011-12-02 16:18:31 59904 ----a-w- C:\Windows\SysWow64\MSCC2FR.DLL
2011-12-02 16:18:31 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL
2011-12-02 16:18:31 141312 ----a-w- C:\Windows\SysWow64\MSCMCFR.DLL
2011-12-02 16:18:31 119568 ----a-w- C:\Windows\SysWow64\VB6FR.DLL
2011-12-02 16:18:31 -------- d-----w- C:\Program Files (x86)\PDFCreator
2011-12-02 16:17:08 -------- d-----w- C:\Windows\SysWow64\Adobe
2011-12-02 15:48:30 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-12-02 15:47:42 -------- d-----w- C:\Windows\SysWow64\Wat
2011-12-02 15:47:40 -------- d-----w- C:\Windows\System32\Wat
2011-12-02 15:46:38 -------- d-----w- C:\Program Files (x86)\foobar2000
2011-12-02 15:41:43 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2011-12-02 15:41:42 -------- d-----w- C:\Windows\System32\wbem\en-US
2011-12-02 15:33:53 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-12-02 15:31:14 88288 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-12-02 15:31:14 -------- d-----w- C:\ProgramData\Avira
2011-12-02 15:31:14 -------- d-----w- C:\Program Files (x86)\Avira
2011-12-02 15:30:22 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-12-02 15:30:19 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D2930B1-F767-4FB3-B90B-AD9B60461BEA}\mpengine.dll
2011-12-02 15:27:35 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-12-02 15:27:35 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-12-02 15:22:59 642944 ----a-w- C:\Windows\System32\winload.efi
2011-12-02 15:19:58 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-12-02 15:19:58 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-12-02 15:19:58 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-12-02 15:08:33 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2011-12-02 15:08:33 539240 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2011-12-02 15:07:34 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2011-12-02 15:07:20 -------- d-----w- C:\Windows\PCHEALTH
2011-12-02 15:07:02 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2011-12-02 15:06:54 56600 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2011-12-02 15:06:41 95744 ----a-w- C:\Windows\System32\drivers\nusb3hub.sys
2011-12-02 15:06:41 90472 ----a-w- C:\Windows\System32\nusb3co2.dll
2011-12-02 15:06:41 212992 ----a-w- C:\Windows\System32\drivers\nusb3xhc.sys
2011-12-02 15:02:52 9622848 ----a-w- C:\Windows\System32\nvwgf2umx.dll
2011-12-02 15:02:52 1726272 ----a-w- C:\Windows\System32\nvdispco64.dll
2011-12-02 15:02:52 1466176 ----a-w- C:\Windows\System32\nvgenco64.dll
2011-12-02 15:02:52 1452648 ----a-w- C:\Windows\System32\nvhdagenco6420102.dll
2011-12-02 15:02:14 -------- d-----w- C:\NVIDIA
2011-12-02 14:56:27 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-02 14:41:45 -------- d-----w- C:\Program Files (x86)\Creative Professional
2011-12-02 14:41:40 86016 ----a-w- C:\Windows\SysWow64\cttele.dll
2011-12-02 14:41:40 431104 ----a-w- C:\Windows\System32\wrap_oal.dll
2011-12-02 14:41:40 409600 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2011-12-02 14:41:40 136192 ----a-w- C:\Windows\System32\OpenAL32.dll
2011-12-02 14:41:40 114688 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2011-12-02 14:24:53 -------- d-----w- C:\Program Files (x86)\Renesas Electronics
2011-12-02 14:24:27 -------- d-----w- C:\ProgramData\Downloaded Installations
2011-12-02 14:22:32 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2011-12-02 14:22:28 -------- d-----w- C:\Program Files (x86)\Realtek
2011-12-02 14:21:46 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2011-12-02 14:21:44 -------- d-----w- C:\Intel
2011-12-02 14:02:05 1359976 ----a-w- C:\Windows\System32\nvgenco64hda.dll
2011-12-02 14:01:52 110592 ----a-w- C:\Windows\System32\rtvcvfw32.dll
2011-12-02 14:01:51 -------- d-----w- C:\Program Files (x86)\MSI Afterburner
2011-12-02 13:56:20 -------- d-sh--w- C:\Windows\Installer
2011-12-02 13:56:15 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2011-12-02 13:56:11 1614440 ----a-w- C:\Windows\System32\nvdispco642090.dll
2011-12-02 13:56:11 1359976 ----a-w- C:\Windows\System32\nvgenco642040.dll
2011-12-02 13:55:57 2403136 ----a-w- C:\Windows\System32\nvapi64.dll
2011-12-02 13:55:57 11240 ----a-w- C:\Windows\System32\drivers\nvBridge.kmd
2011-12-02 13:55:26 -------- d-----w- C:\Program Files\NVIDIA Corporation
2011-12-02 13:52:58 -------- d-sh--we C:\ProgramData\Modèles
2011-12-02 13:52:58 -------- d-sh--we C:\ProgramData\Menu Démarrer
2011-12-02 13:52:58 -------- d-sh--we C:\ProgramData\Favoris
2011-12-02 13:52:58 -------- d-sh--we C:\ProgramData\Bureau
2011-12-02 13:52:58 -------- d-sh--we C:\Program Files\Fichiers communs
2011-12-02 13:52:58 -------- d-sh--w- C:\Recovery
2011-11-23 18:29:36 406336 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
==================== Find3M ====================
.
2011-11-24 04:59:00 7974208 ----a-w- C:\Windows\System32\nvcuda.dll
2011-11-24 02:47:47 6004544 ----a-w- C:\Windows\System32\nvcpl.dll
2011-11-24 02:41:24 3028800 ----a-w- C:\Windows\System32\nvsvc64.dll
2011-11-24 02:38:53 2562368 ----a-w- C:\Windows\System32\nvsvcr.dll
2011-11-24 02:38:49 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
2011-11-24 02:38:44 63296 ----a-w- C:\Windows\System32\nvshext.dll
2011-11-24 02:38:44 118080 ----a-w- C:\Windows\System32\nvmctray.dll
2011-11-09 14:21:44 31040 ----a-w- C:\Windows\System32\nvhdap64.dll
2011-11-09 14:21:39 187200 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2011-11-09 14:21:39 1451840 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-09-29 04:03:32 3144704 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 19:33:42,39 ===============
Contenus similaires
6 Décembre 2011 21:02:34

Bonsoir
ça me semble propre...
7 Décembre 2011 12:01:12

Cool. Je me suis demandé s'il était pertinent de demander de l'aide avant de voir le moindre symptôme autre que ladite détection par Avira et le scan de MBAM mais le PC étant tout neuf et le Windows également, je me suis dit qu'il valait mieux s'en assurer.
Merci pour ton aide!
7 Décembre 2011 13:34:36

Bon surf :hello: 
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS