Votre question

redirection dans google [résolu]

Tags :
  • google
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Décembre 2011 13:24:01

Bonjour,

Depuis quelques temps, je suis redirigé vers bywill.net (et parfois 123 quelque chose) lors de recherches google. Cela arrive sous firefox et également sur google.
Je me permets de mettre ci-dessous le rapport hijackthis, ayant vu que certains avaient pu détecter leur problème à partir de ce rapport.
Merci pour votre aide,

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:17, on 07/12/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\rserver30\RServer3.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\rserver30\FamItrfc.Exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Fichiers communs\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Hewlett-Packard\HP Printer Utility\HPPU.exe
C:\Program Files\Fichiers communs\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\Security Agent\tmlisten.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe
C:\Documents and Settings\talbotc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\talbotc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Documents and Settings\talbotc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/sphome.aspx?mkt={SUB_RFC1766}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/sphome.aspx?mkt={SUB_RFC1766}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par MAIRIE DE GISORS
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [PUStarter] C:\Program Files\Fichiers communs\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe
O4 - HKLM\..\Run: [RunPUTasktray] "C:\Program Files\Hewlett-Packard\HP Printer Utility\HPPU.exe" --regkeypath=Software\Hewlett-Packard\HP Printer Utility\HPPURun --valuename=InstallTTM
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\talbotc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-787704125-331416818-2054977879-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.hp.com (HKLM)
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MAIRIEGISORS.local
O17 - HKLM\Software\..\Telephony: DomainName = MAIRIEGISORS.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MAIRIEGISORS.local
O18 - Protocol: HPPUDCS - {522CC7E5-F378-4F97-8BD7-125D17F5B332} - C:\Program Files\Fichiers communs\Hewlett-Packard\HP Printer Utility DCS\APP\hplidcsapp.dll
O18 - Protocol: hppufile - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll
O18 - Protocol: hppusam - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll
O18 - Protocol: hppuzip - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\TmIEPlg.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Security Agent\UIFramework\ProToolbarIMRatingActiveX.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0056901277797298) (0056901277797298mcinstcleanup) - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\005690~1.EXE (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: OracleOraHome81ClientCache - Unknown owner - C:\oracle\ora81\BIN\ONRSD.EXE
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Radmin Server V3 (RServer3) - Famatech Corp. - C:\WINDOWS\system32\rserver30\RServer3.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Trend Micro Security Agent Communicator (TmListen) - Trend Micro Inc. - C:\Program Files\Trend Micro\Security Agent\tmlisten.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 12596 bytes

Autres pages sur : redirection google

7 Décembre 2011 13:32:11

Bonjour et [:bienvenue]


étape 1

Télécharge DDS de sUBs sur ton bureau.
L'outil ne nécessite pas d'installation.

Lance-le en cliquant sur l'icône dds.scr:

Cette fenêtre DOS va apparaitre:



Le scan ne doit pas dépasser trois minutes.

Deux rapports seront générés, Enregistre les rapports DDS.txt et Attach.txt.



Poste le rapport DDS.txt, tu ne fourniras le rapport Attach.txt que s'il t'est demandé.


<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**

++

****
étape 2


telecharge sur ton bureau http://support.kaspersky.com/downloads/utils/tdsskiller... , dezippe le et execute le , un rapport sera crée ici:

C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu

tu as aussi directement l'executable là : http://support.kaspersky.com/downloads/utils/tdsskiller...

o execute le , La fenêtre suivante va s'ouvrir::



o Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
o Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:



o Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

o Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.

o Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.

o Si Suspicious file est indiqué, laisse l'option cochée sur Skip

o Clique sur Continue puis sur Reboot now pour redémarrer le PC.

o Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).

tutoriel--> http://support.kaspersky.com/viruses/solutions?qid=2082...



++++++++++++++++++++++++++++++++++++++++
7 Décembre 2011 13:47:55

Bonjour, merci pour ta réponse .

DDS ne semble pas fonctionner , je n'ai pas les fenetres indiquées plus haut, il ouvre imédiatement un document txt, avec des caractères incompréhensibles.
Ci-dessous le rapport TDSSkiller :


13:41:50.0150 1024 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
13:41:50.0493 1024 ============================================================
13:41:50.0493 1024 Current date / time: 2011/12/07 13:41:50.0493
13:41:50.0493 1024 SystemInfo:
13:41:50.0493 1024
13:41:50.0493 1024 OS Version: 5.1.2600 ServicePack: 3.0
13:41:50.0493 1024 Product type: Workstation
13:41:50.0493 1024 ComputerName: A25562
13:41:50.0493 1024 UserName: TALBOTC
13:41:50.0493 1024 Windows directory: C:\WINDOWS
13:41:50.0493 1024 System windows directory: C:\WINDOWS
13:41:50.0493 1024 Processor architecture: Intel x86
13:41:50.0493 1024 Number of processors: 2
13:41:50.0493 1024 Page size: 0x1000
13:41:50.0493 1024 Boot type: Normal boot
13:41:50.0493 1024 ============================================================
13:41:51.0962 1024 Initialize success
13:42:24.0133 2436 ============================================================
13:42:24.0133 2436 Scan started
13:42:24.0133 2436 Mode: Manual;
13:42:24.0133 2436 ============================================================
13:42:24.0727 2436 Abiosdsk - ok
13:42:24.0742 2436 abp480n5 - ok
13:42:24.0758 2436 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
13:42:24.0758 2436 ac97intc - ok
13:42:24.0774 2436 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:42:24.0789 2436 ACPI - ok
13:42:24.0789 2436 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:42:24.0805 2436 ACPIEC - ok
13:42:24.0836 2436 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
13:42:24.0836 2436 adpu160m - ok
13:42:24.0852 2436 adpu320 (0ea9b1f0c6c90a509c8603775366adb7) C:\WINDOWS\system32\DRIVERS\adpu320.sys
13:42:24.0914 2436 adpu320 - ok
13:42:24.0930 2436 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:42:24.0945 2436 aec - ok
13:42:24.0961 2436 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:42:24.0977 2436 AFD - ok
13:42:24.0977 2436 Aha154x - ok
13:42:25.0008 2436 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
13:42:25.0008 2436 aic78u2 - ok
13:42:25.0008 2436 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
13:42:25.0008 2436 aic78xx - ok
13:42:25.0024 2436 AliIde - ok
13:42:25.0039 2436 amsint - ok
13:42:25.0055 2436 asc - ok
13:42:25.0070 2436 asc3350p - ok
13:42:25.0070 2436 asc3550 - ok
13:42:25.0117 2436 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:42:25.0133 2436 AsyncMac - ok
13:42:25.0180 2436 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:42:25.0180 2436 atapi - ok
13:42:25.0195 2436 Atdisk - ok
13:42:25.0211 2436 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:42:25.0211 2436 Atmarpc - ok
13:42:25.0242 2436 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:42:25.0242 2436 audstub - ok
13:42:25.0258 2436 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:42:25.0258 2436 Beep - ok
13:42:25.0274 2436 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:42:25.0274 2436 cbidf2k - ok
13:42:25.0289 2436 cd20xrnt - ok
13:42:25.0305 2436 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:42:25.0305 2436 Cdaudio - ok
13:42:25.0305 2436 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:42:25.0305 2436 Cdfs - ok
13:42:25.0320 2436 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:42:25.0320 2436 Cdrom - ok
13:42:25.0336 2436 Changer - ok
13:42:25.0367 2436 CmdIde - ok
13:42:25.0399 2436 Cpqarray - ok
13:42:25.0414 2436 dac2w2k - ok
13:42:25.0430 2436 dac960nt - ok
13:42:25.0461 2436 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:42:25.0477 2436 Disk - ok
13:42:25.0492 2436 DLABMFSM (e328f653bb38dca443b6b5c209550f16) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
13:42:25.0508 2436 DLABMFSM - ok
13:42:25.0508 2436 DLABOIOM (5324fbe31307eddd03df5539225454c8) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
13:42:25.0508 2436 DLABOIOM - ok
13:42:25.0524 2436 DLACDBHM (5230cdb7e715f3a3b4a882e254cdd35d) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
13:42:25.0524 2436 DLACDBHM - ok
13:42:25.0539 2436 DLADResM (c6ee3e21815d9523d878745764c800dd) C:\WINDOWS\system32\DLA\DLADResM.SYS
13:42:25.0539 2436 DLADResM - ok
13:42:25.0539 2436 DLAIFS_M (b89653704319073f71311a676baf70d4) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
13:42:25.0539 2436 DLAIFS_M - ok
13:42:25.0555 2436 DLAOPIOM (e08f04c7f7e0c31c9ac928abac9d0193) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
13:42:25.0555 2436 DLAOPIOM - ok
13:42:25.0570 2436 DLAPoolM (daa942572d1b3393040209bf5eadf4a8) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
13:42:25.0570 2436 DLAPoolM - ok
13:42:25.0570 2436 DLARTL_M (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
13:42:25.0570 2436 DLARTL_M - ok
13:42:25.0586 2436 DLAUDFAM (e1160a37a6f1a7607510744267501836) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
13:42:25.0586 2436 DLAUDFAM - ok
13:42:25.0602 2436 DLAUDF_M (26dad89dc9de1f7f4990849bc5731d03) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
13:42:25.0602 2436 DLAUDF_M - ok
13:42:25.0633 2436 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
13:42:25.0649 2436 dmboot - ok
13:42:25.0649 2436 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
13:42:25.0664 2436 dmio - ok
13:42:25.0664 2436 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:42:25.0664 2436 dmload - ok
13:42:25.0695 2436 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:42:25.0695 2436 DMusic - ok
13:42:25.0695 2436 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
13:42:25.0711 2436 dpti2o - ok
13:42:25.0711 2436 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:42:25.0727 2436 drmkaud - ok
13:42:25.0742 2436 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
13:42:25.0742 2436 DRVMCDB - ok
13:42:25.0758 2436 DRVNDDM (ffc371525aa55d1bae18715ebcb8797c) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
13:42:25.0758 2436 DRVNDDM - ok
13:42:25.0758 2436 E100B (1961f8b618e3c20df54c146b294efd2a) C:\WINDOWS\system32\DRIVERS\e100b325.sys
13:42:25.0773 2436 E100B - ok
13:42:25.0820 2436 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:42:25.0820 2436 Fastfat - ok
13:42:25.0836 2436 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:42:25.0836 2436 Fdc - ok
13:42:25.0852 2436 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
13:42:25.0852 2436 Fips - ok
13:42:25.0867 2436 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
13:42:25.0867 2436 Flpydisk - ok
13:42:25.0914 2436 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:42:25.0914 2436 FltMgr - ok
13:42:25.0930 2436 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:42:25.0930 2436 Fs_Rec - ok
13:42:25.0930 2436 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:42:25.0930 2436 Ftdisk - ok
13:42:25.0945 2436 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:42:25.0961 2436 Gpc - ok
13:42:25.0992 2436 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:42:25.0992 2436 HDAudBus - ok
13:42:26.0023 2436 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:42:26.0039 2436 HidUsb - ok
13:42:26.0039 2436 hpn - ok
13:42:26.0070 2436 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys
13:42:26.0070 2436 htcnprot - ok
13:42:26.0102 2436 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:42:26.0117 2436 HTTP - ok
13:42:26.0117 2436 i2omgmt - ok
13:42:26.0133 2436 i2omp - ok
13:42:26.0148 2436 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:42:26.0148 2436 i8042prt - ok
13:42:26.0164 2436 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
13:42:26.0164 2436 i81x - ok
13:42:26.0195 2436 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
13:42:26.0195 2436 iAimFP0 - ok
13:42:26.0211 2436 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
13:42:26.0211 2436 iAimFP1 - ok
13:42:26.0211 2436 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
13:42:26.0211 2436 iAimFP2 - ok
13:42:26.0227 2436 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
13:42:26.0227 2436 iAimFP3 - ok
13:42:26.0242 2436 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
13:42:26.0242 2436 iAimFP4 - ok
13:42:26.0258 2436 iAimFP5 (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
13:42:26.0258 2436 iAimFP5 - ok
13:42:26.0273 2436 iAimFP6 (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
13:42:26.0273 2436 iAimFP6 - ok
13:42:26.0273 2436 iAimFP7 (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
13:42:26.0273 2436 iAimFP7 - ok
13:42:26.0289 2436 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
13:42:26.0289 2436 iAimTV0 - ok
13:42:26.0289 2436 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
13:42:26.0305 2436 iAimTV1 - ok
13:42:26.0305 2436 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
13:42:26.0305 2436 iAimTV3 - ok
13:42:26.0320 2436 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
13:42:26.0320 2436 iAimTV4 - ok
13:42:26.0320 2436 iAimTV5 (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
13:42:26.0336 2436 iAimTV5 - ok
13:42:26.0336 2436 iAimTV6 (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
13:42:26.0336 2436 iAimTV6 - ok
13:42:26.0492 2436 ialm (d0190bbb1b577589548aba94e66d6838) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
13:42:26.0555 2436 ialm - ok
13:42:26.0633 2436 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:42:26.0633 2436 Imapi - ok
13:42:26.0648 2436 ini910u - ok
13:42:26.0789 2436 IntcAzAudAddService (553fee1d64acb826a30563dbacc73fa5) C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:42:26.0852 2436 IntcAzAudAddService - ok
13:42:26.0867 2436 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
13:42:26.0867 2436 IntelIde - ok
13:42:26.0883 2436 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:42:26.0883 2436 intelppm - ok
13:42:26.0930 2436 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:42:26.0945 2436 Ip6Fw - ok
13:42:26.0945 2436 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:42:26.0945 2436 IpFilterDriver - ok
13:42:26.0961 2436 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:42:26.0961 2436 IpInIp - ok
13:42:26.0977 2436 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:42:26.0977 2436 IpNat - ok
13:42:26.0992 2436 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:42:26.0992 2436 IPSec - ok
13:42:27.0008 2436 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:42:27.0023 2436 IRENUM - ok
13:42:27.0055 2436 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:42:27.0055 2436 isapnp - ok
13:42:27.0086 2436 Iviaspi (4ac11b2250106774f694df2db4ffed61) C:\WINDOWS\system32\drivers\iviaspi.sys
13:42:27.0102 2436 Iviaspi - ok
13:42:27.0148 2436 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:42:27.0148 2436 Kbdclass - ok
13:42:27.0180 2436 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:42:27.0195 2436 kbdhid - ok
13:42:27.0211 2436 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:42:27.0211 2436 kmixer - ok
13:42:27.0227 2436 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:42:27.0227 2436 KSecDD - ok
13:42:27.0227 2436 lbrtfdc - ok
13:42:27.0258 2436 MfeAVFK (64b96de8c492bd435372d9130a535f1d) C:\WINDOWS\system32\drivers\MfeAVFK.sys
13:42:27.0258 2436 MfeAVFK - ok
13:42:27.0273 2436 MfeBOPK (078e87a89d36cc3516f19d5fb518bddc) C:\WINDOWS\system32\drivers\MfeBOPK.sys
13:42:27.0273 2436 MfeBOPK - ok
13:42:27.0305 2436 mfehidk (168c565101fd5b9db694efdec91fafa9) C:\WINDOWS\system32\drivers\mfehidk.sys
13:42:27.0305 2436 mfehidk - ok
13:42:27.0320 2436 MfeRKDK (e0842f67dc9bc4d21d1e319610ebe9e5) C:\WINDOWS\system32\drivers\MfeRKDK.sys
13:42:27.0320 2436 MfeRKDK - ok
13:42:27.0336 2436 mfetdik (43a7acbbd70ecd62f0b63486c72089a3) C:\WINDOWS\system32\drivers\mfetdik.sys
13:42:27.0336 2436 mfetdik - ok
13:42:27.0352 2436 mirrorv3 (d96ea49ab9a9174331bc023fd0cadc18) C:\WINDOWS\system32\DRIVERS\rminiv3.sys
13:42:27.0367 2436 mirrorv3 - ok
13:42:27.0414 2436 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:42:27.0414 2436 mnmdd - ok
13:42:27.0430 2436 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
13:42:27.0430 2436 Modem - ok
13:42:27.0430 2436 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:42:27.0445 2436 Mouclass - ok
13:42:27.0461 2436 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:42:27.0461 2436 mouhid - ok
13:42:27.0492 2436 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:42:27.0492 2436 MountMgr - ok
13:42:27.0492 2436 mraid35x - ok
13:42:27.0508 2436 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:42:27.0508 2436 MRxDAV - ok
13:42:27.0523 2436 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:42:27.0523 2436 MRxSmb - ok
13:42:27.0539 2436 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:42:27.0539 2436 Msfs - ok
13:42:27.0570 2436 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:42:27.0570 2436 MSKSSRV - ok
13:42:27.0570 2436 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:42:27.0570 2436 MSPCLOCK - ok
13:42:27.0586 2436 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:42:27.0586 2436 MSPQM - ok
13:42:27.0602 2436 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:42:27.0602 2436 mssmbios - ok
13:42:27.0617 2436 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:42:27.0617 2436 Mup - ok
13:42:27.0633 2436 NDIS (b5b1080d35974c0e718d64280761bcd5) C:\WINDOWS\system32\drivers\NDIS.sys
13:42:27.0633 2436 NDIS - ok
13:42:27.0648 2436 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:42:27.0648 2436 NdisTapi - ok
13:42:27.0664 2436 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:42:27.0664 2436 Ndisuio - ok
13:42:27.0695 2436 NdisWan (b053a8411045fd0664b389a090cb2bbc) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:42:27.0695 2436 NdisWan - ok
13:42:27.0695 2436 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:42:27.0711 2436 NDProxy - ok
13:42:27.0711 2436 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:42:27.0727 2436 NetBIOS - ok
13:42:27.0742 2436 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:42:27.0742 2436 NetBT - ok
13:42:27.0758 2436 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:42:27.0773 2436 Npfs - ok
13:42:27.0789 2436 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:42:27.0789 2436 Ntfs - ok
13:42:27.0820 2436 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:42:27.0820 2436 Null - ok
13:42:27.0836 2436 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:42:27.0836 2436 NwlnkFlt - ok
13:42:27.0867 2436 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:42:27.0883 2436 NwlnkFwd - ok
13:42:27.0945 2436 P3 (cecb679633523ac5eb7eb85f92dcd806) C:\WINDOWS\system32\DRIVERS\p3.sys
13:42:27.0945 2436 P3 - ok
13:42:27.0961 2436 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
13:42:27.0961 2436 Parport - ok
13:42:27.0977 2436 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:42:27.0977 2436 PartMgr - ok
13:42:28.0023 2436 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
13:42:28.0023 2436 ParVdm - ok
13:42:28.0039 2436 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
13:42:28.0039 2436 PCI - ok
13:42:28.0039 2436 PCIDump - ok
13:42:28.0070 2436 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:42:28.0070 2436 PCIIde - ok
13:42:28.0086 2436 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:42:28.0086 2436 Pcmcia - ok
13:42:28.0102 2436 PDCOMP - ok
13:42:28.0102 2436 PDFRAME - ok
13:42:28.0117 2436 PDRELI - ok
13:42:28.0117 2436 PDRFRAME - ok
13:42:28.0133 2436 perc2 - ok
13:42:28.0133 2436 perc2hib - ok
13:42:28.0180 2436 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:42:28.0195 2436 PptpMiniport - ok
13:42:28.0211 2436 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:42:28.0227 2436 PSched - ok
13:42:28.0227 2436 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:42:28.0227 2436 Ptilink - ok
13:42:28.0242 2436 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:42:28.0273 2436 PxHelp20 - ok
13:42:28.0273 2436 ql1080 - ok
13:42:28.0289 2436 Ql10wnt - ok
13:42:28.0289 2436 ql12160 - ok
13:42:28.0305 2436 ql1240 - ok
13:42:28.0305 2436 ql1280 - ok
13:42:28.0336 2436 raddrvv3 (2e4f7d36c0d4085c53e151e0c2a85971) C:\WINDOWS\system32\rserver30\raddrvv3.sys
13:42:28.0336 2436 raddrvv3 - ok
13:42:28.0352 2436 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:42:28.0352 2436 RasAcd - ok
13:42:28.0367 2436 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:42:28.0367 2436 Rasl2tp - ok
13:42:28.0367 2436 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:42:28.0367 2436 RasPppoe - ok
13:42:28.0383 2436 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:42:28.0383 2436 Raspti - ok
13:42:28.0398 2436 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:42:28.0398 2436 Rdbss - ok
13:42:28.0398 2436 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:42:28.0398 2436 RDPCDD - ok
13:42:28.0414 2436 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:42:28.0414 2436 rdpdr - ok
13:42:28.0445 2436 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
13:42:28.0445 2436 RDPWD - ok
13:42:28.0477 2436 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:42:28.0477 2436 redbook - ok
13:42:28.0508 2436 regi (001b4278407f4303efc902a2b16f2453) C:\WINDOWS\system32\drivers\regi.sys
13:42:28.0508 2436 regi - ok
13:42:28.0539 2436 RTLE8023xp (ba7ced0f0799012b1f2bfda06d7506db) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
13:42:28.0555 2436 RTLE8023xp - ok
13:42:28.0586 2436 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:42:28.0586 2436 Secdrv - ok
13:42:28.0602 2436 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:42:28.0602 2436 serenum - ok
13:42:28.0617 2436 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
13:42:28.0617 2436 Serial - ok
13:42:28.0633 2436 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:42:28.0633 2436 Sfloppy - ok
13:42:28.0648 2436 Simbad - ok
13:42:28.0648 2436 Sparrow - ok
13:42:28.0664 2436 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:42:28.0680 2436 splitter - ok
13:42:28.0711 2436 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
13:42:28.0711 2436 sr - ok
13:42:28.0727 2436 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:42:28.0742 2436 Srv - ok
13:42:28.0758 2436 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:42:28.0758 2436 swenum - ok
13:42:28.0773 2436 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:42:28.0773 2436 swmidi - ok
13:42:28.0820 2436 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
13:42:28.0820 2436 symc810 - ok
13:42:28.0820 2436 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
13:42:28.0820 2436 symc8xx - ok
13:42:28.0836 2436 Symmpi (f2b7e8416f508368ac6730e2ae1c614f) C:\WINDOWS\system32\DRIVERS\symmpi.sys
13:42:28.0836 2436 Symmpi - ok
13:42:28.0883 2436 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
13:42:28.0883 2436 sym_hi - ok
13:42:28.0883 2436 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
13:42:28.0883 2436 sym_u3 - ok
13:42:28.0914 2436 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:42:28.0914 2436 sysaudio - ok
13:42:28.0930 2436 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:42:28.0930 2436 Tcpip - ok
13:42:28.0945 2436 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:42:28.0945 2436 TDPIPE - ok
13:42:28.0992 2436 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:42:28.0992 2436 TDTCP - ok
13:42:29.0023 2436 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:42:29.0023 2436 TermDD - ok
13:42:29.0070 2436 tmactmon (7131c804d8847b695125bb8d91d64ee0) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
13:42:29.0070 2436 tmactmon - ok
13:42:29.0086 2436 tmcomm (09f386a6ec8d6c37bfa0d5394cb186c1) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
13:42:29.0086 2436 tmcomm - ok
13:42:29.0102 2436 tmevtmgr (c75310cbd1bccf3469c834143bc2390c) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
13:42:29.0102 2436 tmevtmgr - ok
13:42:29.0148 2436 tmtdi (71b409ed6b46ee213fc22b2d440234b8) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
13:42:29.0148 2436 tmtdi - ok
13:42:29.0148 2436 TosIde - ok
13:42:29.0180 2436 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:42:29.0195 2436 Udfs - ok
13:42:29.0195 2436 ultra - ok
13:42:29.0227 2436 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:42:29.0227 2436 usbccgp - ok
13:42:29.0258 2436 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:42:29.0258 2436 usbehci - ok
13:42:29.0289 2436 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:42:29.0289 2436 usbhub - ok
13:42:29.0305 2436 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:42:29.0305 2436 usbscan - ok
13:42:29.0336 2436 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:42:29.0336 2436 USBSTOR - ok
13:42:29.0352 2436 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:42:29.0352 2436 usbuhci - ok
13:42:29.0367 2436 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:42:29.0367 2436 VgaSave - ok
13:42:29.0383 2436 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
13:42:29.0383 2436 ViaIde - ok
13:42:29.0398 2436 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
13:42:29.0398 2436 VolSnap - ok
13:42:29.0430 2436 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:42:29.0430 2436 Wanarp - ok
13:42:29.0445 2436 WDICA - ok
13:42:29.0477 2436 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:42:29.0477 2436 wdmaud - ok
13:42:29.0523 2436 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:42:29.0523 2436 WmiAcpi - ok
13:42:29.0539 2436 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:42:29.0539 2436 \Device\Harddisk0\DR0 - ok
13:42:29.0555 2436 Boot (0x1200) (c5dc1a5d3b5691755547e2f64a62426b) \Device\Harddisk0\DR0\Partition0
13:42:29.0555 2436 \Device\Harddisk0\DR0\Partition0 - ok
13:42:29.0570 2436 Boot (0x1200) (7d0c54c422901bb4eade4942f1c92b71) \Device\Harddisk0\DR0\Partition1
13:42:29.0570 2436 \Device\Harddisk0\DR0\Partition1 - ok
13:42:29.0570 2436 ============================================================
13:42:29.0570 2436 Scan finished
13:42:29.0570 2436 ============================================================
13:42:29.0570 1128 Detected object count: 0
13:42:29.0570 1128 Actual detected object count: 0
Contenus similaires
7 Décembre 2011 13:56:23

