telkel

Le problème est apparue après le redémarrage qui fait suite à l'utilisation du logiciel OTL, n'aurait-il pas pu désactiver un service ? J'ai changé une clé de registre, puis fait une restauration du démarrage et internet est connecté à mon ordi. Merci pour la désinfection. J'espère que ça ira par la suite. Bonne continuation.

Je ne sais pas trop quel service devrait être démarré pour que la détection du réseau ce fasse. La carte réseau fonctionne. La box aussi, le fil est branché. Mais pas de connexion. Internet explorer se ferme seul après quelques instant. C'est la dernière version. Dans le centre réseau et partage : Recherche de réseau est désactivé et refuse que je l'active (réflexion infinie) Le redémarrage du client DHCP ne change rien (diagnostiquer et réparer de Windows) Le diagnostique de la carte réseau ne donne rien de plus. J'ai trouver les options internet et impossible d'activer la connexion automatique ou de changer la configuration.

Je vais regarder tout ça, je précise quand même que nous étions entrain de réparer un ordinateur fixe. Le portable me permet de poster ici. Ca parle bien de service qui n'a pas démarrer. Pour l’échec d'installation de java, c'était avant le lancement d'OTL. Je fouille un peu pour voir.

Depuis le redémarrage, je n'ai plus accès au net : "Statut de la connexion inconnu Le service ou le groupe de dépendance n'as pas pu démarrer. Le rapport est là quant à lui (transfert avec clé USB sur mon pc portable) : All processes killed ========== OTL ========== Service Symantec Core LC stopped successfully! Service Symantec Core LC deleted successfully! C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully. Folder C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found. Folder C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\mozilla firefox\plugins\npqtplugin.dll moved successfully. C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll moved successfully. C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll moved successfully. C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll moved successfully. C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll moved successfully. C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll moved successfully. C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll moved successfully. C:\Program Files\mozilla firefox\plugins\npqtplugin8.dll moved successfully. Registry value HKEY_USERS\S-1-5-21-561315523-959222357-1554325876-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007\ deleted successfully. C:\Program Files\Bonjour\mdnsNSP.dll moved successfully. Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} C:\Windows\Downloaded Program Files\erma.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\Windows\Downloaded Program Files\CONFLICT.1\gp.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_USERS\S-1-5-21-561315523-959222357-1554325876-1000_Classes\.com\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-561315523-959222357-1554325876-1000_Classes\comfile\ not found. HKEY_LOCAL_MACHINE\Software\Classes\.com\\|comfile /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-561315523-959222357-1554325876-1000_Classes\.exe\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-561315523-959222357-1554325876-1000_Classes\exefile\ not found. HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Zapette Fibre.lnk\ deleted successfully. C:\Windows\pss\Zapette Fibre.lnk.CommonStartup moved successfully. C:\Users\Otter\Desktop\erreur quicktime.jpg moved successfully. C:\Program Files\mozilla firefox\extensions\search@searchsettings.com\COMPONENTS folder moved successfully. C:\Program Files\mozilla firefox\extensions\search@searchsettings.com\CHROME\SKIN folder moved successfully. C:\Program Files\mozilla firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US folder moved successfully. C:\Program Files\mozilla firefox\extensions\search@searchsettings.com\CHROME\LOCALE folder moved successfully. C:\Program Files\mozilla firefox\extensions\search@searchsettings.com\CHROME\CONTENT folder moved successfully. C:\Program Files\mozilla firefox\extensions\search@searchsettings.com\CHROME folder moved successfully. C:\Program Files\mozilla firefox\extensions\search@searchsettings.com folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully. C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ deleted successfully. File To-Page\EPSON Web-To-Page.dll not found. Registry value HKEY_USERS\S-1-5-21-561315523-959222357-1554325876-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ not found. File To-Page\EPSON Web-To-Page.dll not found. Registry value HKEY_USERS\S-1-5-21-561315523-959222357-1554325876-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F2CF5485-4E02-4F68-819C-B92DE9277049} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2CF5485-4E02-4F68-819C-B92DE9277049}\ not found. File move failed. C:\Windows\System32\ieframe.dll scheduled to be moved on reboot. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully. File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found. File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found. File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully. File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully! OTL by OldTimer - Version 3.2.26.5 log created on 08252011_130956 Files\Folders moved on Reboot... File move failed. C:\Windows\System32\ieframe.dll scheduled to be moved on reboot. Registry entries deleted on Reboot...

Sur le site, ils conseillent de désinstaller les anciennes versions, hors, impossible de désinstaller : Java 2 Runtime Environment, SE v1.4.1_02 Lors de la tentative d'installation de la dernière version, un message d'erreur apparait : bin/awt.dll Old file not found.

Pour symantec, norton était par défaut dans la machine lors de l'achat. http://www.cijoint.fr/cjlink.php?file=cj201108/cijB40QuNu.txt http://www.cijoint.fr/cjlink.php?file=cj201108/cijEDv8eoN.txt

Tout d'abord, merci pour l'aide dispensée. 1. Lorsque je lance Firefox, Quicktime me donne ce message d'erreur : Echec de l'initialisation de quicktime. Erreur#0. Je pense avoir désinstaller quicktime, doit rester l'updater. 2. Eset antivorus ne se lance toujours pas au démarrage. Un service à cocher ? Pour le reste, tout à l'air d'aller, le disque est reconnu les deux dernières fois que j'ai redémarrer et aucune erreur sur les mise à jour.

ComboFix 11-08-23.05 - Otter 23/08/2011 21:40:01.1.2 - x86 Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.1791.835 [GMT 2:00] Lancé depuis: c:\users\Otter\Desktop\ComboFix.exe AV: ESET Smart Security 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: Pare-feu personnel d'ESET *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\directwave_sampling.tmp c:\program files\autorun.inf c:\program files\Search Settings c:\program files\Search Settings\kb128\SeARchsettings.dll c:\program files\Search Settings\kb128\SearchSettingsRes409.dll c:\program files\Search Settings\SearchSettings.exe c:\windows\iun6002.exe c:\windows\system32\comct332.ocx D:\resycled . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-07-23 au 2011-08-23 )))))))))))))))))))))))))))))))))))) . . 2011-08-23 19:53 . 2011-08-23 19:54 -------- d-----w- c:\users\Otter\AppData\Local\temp 2011-08-23 19:53 . 2011-08-23 19:53 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-08-23 17:45 . 2011-08-23 17:45 -------- d-----w- C:\tdsskiller 2011-08-23 09:17 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{800F82B4-2520-46B0-B4B1-B11DE46C372A}\mpengine.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-23 17:50 . 2009-07-05 17:06 226280 ----a-w- c:\windows\system32\drivers\volsnap.sys 2011-08-23 09:03 . 2011-05-31 17:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-29 12:58 . 2011-06-29 12:58 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-06-09 16:54 . 2011-06-09 16:54 0 ---ha-w- c:\users\Otter\AppData\Local\BIT14C7.tmp 2011-06-02 13:34 . 2011-07-13 10:36 2043392 ----a-w- c:\windows\system32\win32k.sys 2010-01-03 09:55 . 2010-02-06 15:47 148480 ----a-w- c:\program files\SimplyIcon.exe 2008-04-18 11:56 . 2010-02-21 11:02 753 ----a-w- c:\program files\setup.bat 2007-09-11 17:21 . 2007-09-11 17:20 6531336 ----a-w- c:\program files\Thunderbird Setup 2.0.0.6.exe 2006-07-16 17:48 . 2010-02-06 15:47 1073152 ----a-w- c:\program files\FreeImage.dll 2000-10-10 18:10 . 2010-01-30 08:47 155648 ----a-w- c:\program files\GIRFLET.EXE 2000-10-10 16:22 . 2010-01-30 08:47 1265664 ----a-w- c:\program files\LANCELOT.EXE 2000-10-10 16:22 . 2010-01-30 08:47 3137024 ----a-w- c:\program files\GALAAD.EXE 2000-10-10 16:22 . 2010-01-30 08:47 963584 ----a-w- c:\program files\MERLIN.EXE 2000-08-25 17:55 . 2010-01-30 08:47 798773 ----a-w- c:\program files\mfco42d.dll 2000-08-21 15:44 . 2010-01-30 08:47 131131 ----a-w- c:\program files\SpnAdm.dll 2000-08-21 15:43 . 2010-01-30 08:47 110653 ----a-w- c:\program files\SecCAdm.dll 2000-08-18 11:20 . 2010-01-30 08:47 139327 ----a-w- c:\program files\SecC_SVM1.dll 2000-08-18 10:50 . 2010-01-30 08:47 127040 ----a-w- c:\program files\Spn_SVM1.dll 2000-07-18 19:17 . 2010-01-30 08:47 385100 ----a-w- c:\program files\msvcrtd.dll 2000-07-18 19:17 . 2010-01-30 08:47 929844 ----a-w- c:\program files\MFC42D.dll 2000-07-18 14:36 . 2010-01-30 08:47 192577 ----a-w- c:\program files\mctl_upmv4.dll 2000-01-06 13:02 . 2010-01-30 08:47 56118 ----a-w- c:\program files\Galaad16.sys 2000-01-06 13:02 . 2010-01-30 08:47 113078 ----a-w- c:\program files\Galaad.sys 2011-06-27 15:49 . 2011-05-12 05:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Zapette Fibre.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Zapette Fibre.lnk backup=c:\windows\pss\Zapette Fibre.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Otter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Moteur du Planificateur de tâches SolidWorks.lnk] path=c:\users\Otter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moteur du Planificateur de tâches SolidWorks.lnk backup=c:\windows\pss\Moteur du Planificateur de tâches SolidWorks.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O] 2005-10-22 22:00 385024 ----a-w- c:\program files\Syncrosoft\POS\H2O\cledx.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2010-05-13 14:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2010-02-10 21:32 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-561315523-959222357-1554325876-1000] "EnableNotificationsRef"=dword:00000006 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-27 136176] R3 DTVFW;LITE-ON DVB-T USB adapter firmware;c:\windows\system32\DRIVERS\dtvfw.sys [2006-11-02 22272] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-27 136176] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x] R3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\Ndisprot.sys [2008-10-25 29192] R3 usbdtv;LITE-ON DVB-T (PID=F001) receiver;c:\windows\system32\Drivers\usbdtv.sys [2006-11-08 35584] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984] S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2010-06-18 64384] S2 DokanMounter;DokanMounter;c:\program files\Orange\mes contenus - mon disque\mounter.exe [2010-11-04 27992] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 41312] S3 CLEDX;Team H2O CLEDX service;c:\windows\system32\DRIVERS\cledx.sys [2005-05-09 33792] . . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - 31292883 *Deregistered* - 31292883 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache bthsvcs REG_MULTI_SZ BthServ . Contenu du dossier 'Tâches planifiées' . 2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-27 15:21] . 2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-27 15:21] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=71&bd=Presario&pf=desktop IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 Trusted Zone: gouv.fr\www.impots Trusted Zone: live.com\login TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Otter\AppData\Roaming\Mozilla\Firefox\Profiles\heurb95u.default\ FF - prefs.js: browser.startup.homepage - www.orange.fr . - - - - ORPHELINS SUPPRIMES - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) SafeBoot-31292883.sys AddRemove-West_Point_Bridge_Designer_2007 - c:\windows\iun6002.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-08-23 21:53 Windows 6.0.6002 Service Pack 2 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Heure de fin: 2011-08-23 22:02:13 ComboFix-quarantined-files.txt 2011-08-23 20:02 . Avant-CF: 34 302 001 152 octets libres Après-CF: 36 333 617 152 octets libres . - - End Of File - - 272D70A1D4460683EBD668EE5E44C7DB Je lis en haut que mon pare-feu personnel est activé, pourtant je l'avais désactiver, dois-je refaire en mode sans echec ?

Détails donnés du winlogon.exe Additional information MD5 : 898e7c06a350d4a1a64a9ea264d55452 SHA1 : 6d63303f3912633c8a9a6e2b3cb74d60220cf7a2 SHA256: 0530b49018b59d4dcd3ecbc19e95b81438208af34bc876bd07129a79896b4d7e ssdeep: 6144:U9vKw15Y4vr6jrMKku6IWl8y2+Dq2NLsWQRBKz8r:wvKwftEny/qysHL File size : 314368 bytes First seen: 2009-05-19 22:29:40 Last seen : 2011-08-23 18:06:13 TrID: Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. All rights reserved. product......: Microsoft_ Windows_ Operating System description..: Windows Logon Application original name: WINLOGON.EXE internal name: winlogon file version.: 6.0.6002.18005 (lh_sp2rtm.090410-1830) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x25EAE timedatestamp....: 0x49E01D05 (Sat Apr 11 04:31:01 2009) machinetype......: 0x14c (I386) [[ 4 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x4155A, 0x41600, 6.42, 9ded7634bd515df353737935af94ac3e .data, 0x43000, 0x2C38, 0x2200, 3.06, 803038ee2db5e117d4e7f57f9972dc1d .rsrc, 0x46000, 0x4B28, 0x4C00, 3.72, 28d5f787138056e26daf957525ea1f99 .reloc, 0x4B000, 0x438C, 0x4400, 6.51, 5011a9e02efa98f4f2c4e091ce5a741f [[ 10 import(s) ]] ADVAPI32.dll: TraceMessage, EventWrite, EventEnabled, InitiateShutdownW, RegCloseKey, RegQueryValueExW, RegOpenKeyExW, QueryTraceW, EnableTrace, ControlTraceW, StartTraceW, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, RegDeleteValueW, EventRegister, EventUnregister, EventWriteEndScenario, EventWriteStartScenario, EventActivityIdControl, RegEnumValueW, RegQueryInfoKeyW, RegSetValueExW, RegOpenKeyW, GetTokenInformation, OpenProcessToken, ConvertStringSidToSidW, LsaFreeMemory, LsaGetUserName, RevertToSelf, ImpersonateLoggedOnUser, CloseEventLog, GetEventLogInformation, OpenEventLogW, RegisterEventSourceW, DeregisterEventSource, LsaNtStatusToWinError, RegCreateKeyExW, CheckTokenMembership, DuplicateTokenEx, ConvertSidToStringSidW, CreateProcessAsUserW, AllocateLocallyUniqueId, ReportEventW, LogonUserW, RegSetKeySecurity, RegDeleteKeyW, RegGetValueA, EqualSid, CredFree, NotifyServiceStatusChangeW, NotifyBootConfigStatus, CreateWellKnownSid, LookupAccountSidW, RegDeleteTreeW, OpenSCManagerW, RegEnumKeyExW, CloseServiceHandle, OpenServiceW, QueryServiceConfigW, QueryServiceStatus, MD5Init, MD5Update, MD5Final, CredReadByTokenHandle KERNEL32.dll: CloseHandle, SetEvent, CreateEventW, LocalReAlloc, LocalSize, MoveFileExW, Sleep, UnregisterWaitEx, InterlockedExchange, WaitForSingleObjectEx, HeapSetInformation, GetCurrentProcessId, VirtualAlloc, ExpandEnvironmentStringsW, lstrlenW, GetShortPathNameW, CompareStringW, SetEnvironmentVariableW, FreeLibrary, GetProcAddress, LoadLibraryW, GetProcessHeap, GetExitCodeProcess, UnregisterWait, OpenProcess, RegisterWaitForSingleObject, QueryInformationJobObject, DuplicateHandle, GetSystemTimeAsFileTime, InterlockedDecrement, InterlockedIncrement, GetComputerNameW, InterlockedCompareExchange, ResetEvent, TerminateJobObject, GetCommandLineW, CreateJobObjectW, VirtualFree, VirtualUnlock, SetProcessWorkingSetSize, GetProcessWorkingSetSize, VirtualLock, GetDateFormatW, GetTimeFormatW, SystemTimeToTzSpecificLocalTime, FileTimeToSystemTime, ResumeThread, CompareFileTime, GetTickCount, TerminateProcess, AssignProcessToJobObject, SearchPathW, CreateProcessW, DeleteTimerQueueTimer, CreateTimerQueueTimer, OpenEventW, GetProcessId, GetModuleHandleW, ReadFile, CreateFileW, SetErrorMode, CreateThread, WaitForMultipleObjects, SetInformationJobObject, GetSystemDirectoryW, LoadLibraryA, GetModuleFileNameW, LocalAlloc, LocalFree, SetLastError, FormatMessageW, FindResourceExW, LoadResource, WaitForSingleObject, LockResource, GetCurrentProcess, SetPriorityClass, GetCurrentThread, SetThreadPriority, HeapSize, HeapFree, HeapAlloc, GetLastError, HeapCreate, HeapDestroy, MultiByteToWideChar, GetSystemInfo, lstrcmpW, SleepEx, GetFileAttributesW, SetTimerQueueTimer, CreateRemoteThread, GetThreadUILanguage, GetVersionExW, GetTickCount64, WideCharToMultiByte, DebugBreak, UnhandledExceptionFilter, GetCurrentThreadId, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, GetStartupInfoA, DelayLoadFailureHook, CreateProcessInternalW, BaseInitAppcompatCacheSupport USER32.dll: CreateDesktopW, SystemParametersInfoW, GetKeyState, GetLastInputInfo, SwitchDesktopWithFade, LoadLocalFonts, RegisterLogonProcess, CreateWindowStationW, SetProcessWindowStation, CloseWindowStation, SetUserObjectSecurity, SwitchDesktop, SetThreadDesktop, SetForegroundWindow, SetWindowPos, GetDesktopWindow, CancelShutdown, GetWindowLongW, GetWindowRect, LoadStringW, SendMessageW, GetDlgItem, LoadImageW, EndDialog, GetDlgItemTextW, DialogBoxParamW, ShowWindow, RealGetWindowClassW, FindWindowW, UpdatePerUserSystemParameters, SetWindowStationUser, UnlockWindowStation, LockWindowStation, GetSystemMetrics, GetAsyncKeyState, LoadCursorW, CopyIcon, SetSystemCursor, DestroyCursor, ExitWindowsEx, MessageBoxW, OpenInputDesktop, GetUserObjectInformationW, GetParent, EnumWindows, CloseDesktop msvcrt.dll: wcsncmp, iswalnum, iswalpha, _snwscanf_s, _wcsupr, strncmp, wcsnlen, ___U@YAPAXI@Z, ___V@YAXPAX@Z, swscanf, _controlfp, _terminate@@YAXXZ, _except_handler4_common, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _amsg_exit, _initterm, _acmdln, exit, _ismbblead, _XcptFilter, _exit, _cexit, __getmainargs, _wtoi, _ultow, __3@YAXPAX@Z, wcstok, iswspace, wcschr, _wcsicmp, memmove, _vsnwprintf, memset, memcpy, __2@YAPAXI@Z, _wcslwr, wcscpy_s, wcscat_s, _wcsnicmp, swprintf_s, _ultow_s, wcstoul, printf, wcsstr, __isascii, isupper, _tolower ntdll.dll: RtlCopySid, RtlExpandEnvironmentStrings_U, TpAllocWait, TpAllocWork, TpPostWork, TpSetWait, TpWaitForWait, TpReleaseWait, TpWaitForWork, TpReleaseWork, TpSimpleTryPost, NtAllocateLocallyUniqueId, RtlOpenCurrentUser, RtlFreeSid, NtSetSecurityObject, RtlSetSaclSecurityDescriptor, RtlAddMandatoryAce, RtlCreateAcl, RtlCreateSecurityDescriptor, RtlAllocateAndInitializeSid, RtlTimeToSecondsSince1980, RtlRemovePrivileges, TpSetTimer, TpAllocTimer, NtOpenDirectoryObject, NtInitiatePowerAction, NtShutdownSystem, RtlNtStatusToDosError, NtClose, NtQueryInformationToken, NtOpenProcessToken, WinSqmStartSession, WinSqmEndSession, RtlGetNtProductType, RtlInitString, RtlDestroyEnvironment, RtlLengthSid, TpWaitForTimer, RtlGetDaclSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlAddAce, NtAdjustPrivilegesToken, NtDuplicateToken, RtlUnhandledExceptionFilter, NtQueryInformationProcess, TpReleaseTimer, NtSetInformationProcess, NtReplyPort, NtCompleteConnectPort, NtReplyWaitReceivePort, NtAcceptConnectPort, NtCreatePort, NtCreateEvent, DbgPrint, RtlFreeHeap, RtlAllocateHeap, NtOpenFile, RtlGUIDFromString, RtlStringFromGUID, NtOpenKey, NtEnumerateKey, NtQueryKey, NtQueryAttributesFile, NtUnloadKey, NtLoadKey, RtlSetOwnerSecurityDescriptor, RtlLengthSecurityDescriptor, RtlAddAccessAllowedAceEx, NtCreateKey, NtDeleteValueKey, NtQueryValueKey, NtSetValueKey, NtDeleteKey, LdrGetProcedureAddress, RtlInitAnsiString, LdrGetDllHandle, NtResetEvent, NtWaitForSingleObject, NtDeviceIoControlFile, RtlGetVersion, NtQuerySymbolicLinkObject, NtOpenSymbolicLinkObject, NtAllocateUuids, NtQuerySystemInformation, NtSystemDebugControl, RtlDuplicateUnicodeString, NtFilterToken, RtlEqualSid, RtlInitializeCriticalSection, RtlEnterCriticalSection, RtlLeaveCriticalSection, DbgBreakPoint, NtCreateToken, NtSetInformationToken, RtlCreateEnvironment, RtlInitUnicodeString, RtlQueryEnvironmentVariable_U, RtlSetEnvironmentVariable, RtlInitUnicodeStringEx, RtlCompareUnicodeString, NtOpenThreadToken, RtlpVerifyAndCommitUILanguageSettings, RtlDeleteCriticalSection, RtlFreeUnicodeString, RtlAdjustPrivilege Secur32.dll: LsaCallAuthenticationPackage, LsaFreeReturnBuffer, SeciAllocateAndSetIPAddress, SeciAllocateAndSetCallFlags, LsaLogonUser, SeciFreeCallContext, LsaRegisterLogonProcess, LsaLookupAuthenticationPackage, LsaGetLogonSessionData, ChangeAccountPasswordW, GetUserNameExW WINSTA.dll: WinStationGetUserCredentials, WinStationDisconnect, WinStationFreeUserCredentials, WinStationIsSessionPermitted, WinStationQueryInformationW, WinStationFreeMemory, WinStationReportUIResult, WinStationNegotiateSession, _WinStationWaitForConnect RPCRT4.dll: RpcServerUnsubscribeForNotification, RpcServerSubscribeForNotification, I_RpcBindingIsClientLocal, RpcServerUnregisterIf, RpcBindingVectorFree, RpcEpUnregister, RpcServerListen, RpcEpRegisterW, RpcServerRegisterIfEx, RpcServerUseProtseqW, NdrServerCall2, NdrAsyncServerCall, RpcRaiseException, RpcServerInqCallAttributesW, RpcServerTestCancel, NdrAsyncClientCall, RpcAsyncInitializeHandle, RpcAsyncCancelCall, RpcMgmtIsServerListening, RpcStringFreeW, RpcStringBindingComposeW, RpcBindingFromStringBindingW, RpcBindingSetAuthInfoExW, UuidFromStringW, NdrClientCall2, RpcBindingCreateW, RpcBindingBind, RpcBindingUnbind, RpcBindingFree, I_RpcExceptionFilter, RpcAsyncAbortCall, RpcAsyncCompleteCall, I_RpcMapWin32Status, I_RpcBindingInqLocalClientPID, RpcImpersonateClient, RpcRevertToSelf, RpcServerUseProtseqEpW, RpcServerInqBindings PSAPI.DLL: EnumProcessModules, GetModuleBaseNameW USERENV.dll: GetUserProfileDirectoryW, GetAllUsersProfileDirectoryW, -, - ExifTool: file metadata CharacterSet: Unicode CodeSize: 267776 CompanyName: Microsoft Corporation EntryPoint: 0x25eae FileDescription: Windows Logon Application FileFlagsMask: 0x003f FileOS: Windows NT 32-bit FileSize: 307 kB FileSubtype: 0 FileType: Win32 EXE FileVersion: 6.0.6002.18005 (lh_sp2rtm.090410-1830) FileVersionNumber: 6.0.6002.18005 ImageVersion: 6.0 InitializedDataSize: 48640 InternalName: winlogon LanguageCode: English (U.S.) LegalCopyright: Microsoft Corporation. All rights reserved. LinkerVersion: 8.0 MIMEType: application/octet-stream MachineType: Intel 386 or later, and compatibles OSVersion: 6.0 ObjectFileType: Executable application OriginalFilename: WINLOGON.EXE PEType: PE32 ProductName: Microsoft Windows Operating System ProductVersion: 6.0.6002.18005 ProductVersionNumber: 6.0.6002.18005 Subsystem: Windows GUI SubsystemVersion: 6.0 TimeStamp: 2009:04:11 06:31:01+02:00 UninitializedDataSize: 0

Le bouton post met un temps infini, voici un copié collé des résultats : 4 VT Community user(s) with a total of 9801 reputation credit(s) say(s) this sample is goodware. 1 VT Community user(s) with a total of 1 reputation credit(s) say(s) this sample is malware. File name: explorer.exe Submission date: 2011-08-23 17:58:04 (UTC) Current status: finished Result: 0/ 44 (0.0%) VT Community goodware Safety score: 100.0% 1 VT Community user(s) with a total of 8198 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: wininit.exe Submission date: 2011-08-23 18:07:13 (UTC) Current status: finished Result: 0/ 44 (0.0%) VT Community goodware Safety score: 100.0% 2 VT Community user(s) with a total of 8999 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: winlogon.exe Submission date: 2011-08-23 18:06:13 (UTC) Current status: finished Result: 1/ 44 (2.3%) VT Community goodware Safety score: 100.0% Compact Print results Antivirus Version Last Update Result AhnLab-V3 2011.08.23.01 2011.08.23 - AntiVir 7.11.13.192 2011.08.23 - Antiy-AVL 2.0.3.7 2011.08.23 - Avast 4.8.1351.0 2011.08.23 - Avast5 5.0.677.0 2011.08.23 - AVG 10.0.0.1190 2011.08.23 - BitDefender 7.2 2011.08.23 - ByteHero 1.0.0.1 2011.08.22 Trojan.Malware.Win32.xPack.g <<<<<< Détection ici<<<<<

Il a trouvé un problème avec volsnap. Le rapport : 2011/08/23 19:45:43.0170 6848 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57 2011/08/23 19:45:43.0310 6848 ================================================================================ 2011/08/23 19:45:43.0310 6848 SystemInfo: 2011/08/23 19:45:43.0310 6848 2011/08/23 19:45:43.0310 6848 OS Version: 6.0.6002 ServicePack: 2.0 2011/08/23 19:45:43.0310 6848 Product type: Workstation 2011/08/23 19:45:43.0310 6848 ComputerName: PC-FIXE 2011/08/23 19:45:43.0311 6848 UserName: Otter 2011/08/23 19:45:43.0311 6848 Windows directory: C:\Windows 2011/08/23 19:45:43.0311 6848 System windows directory: C:\Windows 2011/08/23 19:45:43.0311 6848 Processor architecture: Intel x86 2011/08/23 19:45:43.0311 6848 Number of processors: 2 2011/08/23 19:45:43.0311 6848 Page size: 0x1000 2011/08/23 19:45:43.0311 6848 Boot type: Normal boot 2011/08/23 19:45:43.0311 6848 ================================================================================ 2011/08/23 19:45:45.0792 6848 Initialize success 2011/08/23 19:45:51.0461 6920 ================================================================================ 2011/08/23 19:45:51.0462 6920 Scan started 2011/08/23 19:45:51.0462 6920 Mode: Manual; 2011/08/23 19:45:51.0462 6920 ================================================================================ 2011/08/23 19:45:54.0479 6920 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/08/23 19:45:54.0625 6920 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2011/08/23 19:45:54.0767 6920 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2011/08/23 19:45:54.0874 6920 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2011/08/23 19:45:54.0933 6920 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2011/08/23 19:45:55.0127 6920 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 2011/08/23 19:45:55.0215 6920 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 2011/08/23 19:45:55.0287 6920 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/08/23 19:45:55.0348 6920 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 2011/08/23 19:45:55.0399 6920 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 2011/08/23 19:45:55.0501 6920 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 2011/08/23 19:45:55.0551 6920 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2011/08/23 19:45:55.0606 6920 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 2011/08/23 19:45:55.0684 6920 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2011/08/23 19:45:55.0761 6920 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2011/08/23 19:45:56.0035 6920 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/08/23 19:45:56.0097 6920 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/08/23 19:45:56.0334 6920 atikmdag (7db96c2801a78513bdc133c25d07929e) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/23 19:45:56.0445 6920 AtiPcie (a356e45e8432432c06981ea63a1e0fe8) C:\Windows\system32\DRIVERS\AtiPcie.sys 2011/08/23 19:45:56.0573 6920 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/08/23 19:45:56.0759 6920 BlueletAudio (1d866faf96d7369a1817ab208c04cf55) C:\Windows\system32\DRIVERS\blueletaudio.sys 2011/08/23 19:45:56.0794 6920 BlueletSCOAudio (8fc27b12a02b43947787f0ef1885df9b) C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys 2011/08/23 19:45:56.0914 6920 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/08/23 19:45:56.0991 6920 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/08/23 19:45:57.0028 6920 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/08/23 19:45:57.0132 6920 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/08/23 19:45:57.0165 6920 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/08/23 19:45:57.0202 6920 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/08/23 19:45:57.0232 6920 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/08/23 19:45:57.0299 6920 BT (c5cce2b26f73f8cf7f3c82159e79aa08) C:\Windows\system32\DRIVERS\btnetdrv.sys 2011/08/23 19:45:57.0438 6920 Btcsrusb (d5d025b5f704817b42d13a3e443f7893) C:\Windows\system32\Drivers\btcusb.sys 2011/08/23 19:45:57.0483 6920 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/08/23 19:45:57.0531 6920 BTHidEnum (ce643d0918123d76a5caab008fca9663) C:\Windows\system32\Drivers\vbtenum.sys 2011/08/23 19:45:57.0563 6920 BTHidMgr (dfca4fe4c8aec786b4d0f432eb730f48) C:\Windows\system32\Drivers\BTHidMgr.sys 2011/08/23 19:45:57.0637 6920 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/08/23 19:45:57.0692 6920 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/08/23 19:45:57.0788 6920 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys 2011/08/23 19:45:57.0873 6920 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys 2011/08/23 19:45:57.0934 6920 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/08/23 19:45:58.0017 6920 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/08/23 19:45:58.0087 6920 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2011/08/23 19:45:58.0211 6920 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\Windows\system32\DRIVERS\cledx.sys 2011/08/23 19:45:58.0270 6920 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/08/23 19:45:58.0360 6920 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 2011/08/23 19:45:58.0476 6920 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys 2011/08/23 19:45:58.0522 6920 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2011/08/23 19:45:58.0580 6920 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2011/08/23 19:45:58.0826 6920 ctdvda2k (7dc675bdeddd4585eaab4f3c96b8ee95) C:\Windows\system32\drivers\ctdvda2k.sys 2011/08/23 19:45:59.0255 6920 ctsfm2k (e76c6a81b65ae230d0ddcffe3b06a806) C:\Windows\system32\drivers\ctsfm2k.sys 2011/08/23 19:45:59.0328 6920 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 2011/08/23 19:45:59.0457 6920 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/08/23 19:45:59.0592 6920 Dokan (e5e3b2808e716621220b295810204a82) C:\Windows\system32\drivers\dokan.sys 2011/08/23 19:45:59.0697 6920 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/08/23 19:45:59.0792 6920 DTVFW (48c4dc62675ff5fc1070d540aedb15c0) C:\Windows\system32\DRIVERS\dtvfw.sys 2011/08/23 19:45:59.0875 6920 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/08/23 19:45:59.0930 6920 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/08/23 19:45:59.0992 6920 eamonm (d78f1c5b7b01df050e011b4fffdb9048) C:\Windows\system32\DRIVERS\eamonm.sys 2011/08/23 19:46:00.0176 6920 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/08/23 19:46:00.0267 6920 ehdrv (3c747a0d8ce29720302972ac6ed09733) C:\Windows\system32\DRIVERS\ehdrv.sys 2011/08/23 19:46:00.0369 6920 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2011/08/23 19:46:00.0506 6920 epfw (5680e2c38ba53693d724b796e67e8261) C:\Windows\system32\DRIVERS\epfw.sys 2011/08/23 19:46:00.0592 6920 Epfwndis (d9585e144c31d409e28b205253459c3a) C:\Windows\system32\DRIVERS\Epfwndis.sys 2011/08/23 19:46:00.0660 6920 epfwwfp (80f1b9954907d59ee474790eee11605f) C:\Windows\system32\DRIVERS\epfwwfp.sys 2011/08/23 19:46:00.0903 6920 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/08/23 19:46:00.0965 6920 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/08/23 19:46:01.0035 6920 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2011/08/23 19:46:01.0316 6920 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/08/23 19:46:01.0376 6920 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/08/23 19:46:01.0406 6920 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/08/23 19:46:01.0495 6920 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/08/23 19:46:01.0549 6920 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/08/23 19:46:01.0645 6920 FTDIBUS (b283f1bc1ff852bd232449a4b3e3ce63) C:\Windows\system32\drivers\ftdibus.sys 2011/08/23 19:46:01.0703 6920 FTSER2K (23220a4709cc5785f9633ba71416145c) C:\Windows\system32\drivers\ftser2k.sys 2011/08/23 19:46:01.0741 6920 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2011/08/23 19:46:01.0951 6920 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/08/23 19:46:02.0022 6920 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/08/23 19:46:02.0089 6920 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/08/23 19:46:02.0145 6920 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/08/23 19:46:02.0237 6920 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/08/23 19:46:02.0288 6920 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2011/08/23 19:46:02.0398 6920 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys 2011/08/23 19:46:02.0462 6920 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2011/08/23 19:46:02.0551 6920 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/08/23 19:46:02.0597 6920 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2011/08/23 19:46:02.0682 6920 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/08/23 19:46:02.0871 6920 IntcAzAudAddService (3914ea9111dbeffaf1c68200817768ad) C:\Windows\system32\drivers\RTKVHDA.sys 2011/08/23 19:46:02.0954 6920 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys 2011/08/23 19:46:03.0029 6920 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/08/23 19:46:03.0174 6920 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2011/08/23 19:46:03.0261 6920 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/08/23 19:46:03.0359 6920 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/08/23 19:46:03.0392 6920 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 2011/08/23 19:46:03.0453 6920 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/08/23 19:46:03.0493 6920 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/08/23 19:46:03.0567 6920 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/08/23 19:46:03.0660 6920 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/08/23 19:46:03.0768 6920 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys 2011/08/23 19:46:03.0848 6920 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/08/23 19:46:03.0984 6920 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/08/23 19:46:04.0090 6920 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2011/08/23 19:46:04.0150 6920 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2011/08/23 19:46:04.0222 6920 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2011/08/23 19:46:04.0278 6920 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/08/23 19:46:04.0407 6920 LVcKap (8113133ec42dd6c566908008ce913edd) C:\Windows\system32\DRIVERS\LVcKap.sys 2011/08/23 19:46:04.0575 6920 LVMVDrv (0dd5b8af4917a2821047450195c511b3) C:\Windows\system32\DRIVERS\LVMVDrv.sys 2011/08/23 19:46:04.0628 6920 LVPr2Mon (406b1d186f75b4b4832d6237859e1b00) C:\Windows\system32\DRIVERS\LVPr2Mon.sys 2011/08/23 19:46:04.0727 6920 LVUSBSta (be5e104be263921d6842c555db6a5c23) C:\Windows\system32\drivers\LVUSBSta.sys 2011/08/23 19:46:04.0822 6920 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2011/08/23 19:46:04.0886 6920 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/08/23 19:46:04.0958 6920 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/08/23 19:46:05.0006 6920 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/08/23 19:46:05.0099 6920 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/08/23 19:46:05.0178 6920 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/08/23 19:46:05.0264 6920 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2011/08/23 19:46:05.0325 6920 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/08/23 19:46:05.0375 6920 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/08/23 19:46:05.0432 6920 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/08/23 19:46:05.0494 6920 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/08/23 19:46:05.0534 6920 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/08/23 19:46:05.0604 6920 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/08/23 19:46:05.0660 6920 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 2011/08/23 19:46:05.0699 6920 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2011/08/23 19:46:05.0781 6920 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/08/23 19:46:05.0861 6920 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/08/23 19:46:05.0957 6920 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/08/23 19:46:06.0013 6920 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/08/23 19:46:06.0070 6920 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/08/23 19:46:06.0202 6920 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/08/23 19:46:06.0240 6920 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/08/23 19:46:06.0299 6920 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/08/23 19:46:06.0345 6920 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/08/23 19:46:06.0434 6920 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/08/23 19:46:06.0533 6920 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/08/23 19:46:06.0614 6920 Ndisprot (d3cc1a514fd1ae44a7ed3c5e170961c7) C:\Windows\system32\drivers\Ndisprot.sys 2011/08/23 19:46:06.0702 6920 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/08/23 19:46:06.0757 6920 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/08/23 19:46:06.0802 6920 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/08/23 19:46:06.0871 6920 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/08/23 19:46:06.0949 6920 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/08/23 19:46:07.0009 6920 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/08/23 19:46:07.0112 6920 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/08/23 19:46:07.0199 6920 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/08/23 19:46:07.0266 6920 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/08/23 19:46:07.0380 6920 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/08/23 19:46:07.0491 6920 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/08/23 19:46:07.0545 6920 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/08/23 19:46:07.0610 6920 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 2011/08/23 19:46:07.0646 6920 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 2011/08/23 19:46:07.0688 6920 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 2011/08/23 19:46:07.0817 6920 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 2011/08/23 19:46:07.0927 6920 ossrv (58ed675e69dbe2f58213ec5577d9606a) C:\Windows\system32\drivers\ctoss2k.sys 2011/08/23 19:46:07.0992 6920 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/08/23 19:46:08.0053 6920 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/08/23 19:46:08.0104 6920 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/08/23 19:46:08.0176 6920 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/08/23 19:46:08.0267 6920 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 2011/08/23 19:46:08.0313 6920 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/08/23 19:46:08.0404 6920 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/08/23 19:46:08.0524 6920 PID_0928 (3551190e9cf1eb4c0971bdef4269ca25) C:\Windows\system32\DRIVERS\LV561AV.SYS 2011/08/23 19:46:08.0666 6920 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/08/23 19:46:08.0705 6920 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2011/08/23 19:46:08.0809 6920 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys 2011/08/23 19:46:08.0898 6920 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/08/23 19:46:08.0998 6920 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys 2011/08/23 19:46:09.0114 6920 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2011/08/23 19:46:09.0166 6920 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/08/23 19:46:09.0262 6920 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/08/23 19:46:09.0496 6920 R300 (7db96c2801a78513bdc133c25d07929e) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/23 19:46:09.0585 6920 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/08/23 19:46:09.0674 6920 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/08/23 19:46:09.0746 6920 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/08/23 19:46:09.0786 6920 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/08/23 19:46:09.0851 6920 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/08/23 19:46:09.0910 6920 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/08/23 19:46:09.0996 6920 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 2011/08/23 19:46:10.0079 6920 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/08/23 19:46:10.0149 6920 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/08/23 19:46:10.0349 6920 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/08/23 19:46:10.0402 6920 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys 2011/08/23 19:46:10.0503 6920 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/08/23 19:46:10.0554 6920 RTL8023xp (959ef612d2ccfdb6d9e443f8e3655013) C:\Windows\system32\DRIVERS\Rtnicxp.sys 2011/08/23 19:46:10.0606 6920 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/08/23 19:46:10.0686 6920 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/08/23 19:46:10.0754 6920 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys 2011/08/23 19:46:10.0811 6920 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/08/23 19:46:10.0875 6920 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/08/23 19:46:10.0945 6920 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys 2011/08/23 19:46:10.0983 6920 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 2011/08/23 19:46:11.0018 6920 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys 2011/08/23 19:46:11.0056 6920 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/08/23 19:46:11.0123 6920 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 2011/08/23 19:46:11.0203 6920 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2011/08/23 19:46:11.0242 6920 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2011/08/23 19:46:11.0381 6920 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/08/23 19:46:11.0587 6920 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/08/23 19:46:11.0637 6920 SRS_SSCFilter (009618405f788414d7ead8bb9e6b03c3) C:\Windows\system32\drivers\srs_sscfilter_i386.sys 2011/08/23 19:46:11.0717 6920 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/08/23 19:46:11.0789 6920 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 2011/08/23 19:46:11.0856 6920 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 2011/08/23 19:46:11.0950 6920 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/08/23 19:46:12.0005 6920 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/08/23 19:46:12.0048 6920 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/08/23 19:46:12.0155 6920 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/08/23 19:46:12.0273 6920 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/08/23 19:46:12.0326 6920 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/08/23 19:46:12.0386 6920 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/08/23 19:46:12.0450 6920 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/08/23 19:46:12.0491 6920 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/08/23 19:46:12.0555 6920 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/08/23 19:46:12.0615 6920 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/08/23 19:46:12.0731 6920 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/08/23 19:46:12.0838 6920 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/08/23 19:46:12.0912 6920 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/08/23 19:46:12.0969 6920 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\Windows\system32\DRIVERS\TVICHW32.SYS 2011/08/23 19:46:13.0020 6920 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2011/08/23 19:46:13.0105 6920 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/08/23 19:46:13.0216 6920 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 2011/08/23 19:46:13.0280 6920 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2011/08/23 19:46:13.0316 6920 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/08/23 19:46:13.0378 6920 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/08/23 19:46:13.0431 6920 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/08/23 19:46:13.0531 6920 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 2011/08/23 19:46:13.0570 6920 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/08/23 19:46:13.0612 6920 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/08/23 19:46:13.0667 6920 usbdtv (f6fc9680969b0ad9de027e31f6338fef) C:\Windows\system32\Drivers\usbdtv.sys 2011/08/23 19:46:13.0736 6920 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/08/23 19:46:13.0772 6920 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/08/23 19:46:13.0821 6920 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys 2011/08/23 19:46:13.0886 6920 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/08/23 19:46:13.0973 6920 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/08/23 19:46:14.0013 6920 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/08/23 19:46:14.0141 6920 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/08/23 19:46:14.0326 6920 VComm (51750b0539986186c6931fc40d171521) C:\Windows\system32\DRIVERS\VComm.sys 2011/08/23 19:46:14.0434 6920 VcommMgr (6d9c891c0a761afed1f3609c2e56f2b9) C:\Windows\system32\Drivers\VcommMgr.sys 2011/08/23 19:46:14.0538 6920 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/08/23 19:46:14.0590 6920 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/08/23 19:46:14.0631 6920 VHidMinidrv (b2a7f67df95e5fff5129734f854b7705) C:\Windows\system32\drivers\VHIDMini.sys 2011/08/23 19:46:14.0670 6920 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 2011/08/23 19:46:14.0707 6920 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2011/08/23 19:46:14.0770 6920 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 2011/08/23 19:46:14.0823 6920 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/08/23 19:46:14.0892 6920 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/08/23 19:46:14.0946 6920 volsnap (e269bb33062f9a6b4115c86781d767aa) C:\Windows\system32\drivers\volsnap.sys 2011/08/23 19:46:14.0949 6920 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: e269bb33062f9a6b4115c86781d767aa, Fake md5: 147281c01fcb1df9252de2a10d5e7093 2011/08/23 19:46:14.0962 6920 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0) 2011/08/23 19:46:15.0011 6920 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2011/08/23 19:46:15.0105 6920 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/08/23 19:46:15.0184 6920 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/23 19:46:15.0253 6920 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/23 19:46:15.0314 6920 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 2011/08/23 19:46:15.0383 6920 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/08/23 19:46:15.0570 6920 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys 2011/08/23 19:46:15.0688 6920 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/08/23 19:46:15.0815 6920 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/08/23 19:46:15.0899 6920 MBR (0x1B8) (8913823ff508ccf109db74b636c301da) \Device\Harddisk<UNK>\DR<UNK>(0) 2011/08/23 19:46:15.0951 6920 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk<UNK>\DR<UNK>(1) 2011/08/23 19:46:15.0976 6920 Boot (0x1200) (e6c9f9321cb53d5558db2db690899c59) \Device\Harddisk<UNK>\DR<UNK>(0)\Partition0 2011/08/23 19:46:16.0004 6920 Boot (0x1200) (3ece015f80f1d03fb7d5923cd31b639b) \Device\Harddisk<UNK>\DR<UNK>(0)\Partition1 2011/08/23 19:46:16.0031 6920 Boot (0x1200) (60c5729d833b0736cba06c0942de8d3a) \Device\Harddisk<UNK>\DR<UNK>(1)\Partition0 2011/08/23 19:46:16.0048 6920 ================================================================================ 2011/08/23 19:46:16.0048 6920 Scan finished 2011/08/23 19:46:16.0049 6920 ================================================================================ 2011/08/23 19:46:16.0071 6908 Detected object count: 1 2011/08/23 19:46:16.0146 6908 Actual detected object count: 1 2011/08/23 19:46:29.0793 6908 volsnap (e269bb33062f9a6b4115c86781d767aa) C:\Windows\system32\drivers\volsnap.sys 2011/08/23 19:46:29.0794 6908 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: e269bb33062f9a6b4115c86781d767aa, Fake md5: 147281c01fcb1df9252de2a10d5e7093 2011/08/23 19:46:35.0126 6908 Backup copy found, using it.. 2011/08/23 19:46:35.0373 6908 C:\Windows\system32\drivers\volsnap.sys - will be cured after reboot 2011/08/23 19:46:35.0373 6908 Rootkit.Win32.TDSS.tdl3(volsnap) - User select action: Cure

Bonjour, Depuis quelques temps, mon PC fait des siennes : - des pub s'ouvrent seules ; - je suis redirigé lors de mes recherches sur gomeo ; - mon deuxième disque dur n'est pas reconnus à chaque fois, pendant un temps il a été reconnu comme un périphérique USB ; - mon antivirus ESET ne se lance plus au démarrage. Malwarebit n'a rien détecté. Mons antivirus avait détecté et mis des fichiers en quarantaine, mais ça continue. Si quelqu'un peut m'aider dans les manipulations pour désinfecter ce PC, je l'en remercie d'avance. telkel