re

Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs : Combofix
Sauvegarde-le sur ton bureau et pas ailleurs!

Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

<@_@>

+++++++++++++++++++++
7 Décembre 2011 14:12:11

ci-dessous le rapport combofix :

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\talbotc\Local Settings\Temporary Internet Files\plot.log
c:\windows\CSC\d6
c:\windows\dasetup.log
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-11-07 au 2011-12-07 ))))))))))))))))))))))))))))))))))))
.
.
2011-12-07 12:02 . 2011-12-07 12:02 388096 ----a-r- c:\documents and settings\talbotc\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-08 10:13 . 2011-11-08 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-11-08 10:13 . 2011-11-08 10:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-11-08 09:53 . 2011-11-08 09:54 -------- d-----w- c:\program files\Glary Utilities
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-18 07:19 . 2011-10-26 10:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:23 . 2008-04-14 09:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-30 08:40 . 2011-09-30 08:39 11264 ----a-w- c:\windows\DCEBoot.exe
2011-09-28 07:06 . 2008-04-14 09:00 606208 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-30 03:59 614400 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2008-04-14 09:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-04-14 09:00 220160 ----a-w- c:\windows\system32\oleacc.dll
1999-06-24 11:24 . 2010-12-30 13:48 49152 ----a-w- c:\program files\_ISREG32.DLL
2011-11-17 12:31 . 2011-10-04 06:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2009-10-16 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RunPUTasktray"="c:\program files\Hewlett-Packard\HP Printer Utility\HPPU.exe --regkeypath=Software\Hewlett-Packard\HP Printer Utility\HPPURun --valuename=InstallTTM" [X]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-10-30 1116920]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-03-25 121064]
"PUStarter"="c:\program files\Fichiers communs\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe" [2009-12-11 73728]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,6d,33,32,5c,6c,\
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2010-02-12 10:03 293376 ----a-w- c:\windows\system32\browserchoice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 09:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-08-26 19:36 173592 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-08-26 19:36 141336 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2009-10-16 10:51 2363392 ----a-w- c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-08-26 19:36 142872 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-10-16 08:59 18782720 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetRefresh]
2003-11-21 03:01 525824 ----a-w- c:\program files\Compaq\SetRefresh\SetRefresh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\windows\\system32\\rserver30\\rserver3.exe"=
"c:\\Program Files\\Hewlett-Packard\\HP Printer Utility\\HPPU.exe"=
.
R1 raddrvv3;raddrvv3;c:\windows\system32\rserver30\raddrvv3.sys [09/10/2009 13:00 46304]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [30/03/2011 13:28 196320]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [16/09/2010 14:06 80896]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [17/04/2007 19:09 11032]
R2 RServer3;Radmin Server V3;c:\windows\system32\rserver30\rserver3.exe [09/10/2009 13:00 1242504]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [30/03/2011 13:29 65296]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
S2 0056901277797298mcinstcleanup;McAfee Application Installer Cleanup (0056901277797298);c:\docume~1\ADMINI~1\LOCALS~1\Temp\005690~1.EXE c:\progra~1\FICHIE~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\005690~1.EXE c:\progra~1\FICHIE~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [06/09/2011 11:53 136176]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [06/09/2011 11:53 136176]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22/06/2010 18:01 21248]
S3 OracleOraHome81ClientCache;OracleOraHome81ClientCache;c:\oracle\ora81\bin\ONRSD.EXE [19/10/2000 11:55 411244]
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - 81101223
*Deregistered* - 81101223
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 10:49 451872 ----a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-12-07 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-11-08 12:08]
.
2011-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-06 10:52]
.
2011-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-06 10:52]
.
2011-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2494870515-3003032169-2076141979-1205Core.job
- c:\documents and settings\talbotc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-05 12:31]
.
2011-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2494870515-3003032169-2076141979-1205UA.job
- c:\documents and settings\talbotc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-05 12:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: hp.com
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.1.223 192.168.1.224 192.168.1.226
FF - ProfilePath - c:\documents and settings\talbotc\Application Data\Mozilla\Firefox\Profiles\8g1vifry.default\
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
.
.
------- Associations de fichier -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Notify-NavLogon - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-NortonOnlineBackupReminder - c:\program files\Symantec\Norton Online Backup\Activation\NobuActivation.exe
MSConfigStartUp-PDF Complete - c:\program files\PDF Complete\pdfsty.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-07 14:06
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"C040210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Heure de fin: 2011-12-07 14:07:12
ComboFix-quarantined-files.txt 2011-12-07 13:07
.
Avant-CF: 35 043 885 056 octets libres
Après-CF: 35 287 670 784 octets libres
.
- - End Of File - - CD02A145267FF6F6AA3A429E02066359
7 Décembre 2011 18:05:05

Bonsoir
je présume que tu as toujours tes redirections...


Télécharge aswMBR.exe

Sauvegarde-le sur ton bureau et pas ailleurs!

Double clique sur aswMBR.exe pour l'exécuter
(Clic droit -> "Exécuter en tant qu'administrateur" pour VISTA / SEVEN)

Clique sur le bouton Scan et laisse l'outil travailler.




Clic sur Save Log ,Enregistre le rapport sur le bureau et poste le rapport dans ta prochaine réponse.
8 Décembre 2011 11:36:31

bonjour,

mon problème semble être résolu, et ce sans avoir fait la dernière étape proposée avec aswMBR.

Merci pour tes conseils!
8 Décembre 2011 22:23:06

Bonsoir
on termine:
Nous allons maintenant vérifier que ton système et tes logiciels de protection sont à jour.

  • Télécharge Security Check (de screen317) sur ton Bureau.
  • Double-clique sur SecurityCheck.exe et suis les instructions à l'écran à l'intérieur de la boîte noire.
  • Un document du Bloc-notes doit s'ouvrir checkup.txt
  • Poste-moi le contenu de ce document.
  • Ferme Security Check.
    9 Décembre 2011 08:54:50

    Results of screen317's Security Check version 0.99.28
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    ``````````````````````````````
    Antivirus/Firewall Check:

    Windows Security Center service is not running! This report may not be accurate!
    Trend Micro Worry-Free Business Security Agent
    Antivirus up to date!
    ```````````````````````````````
    Anti-malware/Other Utilities Check:

    Spybot - Search & Destroy
    HijackThis 2.0.2
    Java(TM) 6 Update 26
    Java(TM) 6 Update 3
    Java version out of date!
    Adobe Flash Player 9 Flash Player out of date!
    Adobe Flash Player 11.1.102.55
    Adobe Reader X (10.1.1)
    Mozilla Firefox (8.0.)
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent

    Trend Micro AMSP coreServiceShell.exe
    Trend Micro UniClient UiFrmWrk uiWatchDog.exe
    Trend Micro AMSP coreFrameworkHost.exe
    Trend Micro UniClient UiFrmWrk uiSeAgnt.exe
    Trend Micro Security Agent tmlisten.exe
    ``````````End of Log````````````
    10 Décembre 2011 09:15:10

    Bonjour
    c'est ça ton antivirus?
    http://www.trendmicro.be/fr/WFBS/
    Il est à jour?

    à ta place, je désinstallerai pour un bon antivirus gratuit:
    Tutoriel: Avast!


    Mets à jour java:
    http://www.java.com/fr/download/

    Pour Adobe Flash Player, il te met un message mais c'est bon car tu as la version 11.1.102.55.

    ++++++++++++





    Supprime/Désinstalle tous les programmes utilisés pour la désinfection.
    (mais garde Malwarebytes' Anti-Malware pour faire des scan réguliers (en n'omettant pas de le mettre à jour)

    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!

    ~Clique, sur ton premier message, sur le bouton "Editer" et marque [résolu] dans le titre.

    Clique ensuite sur "Valider votre message"

    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 

    ++++++
    12 Décembre 2011 19:11:31

    de rien
    bon surf ! :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS