Maliia

Fait mais toujours ce foutu message

Merci infiniment de ton aide Même si le message d'erreur résiste, cette désinfection n'aura pas fait de mal à mon ordi bien au contraire! Je vais voir sur vista-xp.fr si ils y voient plus clair. A bientôt

Oui oui, j'ai bien essayé de le chercher manuellement mais rien non plus. Je lance Delfix. 1er rapport : # DelFix v8.6 - Rapport créé le 30/11/2011 à 21:19:28 # Mis à jour le 13/10/11 à 18h par Xplode # Système d'exploitation : Windows Vista Home Premium Service Pack 2 (32 bits) # Nom d'utilisateur : Magali - PC-DE-MAGALI (Administrateur) # Exécuté depuis : C:\Users\Magali\Desktop\delfix.exe # Option [Recherche] ~~~~~~ Dossiers(s) ~~~~~~ Présent : C:\Qoobox Présent : C:\Navilog1 Présent : C:\USBFix Présent : C:\_OTM Présent : C:\Combofix Présent : C:\ZHP Présent : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP Présent : C:\Program Files\Navilog1 Présent : C:\Program Files\ZHPDiag ~~~~~~ Fichier(s) ~~~~~~ Présent : C:\AdwCleaner[s1].txt Présent : C:\cleannavi.txt Présent : C:\ComboFix.txt Présent : C:\PhysicalDisk0_MBR.bin Présent : C:\TDSSKiller.2.6.21.0_29.11.2011_22.38.49_log.txt Présent : C:\UsbFix.txt Présent : C:\UsbFix_Upload_Me_PC-DE-MAGALI.zip Présent : C:\Users\Magali\Desktop\adwcleaner.exe Présent : C:\Users\Magali\Desktop\AdwCleaner[s1].txt Présent : C:\Users\Magali\Desktop\ComboFix.exe Présent : C:\Users\Magali\Desktop\combofix.txt Présent : C:\Users\Magali\Desktop\MBRCheck.lnk Présent : C:\Users\Magali\Desktop\Navilog1.exe Présent : C:\Users\Magali\Desktop\OTM.exe Présent : C:\Users\Magali\Desktop\TDSSKiller.exe Présent : C:\Users\Magali\Desktop\UsbFix.exe Présent : C:\Users\Magali\Desktop\ZHPDiag.lnk Présent : C:\Users\Magali\Desktop\ZHPDiag.txt Présent : C:\Users\Magali\Desktop\ZHPDiag1.txt Présent : C:\Users\Magali\Desktop\ZHPFix.lnk Présent : C:\Users\Magali\Downloads\spybotsd160.exe Présent : C:\Windows\grep.exe Présent : C:\Windows\PEV.exe Présent : C:\Windows\NIRCMD.exe Présent : C:\Windows\MBR.exe Présent : C:\Windows\SED.exe Présent : C:\Windows\SWREG.exe Présent : C:\Windows\SWSC.exe Présent : C:\Windows\SWXCACLS.exe Présent : C:\Windows\Zip.exe ~~~~~~ Registre ~~~~~~ Clé Présente : HKCU\Software\USBFix Clé Présente : HKLM\SOFTWARE\OldTimer Tools Clé Présente : HKLM\SOFTWARE\AdwCleaner Clé Présente : HKLM\SOFTWARE\Swearware Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ~~~~~~ Autres ~~~~~~ ************************* DelFix[R1].txt - [2367 octets] - [30/11/2011 21:19:28] ########## EOF - C:\DelFix[R1].txt - [2491 octets] ########## 2ème rapport : # DelFix v8.6 - Rapport créé le 30/11/2011 à 21:20:50 # Mis à jour le 13/10/11 à 18h par Xplode # Système d'exploitation : Windows Vista Home Premium Service Pack 2 (32 bits) # Nom d'utilisateur : Magali - PC-DE-MAGALI (Administrateur) # Exécuté depuis : C:\Users\Magali\Desktop\delfix.exe # Option [suppression] ~~~~~~ Dossiers(s) ~~~~~~ Supprimé : C:\Qoobox Supprimé : C:\Navilog1 Supprimé : C:\USBFix Supprimé : C:\_OTM Supprimé : C:\Combofix Supprimé : C:\ZHP Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP Supprimé : C:\Program Files\Navilog1 Supprimé : C:\Program Files\ZHPDiag ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\AdwCleaner[s1].txt Supprimé : C:\cleannavi.txt Supprimé : C:\ComboFix.txt Supprimé : C:\PhysicalDisk0_MBR.bin Supprimé : C:\TDSSKiller.2.6.21.0_29.11.2011_22.38.49_log.txt Supprimé : C:\UsbFix.txt Supprimé : C:\UsbFix_Upload_Me_PC-DE-MAGALI.zip Supprimé : C:\Users\Magali\Desktop\adwcleaner.exe Supprimé : C:\Users\Magali\Desktop\AdwCleaner[s1].txt Supprimé : C:\Users\Magali\Desktop\ComboFix.exe Supprimé : C:\Users\Magali\Desktop\combofix.txt Supprimé : C:\Users\Magali\Desktop\MBRCheck.lnk Supprimé : C:\Users\Magali\Desktop\Navilog1.exe Supprimé : C:\Users\Magali\Desktop\OTM.exe Supprimé : C:\Users\Magali\Desktop\TDSSKiller.exe Supprimé : C:\Users\Magali\Desktop\UsbFix.exe Supprimé : C:\Users\Magali\Desktop\ZHPDiag.lnk Supprimé : C:\Users\Magali\Desktop\ZHPDiag.txt Supprimé : C:\Users\Magali\Desktop\ZHPDiag1.txt Supprimé : C:\Users\Magali\Desktop\ZHPFix.lnk Supprimé : C:\Users\Magali\Downloads\spybotsd160.exe Supprimé : C:\Windows\grep.exe Supprimé : C:\Windows\PEV.exe Supprimé : C:\Windows\NIRCMD.exe Supprimé : C:\Windows\MBR.exe Supprimé : C:\Windows\SED.exe Supprimé : C:\Windows\SWREG.exe Supprimé : C:\Windows\SWSC.exe Supprimé : C:\Windows\SWXCACLS.exe Supprimé : C:\Windows\Zip.exe ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKCU\Software\USBFix Clé Supprimée : HKLM\SOFTWARE\OldTimer Tools Clé Supprimée : HKLM\SOFTWARE\AdwCleaner Clé Supprimée : HKLM\SOFTWARE\Swearware Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ~~~~~~ Autres ~~~~~~ -> Prefetch Vidé ************************* DelFix[R1].txt - [2488 octets] - [30/11/2011 21:19:28] DelFix[s1].txt - [2489 octets] - [30/11/2011 21:20:50] ########## EOF - C:\DelFix[s1].txt - [2613 octets] ##########

Finalement ça n'a pas changé grand chose : All processes killed Error: Unable to interpret <Go> in the current context! ========== FILES ========== File/Folder C:\Users\Magali\AppData\Local\Temp\RarSFX0 not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Magali ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 432829 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 21193807 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 343 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 1055 bytes Total Files Cleaned = 21,00 mb OTM by OldTimer - Version 3.1.19.0 log created on 11302011_205706

Je viens de me rendre compte d'une bétise de ma part La photo que je t'ai mise au début est celle d'un autre utilisateur du forum qui a eu le même problème que moi (c'est comme ça que je vous ai découvert). Le message étant le même sauf que forcément c'est pas loic mais magali que j'aurais dû écrire dans OTM (oui je sais pour le coup je suis un gros boulet, lol) Je relance cette procédure avec le bon chemin et je poste le rapport. Désolé :-S

Juste une petite question avant de lancer DelFix : Se pourrait-il qu'OTM n'est pas trouvé le fichier car il s'agit de RarSFX0 au lieu de RarSFXO? Le message vient de réapparaître et il me semble qu'à la fin se soit un zéro majuscule. (C'est peut-être complètement idiot mais je préfère poser la question à tout hasard)

Ok j'oublie Norton alors! All processes killed Error: Unable to interpret <Go> in the current context! ========== FILES ========== File/Folder c:\users\loic\AppData\Local\Temp\RarSFXO not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 41 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Magali ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 783702 bytes ->Java cache emptied: 28139021 bytes ->FireFox cache emptied: 58234099 bytes ->Google Chrome cache emptied: 417249359 bytes ->Opera cache emptied: 118244 bytes ->Flash cache emptied: 3153 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 6434571478 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 279440 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 2686323 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 6 620,00 mb OTM by OldTimer - Version 3.1.19.0 log created on 11302011_184211

J'oubliais de préciser, au redémarrage j'ai encore eu le message.

Ah oui, quand même! Je ne pensais pas que c'était aussi sérieux! Pourtant je suis sous Norton internet security depuis environ 9 mois qui est aussi payant. Quitte à payer autant avoir le meilleur, c'est clair. Norton n'est pas aussi fiable que Kaspersky? Voilà le rapport après suppression : ############################## | UsbFix V 7.071 | [suppression] Utilisateur: Magali (Administrateur) # PC-DE-MAGALI Mis à jour le 30/11/2011 par El Desaparecido Lancé à 18:08:42 | 30/11/2011 Site Web: El Desaparecido Fichier suspect ? : Support Contact: contact@eldesaparecido.com PC: Hewlett-Packard (HP Pavilion dv5 Notebook PC) (X86-based PC) # Notebook CPU: Intel® Core2 Duo CPU T5800 @ 2.00GHz (2000) RAM -> [ Total : 3068 | Free : 1554 ] BIOS: Default System BIOS BOOT: Normal boot OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [ Enabled ] WU: Windows Update Service [ Enabled ] AV: Norton Internet Security [ (!) Disabled | Updated ] FW: Windows FireWall Service [ Enabled ] C:\ (%systemdrive%) -> Disque fixe # 224 Go (20 Go libre(s) - 9%) [] # NTFS D:\ -> Disque fixe # 9 Go (2 Go libre(s) - 18%) [HP_RECOVERY] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM H:\ -> Disque amovible # 7 Go (2 Go libre(s) - 27%) [CLE USB] # FAT32 ################## | Processus Actif | C:\Windows\system32\csrss.exe (612) C:\Windows\system32\wininit.exe (664) C:\Windows\system32\csrss.exe (672) C:\Windows\system32\services.exe (712) C:\Windows\system32\lsass.exe (724) C:\Windows\system32\lsm.exe (732) C:\Windows\system32\svchost.exe (880) C:\Windows\system32\nvvsvc.exe (924) C:\Windows\system32\svchost.exe (952) C:\Windows\system32\winlogon.exe (992) C:\Windows\System32\svchost.exe (1024) C:\Windows\System32\svchost.exe (1080) C:\Windows\System32\svchost.exe (1112) C:\Windows\system32\svchost.exe (1128) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe (1160) C:\Windows\system32\svchost.exe (1440) C:\Windows\system32\SLsvc.exe (1456) C:\Windows\system32\svchost.exe (1492) C:\Windows\system32\nvvsvc.exe (1552) C:\Windows\system32\Hpservice.exe (1596) C:\Windows\system32\svchost.exe (1704) C:\Windows\System32\spoolsv.exe (1900) C:\Windows\system32\svchost.exe (1928) C:\Windows\system32\WLANExt.exe (1984) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (168) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (604) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe (704) C:\Windows\system32\svchost.exe (656) C:\Windows\system32\FsUsbExService.Exe (1388) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (1656) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2056) C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (2120) C:\Windows\system32\svchost.exe (2164) C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe (2180) C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe (2252) C:\Windows\SMINST\BLService.exe (2280) C:\Program Files\CyberLink\Shared Files\RichVideo.exe (2336) C:\Windows\system32\svchost.exe (2380) C:\Windows\System32\svchost.exe (2432) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2492) C:\Windows\system32\SearchIndexer.exe (2580) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2632) C:\Windows\system32\DllHost.exe (2972) C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (3312) C:\Windows\system32\Dwm.exe (3372) C:\Windows\system32\taskeng.exe (3496) C:\Windows\system32\taskeng.exe (3752) C:\Program Files\Windows Defender\MSASCui.exe (3952) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (3960) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (3980) C:\Program Files\IDT\WDM\sttray.exe (4008) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2576) C:\Windows\ehome\ehtray.exe (1468) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3276) C:\Program Files\Windows Media Player\wmpnscfg.exe (3388) C:\Windows\ehome\ehmsas.exe (3732) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (1472) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (268) C:\Program Files\Windows Media Player\wmpnetwk.exe (872) C:\Windows\system32\wbem\wmiprvse.exe (3288) C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE (4196) C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (4380) C:\Windows\system32\svchost.exe (6040) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (4304) C:\Windows\system32\wbem\unsecapp.exe (4816) C:\Windows\system32\conime.exe (1792) C:\Windows\explorer.exe (4704) C:\Windows\System32\svchost.exe (4192) C:\Windows\System32\mobsync.exe (1428) c:\program files\windows defender\MpCmdRun.exe (4796) C:\Program Files\Google\Chrome\Application\chrome.exe (5396) C:\Program Files\Google\Chrome\Application\chrome.exe (2228) C:\Program Files\Google\Chrome\Application\chrome.exe (4804) C:\Program Files\Google\Chrome\Application\chrome.exe (5348) C:\Windows\system32\rundll32.exe (5168) C:\Program Files\Google\Chrome\Application\chrome.exe (3576) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (5844) C:\UsbFix\UsbFix.exe (5200) C:\Windows\system32\wbem\wmiprvse.exe (5060) C:\Windows\system32\WUDFHost.exe (4240) ################## | Processus Stoppés | Stoppé! C:\Windows\system32\nvvsvc.exe (924) Stoppé! C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe (1160) Stoppé! C:\Windows\system32\SLsvc.exe (1456) Stoppé! C:\Windows\system32\nvvsvc.exe (1552) Stoppé! C:\Windows\system32\Hpservice.exe (1596) Stoppé! C:\Windows\System32\spoolsv.exe (1900) Stoppé! C:\Windows\system32\WLANExt.exe (1984) Stoppé! C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (168) Stoppé! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (604) Stoppé! C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe (704) Stoppé! C:\Windows\system32\FsUsbExService.Exe (1388) Stoppé! C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (1656) Stoppé! C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2056) Stoppé! C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (2120) Stoppé! C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe (2180) Stoppé! C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe (2252) Stoppé! C:\Windows\SMINST\BLService.exe (2280) Stoppé! C:\Program Files\CyberLink\Shared Files\RichVideo.exe (2336) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2492) Stoppé! C:\Windows\system32\SearchIndexer.exe (2580) Stoppé! C:\Windows\system32\DllHost.exe (2972) Stoppé! C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (3312) Stoppé! C:\Windows\system32\taskeng.exe (3496) Stoppé! C:\Windows\system32\taskeng.exe (3752) Stoppé! C:\Program Files\Windows Defender\MSASCui.exe (3952) Stoppé! C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (3960) Stoppé! C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (3980) Stoppé! C:\Program Files\IDT\WDM\sttray.exe (4008) Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2576) Stoppé! C:\Windows\ehome\ehtray.exe (1468) Stoppé! C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3276) Stoppé! C:\Program Files\Windows Media Player\wmpnscfg.exe (3388) Stoppé! C:\Windows\ehome\ehmsas.exe (3732) Stoppé! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (1472) Stoppé! C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (268) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (872) Stoppé! C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE (4196) Stoppé! C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (4380) Stoppé! c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (4304) Stoppé! C:\Windows\system32\conime.exe (1792) Stoppé! c:\program files\windows defender\MpCmdRun.exe (4796) Stoppé! C:\Windows\system32\WUDFHost.exe (4240) ################## | Éléments infectieux | Supprimé! C:\Users\Magali\AppData\Roaming\filterclsid.dat Supprimé! C:\Users\Magali\AppData\Roaming\GDIPFONTCACHEV1.DAT Supprimé! C:\Users\Magali\AppData\Roaming\wklnhst.dat Supprimé! C:\$RECYCLE.BIN\S-1-5-21-646576911-2875240725-4201035412-1000 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-646576911-2875240725-4201035412-1000 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-646576911-2875240725-4201035412-500 (!) Fichiers temporaires supprimés. ################## | Registre | Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives ################## | Mountpoints2 | ################## | Listing | [30/11/2011 - 18:10:58 | SHD ] C:\$RECYCLE.BIN [26/06/2009 - 15:19:46 | D ] C:\300_Icones [29/11/2011 - 22:31:20 | N | 5351] C:\AdwCleaner[s1].txt [02/07/2008 - 08:44:35 | N | 74] C:\autoexec.bat [05/10/2009 - 09:02:26 | D ] C:\boot [11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr [29/11/2011 - 23:16:10 | N | 1479] C:\cleannavi.txt [15/11/2011 - 17:53:06 | N | 74] C:\CMLoader.log [30/11/2011 - 15:43:22 | D ] C:\ComboFix [30/11/2011 - 15:43:13 | N | 20867] C:\ComboFix.txt [18/09/2006 - 22:43:37 | N | 10] C:\config.sys [22/02/2009 - 22:16:58 | N | 169] C:\Debug.log [02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings [07/11/2007 - 08:00:40 | N | 17734] C:\eula.1028.txt [07/11/2007 - 08:00:40 | N | 17734] C:\eula.1031.txt [07/11/2007 - 08:00:40 | N | 10134] C:\eula.1033.txt [07/11/2007 - 08:00:40 | N | 17734] C:\eula.1036.txt [07/11/2007 - 08:00:40 | N | 17734] C:\eula.1040.txt [07/11/2007 - 08:00:40 | N | 118] C:\eula.1041.txt [07/11/2007 - 08:00:40 | N | 17734] C:\eula.1042.txt [07/11/2007 - 08:00:40 | N | 17734] C:\eula.2052.txt [07/11/2007 - 08:00:40 | N | 17734] C:\eula.3082.txt [22/12/2009 - 19:19:30 | D ] C:\Fraps [01/06/2009 - 13:30:08 | D ] C:\Games [07/11/2007 - 08:00:40 | N | 1110] C:\globdata.ini [30/11/2011 - 13:40:31 | ASH | 3216244736] C:\hiberfil.sys [04/11/2008 - 18:03:30 | D ] C:\HP [07/11/2007 - 08:00:40 | N | 843] C:\install.ini [07/11/2007 - 08:03:18 | N | 76304] C:\install.res.1028.dll [07/11/2007 - 08:03:18 | N | 96272] C:\install.res.1031.dll [07/11/2007 - 08:03:18 | N | 91152] C:\install.res.1033.dll [07/11/2007 - 08:03:18 | N | 97296] C:\install.res.1036.dll [07/11/2007 - 08:03:18 | N | 95248] C:\install.res.1040.dll [07/11/2007 - 08:03:18 | N | 81424] C:\install.res.1041.dll [07/11/2007 - 08:03:18 | N | 79888] C:\install.res.1042.dll [07/11/2007 - 08:03:18 | N | 75792] C:\install.res.2052.dll [07/11/2007 - 08:03:18 | N | 96272] C:\install.res.3082.dll [27/09/2008 - 00:24:29 | D ] C:\Intel [10/12/2008 - 14:04:20 | N | 0] C:\IO.SYS [04/11/2008 - 18:03:30 | N | 373] C:\IPH.PH [19/03/2010 - 21:51:14 | D ] C:\Lyrics [12/10/2009 - 09:58:40 | D ] C:\Microgaming [10/12/2008 - 14:04:20 | N | 0] C:\MSDOS.SYS [02/07/2008 - 08:54:20 | RD ] C:\MSOCache [21/12/2010 - 18:00:55 | D ] C:\My Lockbox [29/11/2011 - 23:16:15 | D ] C:\Navilog1 [29/02/2004 - 16:44:34 | N | 52576] C:\orange.bmp [06/12/2010 - 21:42:50 | N | 642] C:\os618886.bin [30/11/2011 - 13:40:29 | ASH | 3532079104] C:\pagefile.sys [21/01/2008 - 03:32:31 | D ] C:\PerfLogs [23/11/2010 - 15:45:41 | D ] C:\Perl [21/06/2009 - 17:55:51 | D ] C:\Philips [29/11/2011 - 23:40:48 | N | 512] C:\PhysicalDisk0_MBR.bin [29/11/2011 - 23:59:27 | D ] C:\Program Files [29/11/2011 - 23:59:31 | D ] C:\ProgramData [30/11/2011 - 15:43:21 | D ] C:\Qoobox [01/06/2009 - 13:04:10 | D ] C:\SIERRA [02/12/2008 - 20:58:31 | D ] C:\SwSetup [30/11/2011 - 13:42:36 | SHD ] C:\System Volume Information [04/11/2008 - 18:02:18 | D ] C:\System.sav [29/11/2011 - 22:47:30 | N | 85222] C:\TDSSKiller.2.6.21.0_29.11.2011_22.38.49_log.txt [21/06/2009 - 18:03:04 | D ] C:\Temp [04/11/2008 - 22:02:47 | D ] C:\Téléchargement [30/11/2011 - 18:10:58 | D ] C:\UsbFix [30/11/2011 - 18:09:20 | A | 12164] C:\UsbFix.txt [28/02/2010 - 14:22:19 | D ] C:\Users [07/11/2007 - 08:00:40 | N | 5686] C:\vcredist.bmp [07/11/2007 - 08:09:22 | N | 1442522] C:\VC_RED.cab [07/11/2007 - 08:12:28 | N | 232960] C:\VC_RED.MSI [06/12/2010 - 23:42:13 | N | 6080] C:\video.pass [26/06/2009 - 15:24:33 | D ] C:\vista icones [30/11/2011 - 16:01:12 | D ] C:\Windows [29/11/2011 - 23:36:07 | D ] C:\ZHP [25/09/2011 - 17:35:25 | D ] C:\_AcroTemp [30/11/2011 - 18:10:58 | D ] D:\$RECYCLE.BIN [04/11/2008 - 18:00:55 | N | 13] D:\BLOCK.RIN [27/09/2008 - 00:46:57 | D ] D:\boot [03/10/2006 - 23:02:44 | SH | 438328] D:\bootmgr [26/03/2008 - 16:08:32 | SH | 1089] D:\Desktop.ini [10/09/2002 - 16:14:28 | N | 8134] D:\Folder.htt [27/09/2008 - 00:47:30 | D ] D:\HP [22/11/2008 - 14:52:20 | N | 22] D:\HPCD.sys [30/11/2011 - 18:08:28 | N | 209] D:\MASTER.LOG [22/11/2008 - 14:52:20 | D ] D:\PRELOAD [16/09/2002 - 14:37:48 | N | 181898] D:\protect.chinese hong kong [16/09/2002 - 14:37:40 | N | 181916] D:\protect.chinese simplified [16/09/2002 - 14:37:48 | N | 181898] D:\protect.chinese traditional [27/04/2006 - 16:19:40 | N | 181865] D:\protect.czech [03/11/2005 - 15:21:26 | N | 181726] D:\protect.danish [10/09/2002 - 13:56:12 | N | 181605] D:\protect.dutch [10/09/2002 - 13:50:18 | N | 181651] D:\protect.ed [22/11/2004 - 15:28:30 | N | 181648] D:\protect.english [03/11/2005 - 15:20:20 | N | 181673] D:\protect.finnish [03/11/2005 - 15:19:52 | N | 181736] D:\protect.french [03/11/2005 - 15:18:10 | N | 181669] D:\protect.german [23/11/2005 - 15:56:46 | N | 182689] D:\protect.greek [23/01/2006 - 09:18:00 | N | 182605] D:\protect.hebrew [28/08/2007 - 14:58:08 | N | 181696] D:\protect.hungarian [03/11/2005 - 15:17:00 | N | 181554] D:\protect.italian [19/06/2007 - 15:22:10 | N | 182351] D:\protect.japanese [24/11/2005 - 11:24:44 | N | 218295] D:\protect.korean [03/11/2005 - 15:15:12 | N | 181578] D:\protect.norwegian [25/04/2006 - 14:44:10 | N | 181789] D:\protect.polish [03/11/2005 - 15:13:12 | N | 181624] D:\protect.portuguese [27/10/2005 - 19:24:10 | N | 181882] D:\protect.portuguese brazilian [28/06/2004 - 08:52:46 | N | 211936] D:\protect.russian [03/11/2005 - 15:11:46 | N | 181586] D:\protect.spanish [10/09/2002 - 14:15:06 | N | 181602] D:\protect.swedish [12/08/2003 - 10:37:30 | N | 181783] D:\protect.turkish [22/11/2008 - 13:35:29 | N | 26] D:\RCBoot.sys [27/09/2008 - 00:46:56 | RD ] D:\RECOVERY [27/09/2008 - 00:47:01 | D ] D:\SOURCES [30/11/2011 - 13:42:36 | SHD ] D:\System Volume Information [27/09/2008 - 00:47:22 | D ] D:\Tools [27/09/2008 - 00:47:04 | D ] D:\WINDOWS ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-MAGALI.zip http://eldesaparecido.com/upload.htmlp Merci de votre contribution. ################## | Reboot | L'ordinateur à été redémarré! ################## | E.O.F |

Ok, on continue Voici le rapport : ############################## | UsbFix V 7.071 | [Recherche] Utilisateur: Magali (Administrateur) # PC-DE-MAGALI Mis à jour le 30/11/2011 par El Desaparecido Lancé à 17:48:35 | 30/11/2011 Site Web: El Desaparecido Fichier suspect ? : Support Contact: contact@eldesaparecido.com PC: Hewlett-Packard (HP Pavilion dv5 Notebook PC) (X86-based PC) # Notebook CPU: Intel® Core2 Duo CPU T5800 @ 2.00GHz (2000) RAM -> [ Total : 3068 | Free : 1488 ] BIOS: Default System BIOS BOOT: Normal boot OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [ Enabled ] WU: Windows Update Service [ Enabled ] AV: Norton Internet Security [ (!) Disabled | Updated ] FW: Windows FireWall Service [ Enabled ] C:\ (%systemdrive%) -> Disque fixe # 224 Go (20 Go libre(s) - 9%) [] # NTFS D:\ -> Disque fixe # 9 Go (2 Go libre(s) - 18%) [HP_RECOVERY] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM H:\ -> Disque amovible # 7 Go (2 Go libre(s) - 27%) [CLE USB] # FAT32 ################## | Processus Actif | C:\Windows\system32\csrss.exe (612) C:\Windows\system32\wininit.exe (664) C:\Windows\system32\csrss.exe (672) C:\Windows\system32\services.exe (712) C:\Windows\system32\lsass.exe (724) C:\Windows\system32\lsm.exe (732) C:\Windows\system32\svchost.exe (880) C:\Windows\system32\nvvsvc.exe (924) C:\Windows\system32\svchost.exe (952) C:\Windows\system32\winlogon.exe (992) C:\Windows\System32\svchost.exe (1024) C:\Windows\System32\svchost.exe (1080) C:\Windows\System32\svchost.exe (1112) C:\Windows\system32\svchost.exe (1128) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe (1160) C:\Windows\system32\svchost.exe (1440) C:\Windows\system32\SLsvc.exe (1456) C:\Windows\system32\svchost.exe (1492) C:\Windows\system32\nvvsvc.exe (1552) C:\Windows\system32\Hpservice.exe (1596) C:\Windows\system32\svchost.exe (1704) C:\Windows\System32\spoolsv.exe (1900) C:\Windows\system32\svchost.exe (1928) C:\Windows\system32\WLANExt.exe (1984) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (168) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (604) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe (704) C:\Windows\system32\svchost.exe (656) C:\Windows\system32\FsUsbExService.Exe (1388) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (1656) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2056) C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (2120) C:\Windows\system32\svchost.exe (2164) C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe (2180) C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe (2252) C:\Windows\SMINST\BLService.exe (2280) C:\Program Files\CyberLink\Shared Files\RichVideo.exe (2336) C:\Windows\system32\svchost.exe (2380) C:\Windows\System32\svchost.exe (2432) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2492) C:\Windows\system32\SearchIndexer.exe (2580) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2632) C:\Windows\system32\DllHost.exe (2972) C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (3312) C:\Windows\system32\Dwm.exe (3372) C:\Windows\system32\taskeng.exe (3496) C:\Windows\system32\taskeng.exe (3752) C:\Program Files\Windows Defender\MSASCui.exe (3952) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (3960) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (3980) C:\Program Files\IDT\WDM\sttray.exe (4008) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2576) C:\Windows\ehome\ehtray.exe (1468) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3276) C:\Program Files\Windows Media Player\wmpnscfg.exe (3388) C:\Windows\ehome\ehmsas.exe (3732) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (1472) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (268) C:\Program Files\Windows Media Player\wmpnetwk.exe (872) C:\Windows\system32\wbem\wmiprvse.exe (3288) C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE (4196) C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (4380) C:\Windows\system32\svchost.exe (6040) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (4304) C:\Windows\system32\wbem\unsecapp.exe (4816) C:\Windows\system32\conime.exe (1792) C:\Windows\explorer.exe (4704) C:\Windows\System32\svchost.exe (4192) C:\Program Files\Google\Chrome\Application\chrome.exe (5412) C:\Program Files\Google\Chrome\Application\chrome.exe (2712) C:\Program Files\Google\Chrome\Application\chrome.exe (4680) C:\Program Files\Google\Chrome\Application\chrome.exe (4880) C:\Windows\system32\rundll32.exe (5684) C:\Program Files\Google\Chrome\Application\chrome.exe (4224) C:\UsbFix\UsbFix.exe (3872) C:\Windows\system32\wbem\wmiprvse.exe (6076) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (4980) C:\Windows\System32\mobsync.exe (4268) C:\Windows\system32\WUDFHost.exe (4428) ################## | Éléments infectieux | Présent! C:\Users\Magali\AppData\Roaming\filterclsid.dat Présent! C:\Users\Magali\AppData\Roaming\GDIPFONTCACHEV1.DAT Présent! C:\Users\Magali\AppData\Roaming\wklnhst.dat ################## | Registre | Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives ################## | Mountpoints2 | ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F |

Voici le rapport : Lien CJoint.com AKEpVs5VtZv Mais le message vient à l'instant de réapparaître. Se pourrait-il qu'il s'agisse d'un autre problème ne venant pas de l'infection de mon pc ou bien il y a encore quelque chose à éliminer?

Bon, bah fausse joie, le message vient de réapparaître

Pas de message d'erreur depuis le redémarrage, j'attends jusque ce soir et je vous tiens au courant.

Voilà le rapport, effectivement ça a été long du coup j'ai repris la procédure ce matin : Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 8273 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 30/11/2011 13:38:41 mbam-log-2011-11-30 (13-38-41).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 492275 Temps écoulé: 4 heure(s), 56 minute(s), 23 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 5 Fichier(s) infecté(s): 13 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\bisoft (Worm.Bagle) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\ScanQuery (Adware.ScanQuery) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): c:\Users\Magali\AppData\Roaming\drivers\downld (Worm.Bagle) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64} (Adware.ScanQuery) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome (Adware.ScanQuery) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults (Adware.ScanQuery) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences (Adware.ScanQuery) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\program files\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully. c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\Samsung\samsung pc studio 3\Update\Copyer.exe (Adware.Kraddare) -> Quarantined and deleted successfully. c:\program files\Samsung\samsung pc studio 3\Update\liveupdate.exe (Adware.Kraddare) -> Quarantined and deleted successfully. c:\program files\internet explorer\msimg32.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully. c:\users\magali\desktop\...\mouseblaster.exe (Joke.Winshoot) -> Quarantined and deleted successfully. c:\users\magali\desktop\...\mouseblaster.exe (Joke.Winshoot) -> Quarantined and deleted successfully. c:\Users\Magali\Videos\fu-setup_le.exe (Adware.Rabio) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome.manifest (Adware.ScanQuery) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\install.rdf (Adware.ScanQuery) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome\scanquery.jar (Adware.ScanQuery) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences\prefs.js (Adware.ScanQuery) -> Quarantined and deleted successfully.

Voilà le nouveau scan : Lien CJoint.com AKDxQfGW4Hd

Fix Navipromo version 4.1.1 commencé le 29/11/2011 23:09:57,75 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\navilog1 Mise à jour le 05.11.2011 à 20h00 par IL-MAFIOSO Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Core2 Duo CPU T5800 @ 2.00GHz ) BIOS : Default System BIOS USER : Magali ( Administrator ) BOOT : Normal boot C:\ (Local Disk) - NTFS - Total:223 Go (Free:21 Go) D:\ (Local Disk) - NTFS - Total:9 Go (Free:1 Go) E:\ (CD or DVD) F:\ (CD or DVD) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur C:\Users\Magali\AppData\Local\kfujnc.dat supprimé ! C:\Users\Magali\AppData\Local\mmyci_nav.dat supprimé ! C:\Users\Magali\AppData\Local\whxaaaz.dat supprimé ! C:\Users\Magali\AppData\Local\whxaaaz_nav.dat supprimé ! C:\Users\Magali\AppData\Local\whxaaaz_navps.dat supprimé ! Nettoyage contenu C:\Windows\Temp effectué ! Nettoyage contenu C:\Users\Magali\AppData\Local\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok Certificat Electronic-Group supprimé ! Certificat OOO-Favorit supprimé ! *** Scan terminé 29/11/2011 23:16:10,29 ***

Rapport TDSSkiller : 22:38:49.0819 1028 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44 22:38:51.0841 1028 ============================================================ 22:38:51.0841 1028 Current date / time: 2011/11/29 22:38:51.0841 22:38:51.0841 1028 SystemInfo: 22:38:51.0841 1028 22:38:51.0841 1028 OS Version: 6.0.6002 ServicePack: 2.0 22:38:51.0841 1028 Product type: Workstation 22:38:51.0842 1028 ComputerName: PC-DE-MAGALI 22:38:51.0842 1028 UserName: Magali 22:38:51.0842 1028 Windows directory: C:\Windows 22:38:51.0842 1028 System windows directory: C:\Windows 22:38:51.0842 1028 Processor architecture: Intel x86 22:38:51.0842 1028 Number of processors: 2 22:38:51.0842 1028 Page size: 0x1000 22:38:51.0842 1028 Boot type: Normal boot 22:38:51.0843 1028 ============================================================ 22:38:53.0228 1028 Initialize success 22:39:38.0480 5448 ============================================================ 22:39:38.0480 5448 Scan started 22:39:38.0480 5448 Mode: Manual; SigCheck; TDLFS; 22:39:38.0480 5448 ============================================================ 22:39:39.0163 5448 Accelerometer (cc1f1d3d70dc13c2c281488d347d4415) C:\Windows\system32\DRIVERS\Accelerometer.sys 22:39:39.0463 5448 Accelerometer - ok 22:39:39.0682 5448 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 22:39:39.0746 5448 ACPI - ok 22:39:39.0952 5448 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 22:39:40.0116 5448 adp94xx - ok 22:39:40.0259 5448 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 22:39:40.0347 5448 adpahci - ok 22:39:40.0396 5448 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 22:39:40.0449 5448 adpu160m - ok 22:39:40.0739 5448 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 22:39:40.0806 5448 adpu320 - ok 22:39:41.0094 5448 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 22:39:41.0226 5448 AFD - ok 22:39:41.0362 5448 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 22:39:41.0417 5448 agp440 - ok 22:39:41.0537 5448 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 22:39:41.0582 5448 aic78xx - ok 22:39:41.0691 5448 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 22:39:41.0729 5448 aliide - ok 22:39:41.0806 5448 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 22:39:41.0858 5448 amdagp - ok 22:39:41.0923 5448 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 22:39:41.0960 5448 amdide - ok 22:39:42.0018 5448 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 22:39:42.0321 5448 AmdK7 - ok 22:39:42.0574 5448 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys 22:39:42.0683 5448 AmdK8 - ok 22:39:42.0804 5448 Amfilter (6d3055e171d9af99fe141a2498be7b8d) C:\Windows\system32\DRIVERS\Amfilter.sys 22:39:42.0885 5448 Amfilter ( UnsignedFile.Multi.Generic ) - warning 22:39:42.0885 5448 Amfilter - detected UnsignedFile.Multi.Generic (1) 22:39:42.0974 5448 Amusbprt (f0a140c610def306ca07832a7cbf0f29) C:\Windows\system32\DRIVERS\Amusbprt.sys 22:39:43.0051 5448 Amusbprt ( UnsignedFile.Multi.Generic ) - warning 22:39:43.0051 5448 Amusbprt - detected UnsignedFile.Multi.Generic (1) 22:39:43.0279 5448 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 22:39:43.0320 5448 arc - ok 22:39:43.0392 5448 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 22:39:43.0432 5448 arcsas - ok 22:39:43.0558 5448 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 22:39:43.0669 5448 AsyncMac - ok 22:39:43.0803 5448 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 22:39:43.0888 5448 atapi - ok 22:39:44.0054 5448 atksgt (3c4b9850a2631c2263507400d029057b) C:\Windows\system32\DRIVERS\atksgt.sys 22:39:44.0220 5448 atksgt - ok 22:39:44.0467 5448 BCM43XV (8c74f7814028140c9518d2b59f9410b6) C:\Windows\system32\DRIVERS\bcmwl6.sys 22:39:44.0550 5448 BCM43XV - ok 22:39:44.0783 5448 BCM43XX (8c74f7814028140c9518d2b59f9410b6) C:\Windows\system32\DRIVERS\bcmwl6.sys 22:39:44.0916 5448 BCM43XX - ok 22:39:45.0204 5448 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 22:39:45.0399 5448 Beep - ok 22:39:45.0836 5448 BHDrvx86 (9d14d76e4e7b9b2ead17149011db2b11) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20111114.002\BHDrvx86.sys 22:39:45.0920 5448 BHDrvx86 - ok 22:39:46.0032 5448 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 22:39:46.0111 5448 blbdrive - ok 22:39:46.0190 5448 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 22:39:46.0282 5448 bowser - ok 22:39:46.0356 5448 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 22:39:46.0512 5448 BrFiltLo - ok 22:39:46.0621 5448 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 22:39:46.0710 5448 BrFiltUp - ok 22:39:46.0812 5448 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 22:39:47.0149 5448 Brserid - ok 22:39:47.0302 5448 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 22:39:47.0469 5448 BrSerWdm - ok 22:39:47.0791 5448 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 22:39:47.0949 5448 BrUsbMdm - ok 22:39:48.0206 5448 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 22:39:48.0356 5448 BrUsbSer - ok 22:39:48.0483 5448 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 22:39:48.0603 5448 BthEnum - ok 22:39:48.0671 5448 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys 22:39:48.0757 5448 BTHMODEM - ok 22:39:48.0998 5448 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 22:39:49.0122 5448 BthPan - ok 22:39:49.0317 5448 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 22:39:49.0433 5448 BTHPORT - ok 22:39:49.0712 5448 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 22:39:49.0786 5448 BTHUSB - ok 22:39:50.0085 5448 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 22:39:50.0209 5448 cdfs - ok 22:39:50.0411 5448 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 22:39:50.0500 5448 cdrom - ok 22:39:50.0596 5448 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys 22:39:50.0977 5448 circlass - ok 22:39:51.0226 5448 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 22:39:51.0278 5448 CLFS - ok 22:39:51.0363 5448 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 22:39:51.0469 5448 CmBatt - ok 22:39:51.0580 5448 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 22:39:51.0617 5448 cmdide - ok 22:39:51.0697 5448 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 22:39:51.0751 5448 Compbatt - ok 22:39:51.0896 5448 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 22:39:51.0932 5448 crcdisk - ok 22:39:52.0080 5448 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 22:39:52.0216 5448 Crusoe - ok 22:39:52.0342 5448 CrystalSysInfo - ok 22:39:52.0527 5448 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 22:39:52.0665 5448 DfsC - ok 22:39:52.0798 5448 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 22:39:53.0033 5448 disk - ok 22:39:53.0259 5448 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 22:39:53.0323 5448 drmkaud - ok 22:39:53.0507 5448 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 22:39:53.0573 5448 DXGKrnl - ok 22:39:53.0865 5448 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 22:39:54.0011 5448 E1G60 - ok 22:39:54.0277 5448 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 22:39:54.0358 5448 Ecache - ok 22:39:54.0686 5448 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 22:39:54.0792 5448 eeCtrl - ok 22:39:55.0062 5448 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 22:39:55.0206 5448 elxstor - ok 22:39:55.0793 5448 enecir (4cd6b056c5fd9e97c06fe74c81479517) C:\Windows\system32\DRIVERS\enecir.sys 22:39:55.0922 5448 enecir - ok 22:39:56.0241 5448 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 22:39:56.0275 5448 EraserUtilRebootDrv - ok 22:39:56.0870 5448 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 22:39:57.0011 5448 ErrDev - ok 22:39:57.0586 5448 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 22:39:57.0782 5448 exfat - ok 22:39:58.0372 5448 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 22:39:58.0512 5448 fastfat - ok 22:39:59.0031 5448 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 22:39:59.0153 5448 fdc - ok 22:39:59.0729 5448 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 22:39:59.0768 5448 FileInfo - ok 22:40:00.0290 5448 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 22:40:00.0389 5448 Filetrace - ok 22:40:01.0070 5448 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 22:40:01.0443 5448 flpydisk - ok 22:40:01.0992 5448 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 22:40:02.0109 5448 FltMgr - ok 22:40:02.0321 5448 FSProFilter (3528c9ec493ca524a877d217c7d51600) C:\Windows\system32\Drivers\FSPFltd.sys 22:40:02.0368 5448 FSProFilter - ok 22:40:02.0479 5448 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS 22:40:02.0529 5448 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 22:40:02.0529 5448 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 22:40:02.0669 5448 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 22:40:02.0759 5448 Fs_Rec - ok 22:40:02.0909 5448 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 22:40:03.0009 5448 gagp30kx - ok 22:40:03.0239 5448 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 22:40:03.0419 5448 HdAudAddService - ok 22:40:03.0638 5448 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 22:40:03.0825 5448 HDAudBus - ok 22:40:03.0968 5448 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 22:40:04.0133 5448 HidBth - ok 22:40:04.0279 5448 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys 22:40:04.0366 5448 HidIr - ok 22:40:04.0551 5448 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 22:40:04.0644 5448 HidUsb - ok 22:40:04.0747 5448 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 22:40:04.0783 5448 HpCISSs - ok 22:40:04.0923 5448 hpdskflt (4ef10b866c62abbeaf7511cdd05a19be) C:\Windows\system32\DRIVERS\hpdskflt.sys 22:40:04.0956 5448 hpdskflt - ok 22:40:05.0003 5448 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 22:40:05.0132 5448 HpqKbFiltr - ok 22:40:05.0278 5448 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys 22:40:05.0370 5448 HpqRemHid - ok 22:40:05.0585 5448 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 22:40:05.0731 5448 HSFHWAZL - ok 22:40:05.0872 5448 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 22:40:06.0194 5448 HSF_DPV - ok 22:40:06.0478 5448 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 22:40:06.0667 5448 HTTP - ok 22:40:06.0885 5448 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 22:40:06.0957 5448 i2omp - ok 22:40:07.0086 5448 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 22:40:07.0193 5448 i8042prt - ok 22:40:07.0426 5448 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys 22:40:07.0726 5448 iaStor - ok 22:40:07.0967 5448 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 22:40:08.0185 5448 iaStorV - ok 22:40:08.0466 5448 IDSVix86 (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20111128.030\IDSvix86.sys 22:40:08.0585 5448 IDSVix86 - ok 22:40:08.0759 5448 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 22:40:08.0814 5448 iirsp - ok 22:40:09.0058 5448 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 22:40:09.0251 5448 intelide - ok 22:40:09.0308 5448 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 22:40:09.0422 5448 intelppm - ok 22:40:09.0813 5448 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:40:09.0915 5448 IpFilterDriver - ok 22:40:09.0992 5448 IpInIp - ok 22:40:10.0097 5448 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 22:40:10.0228 5448 IPMIDRV - ok 22:40:10.0459 5448 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 22:40:10.0584 5448 IPNAT - ok 22:40:10.0682 5448 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 22:40:10.0984 5448 IRENUM - ok 22:40:11.0091 5448 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 22:40:11.0148 5448 isapnp - ok 22:40:11.0480 5448 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 22:40:11.0538 5448 iScsiPrt - ok 22:40:11.0750 5448 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 22:40:11.0799 5448 iteatapi - ok 22:40:12.0033 5448 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 22:40:12.0091 5448 iteraid - ok 22:40:12.0344 5448 JMCR (858c550ebbd243826a2193262c1b54a3) C:\Windows\system32\DRIVERS\jmcr.sys 22:40:12.0440 5448 JMCR - ok 22:40:12.0573 5448 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 22:40:12.0620 5448 kbdclass - ok 22:40:12.0837 5448 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 22:40:12.0936 5448 kbdhid - ok 22:40:13.0228 5448 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 22:40:13.0430 5448 KSecDD - ok 22:40:13.0849 5448 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\Windows\system32\DRIVERS\lirsgt.sys 22:40:13.0889 5448 lirsgt ( UnsignedFile.Multi.Generic ) - warning 22:40:13.0890 5448 lirsgt - detected UnsignedFile.Multi.Generic (1) 22:40:14.0121 5448 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 22:40:14.0273 5448 lltdio - ok 22:40:14.0697 5448 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 22:40:14.0805 5448 LSI_FC - ok 22:40:15.0066 5448 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 22:40:15.0125 5448 LSI_SAS - ok 22:40:15.0334 5448 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 22:40:15.0553 5448 LSI_SCSI - ok 22:40:15.0673 5448 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 22:40:15.0767 5448 luafv - ok 22:40:16.0035 5448 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 22:40:16.0087 5448 megasas - ok 22:40:16.0548 5448 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 22:40:16.0634 5448 MegaSR - ok 22:40:16.0924 5448 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 22:40:17.0032 5448 Modem - ok 22:40:17.0409 5448 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 22:40:17.0506 5448 monitor - ok 22:40:17.0778 5448 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 22:40:17.0816 5448 mouclass - ok 22:40:18.0068 5448 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 22:40:18.0165 5448 mouhid - ok 22:40:18.0449 5448 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 22:40:18.0505 5448 MountMgr - ok 22:40:18.0818 5448 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 22:40:18.0885 5448 mpio - ok 22:40:19.0092 5448 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 22:40:19.0172 5448 mpsdrv - ok 22:40:19.0565 5448 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 22:40:19.0617 5448 Mraid35x - ok 22:40:20.0198 5448 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 22:40:20.0313 5448 MRxDAV - ok 22:40:20.0585 5448 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 22:40:20.0744 5448 mrxsmb - ok 22:40:20.0967 5448 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:40:21.0062 5448 mrxsmb10 - ok 22:40:21.0161 5448 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:40:21.0259 5448 mrxsmb20 - ok 22:40:21.0380 5448 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 22:40:21.0437 5448 msahci - ok 22:40:21.0554 5448 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 22:40:21.0597 5448 msdsm - ok 22:40:21.0736 5448 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 22:40:21.0828 5448 Msfs - ok 22:40:22.0083 5448 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 22:40:22.0129 5448 msisadrv - ok 22:40:22.0388 5448 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 22:40:22.0516 5448 MSKSSRV - ok 22:40:22.0793 5448 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 22:40:22.0902 5448 MSPCLOCK - ok 22:40:23.0145 5448 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 22:40:23.0269 5448 MSPQM - ok 22:40:23.0413 5448 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 22:40:23.0503 5448 MsRPC - ok 22:40:23.0724 5448 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 22:40:23.0768 5448 mssmbios - ok 22:40:23.0998 5448 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 22:40:24.0093 5448 MSTEE - ok 22:40:24.0257 5448 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 22:40:24.0303 5448 Mup - ok 22:40:24.0475 5448 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 22:40:24.0566 5448 NativeWifiP - ok 22:40:24.0845 5448 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20111129.002\NAVENG.SYS 22:40:24.0883 5448 NAVENG - ok 22:40:25.0245 5448 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20111129.002\NAVEX15.SYS 22:40:25.0467 5448 NAVEX15 - ok 22:40:25.0708 5448 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 22:40:25.0804 5448 NDIS - ok 22:40:25.0965 5448 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 22:40:26.0072 5448 NdisTapi - ok 22:40:26.0186 5448 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 22:40:26.0308 5448 Ndisuio - ok 22:40:26.0485 5448 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 22:40:26.0613 5448 NdisWan - ok 22:40:26.0777 5448 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 22:40:26.0881 5448 NDProxy - ok 22:40:27.0002 5448 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 22:40:27.0103 5448 NetBIOS - ok 22:40:27.0262 5448 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 22:40:27.0354 5448 netbt - ok 22:40:27.0517 5448 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 22:40:27.0571 5448 nfrd960 - ok 22:40:27.0730 5448 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 22:40:27.0841 5448 Npfs - ok 22:40:28.0001 5448 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 22:40:28.0081 5448 nsiproxy - ok 22:40:28.0519 5448 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 22:40:28.0724 5448 Ntfs - ok 22:40:28.0918 5448 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 22:40:29.0085 5448 ntrigdigi - ok 22:40:29.0365 5448 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 22:40:29.0476 5448 Null - ok 22:40:29.0791 5448 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys 22:40:30.0076 5448 NVENETFD - ok 22:40:30.0282 5448 NVHDA (f972dc046c374a9e02f2dfbe74ebb203) C:\Windows\system32\drivers\nvhda32v.sys 22:40:30.0318 5448 NVHDA - ok 22:40:31.0095 5448 nvlddmkm (24000b817cc84ac1555f41929879af5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys 22:40:31.0850 5448 nvlddmkm - ok 22:40:32.0156 5448 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 22:40:32.0234 5448 nvraid - ok 22:40:32.0550 5448 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 22:40:32.0608 5448 nvstor - ok 22:40:32.0801 5448 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 22:40:32.0860 5448 nv_agp - ok 22:40:32.0962 5448 NwlnkFlt - ok 22:40:33.0095 5448 NwlnkFwd - ok 22:40:33.0324 5448 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 22:40:33.0399 5448 ohci1394 - ok 22:40:33.0669 5448 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 22:40:33.0851 5448 Parport - ok 22:40:33.0974 5448 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 22:40:34.0031 5448 partmgr - ok 22:40:34.0156 5448 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 22:40:34.0298 5448 Parvdm - ok 22:40:34.0474 5448 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys 22:40:34.0538 5448 pccsmcfd - ok 22:40:34.0910 5448 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 22:40:34.0984 5448 pci - ok 22:40:35.0320 5448 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 22:40:35.0387 5448 pciide - ok 22:40:35.0733 5448 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 22:40:35.0798 5448 pcmcia - ok 22:40:36.0026 5448 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 22:40:36.0256 5448 PEAUTH - ok 22:40:36.0544 5448 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 22:40:36.0660 5448 PptpMiniport - ok 22:40:37.0010 5448 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 22:40:37.0102 5448 Processor - ok 22:40:37.0444 5448 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 22:40:37.0520 5448 PSched - ok 22:40:38.0285 5448 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 22:40:38.0528 5448 ql2300 - ok 22:40:38.0755 5448 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 22:40:38.0822 5448 ql40xx - ok 22:40:39.0175 5448 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 22:40:39.0366 5448 QWAVEdrv - ok 22:40:39.0726 5448 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 22:40:39.0820 5448 RasAcd - ok 22:40:40.0362 5448 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 22:40:40.0532 5448 Rasl2tp - ok 22:40:40.0844 5448 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 22:40:40.0943 5448 RasPppoe - ok 22:40:41.0107 5448 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 22:40:41.0205 5448 RasSstp - ok 22:40:41.0385 5448 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 22:40:41.0673 5448 rdbss - ok 22:40:41.0979 5448 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 22:40:42.0110 5448 RDPCDD - ok 22:40:42.0766 5448 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 22:40:42.0857 5448 rdpdr - ok 22:40:43.0157 5448 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 22:40:43.0278 5448 RDPENCDD - ok 22:40:43.0535 5448 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 22:40:43.0682 5448 RDPWD - ok 22:40:44.0024 5448 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 22:40:44.0234 5448 RFCOMM - ok 22:40:44.0652 5448 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 22:40:44.0836 5448 rspndr - ok 22:40:45.0231 5448 RTL8169 (7157e70a90cce49deb8885d23a073a39) C:\Windows\system32\DRIVERS\Rtlh86.sys 22:40:45.0586 5448 RTL8169 - ok 22:40:46.0022 5448 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 22:40:46.0091 5448 sbp2port - ok 22:40:46.0519 5448 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys 22:40:46.0633 5448 sdbus - ok 22:40:46.0892 5448 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 22:40:47.0033 5448 secdrv - ok 22:40:47.0530 5448 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 22:40:47.0696 5448 Serenum - ok 22:40:48.0122 5448 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 22:40:48.0258 5448 Serial - ok 22:40:48.0790 5448 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 22:40:48.0925 5448 sermouse - ok 22:40:49.0285 5448 sfdrv01 (aad95fe3e005489c7156fa111f744eaf) C:\Windows\system32\drivers\sfdrv01.sys 22:40:49.0335 5448 sfdrv01 - ok 22:40:49.0704 5448 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 22:40:49.0776 5448 sffdisk - ok 22:40:50.0149 5448 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 22:40:50.0254 5448 sffp_mmc - ok 22:40:50.0625 5448 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 22:40:50.0806 5448 sffp_sd - ok 22:40:51.0192 5448 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys 22:40:51.0226 5448 sfhlp02 - ok 22:40:51.0524 5448 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 22:40:51.0682 5448 sfloppy - ok 22:40:52.0109 5448 sfsync04 (f66f0a90f6ac63d440bb317f5501339a) C:\Windows\system32\drivers\sfsync04.sys 22:40:52.0146 5448 sfsync04 - ok 22:40:52.0481 5448 sfvfs02 (991482fc39ff8bfdfbb9b3a46eb3cca0) C:\Windows\system32\drivers\sfvfs02.sys 22:40:52.0545 5448 sfvfs02 - ok 22:40:52.0838 5448 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 22:40:52.0904 5448 sisagp - ok 22:40:53.0065 5448 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 22:40:53.0105 5448 SiSRaid2 - ok 22:40:53.0384 5448 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 22:40:53.0459 5448 SiSRaid4 - ok 22:40:53.0744 5448 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 22:40:53.0877 5448 Smb - ok 22:40:54.0193 5448 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 22:40:54.0233 5448 spldr - ok 22:40:54.0995 5448 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys 22:40:54.0995 5448 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9 22:40:55.0039 5448 sptd ( LockedFile.Multi.Generic ) - warning 22:40:55.0039 5448 sptd - detected LockedFile.Multi.Generic (1) 22:40:55.0454 5448 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\system32\drivers\NIS\1206000.01D\SRTSP.SYS 22:40:55.0687 5448 SRTSP - ok 22:40:55.0954 5448 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.SYS 22:40:55.0987 5448 SRTSPX - ok 22:40:56.0231 5448 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 22:40:56.0388 5448 srv - ok 22:40:56.0779 5448 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 22:40:56.0893 5448 srv2 - ok 22:40:57.0220 5448 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 22:40:57.0285 5448 srvnet - ok 22:40:57.0527 5448 ssm_bus (14622ae81c72b08691eedaabc1d4a129) C:\Windows\system32\DRIVERS\ssm_bus.sys 22:40:57.0584 5448 ssm_bus - ok 22:40:57.0814 5448 ssm_mdfl (43ee5e9fda61a5e0eac4c1de699e6e4d) C:\Windows\system32\DRIVERS\ssm_mdfl.sys 22:40:57.0848 5448 ssm_mdfl - ok 22:40:58.0187 5448 ssm_mdm (918cfd32c7feb174f356a0a6fad11f4b) C:\Windows\system32\DRIVERS\ssm_mdm.sys 22:40:58.0308 5448 ssm_mdm - ok 22:40:58.0676 5448 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys 22:40:58.0697 5448 StarOpen ( UnsignedFile.Multi.Generic ) - warning 22:40:58.0697 5448 StarOpen - detected UnsignedFile.Multi.Generic (1) 22:40:59.0068 5448 STHDA (e69a606872650b46de54ec15dcc93529) C:\Windows\system32\DRIVERS\stwrt.sys 22:40:59.0452 5448 STHDA - ok 22:40:59.0895 5448 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 22:40:59.0932 5448 swenum - ok 22:41:00.0113 5448 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 22:41:00.0152 5448 Symc8xx - ok 22:41:00.0359 5448 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS 22:41:00.0510 5448 SymDS - ok 22:41:00.0882 5448 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS 22:41:01.0572 5448 SymEFA - ok 22:41:01.0840 5448 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS 22:41:01.0878 5448 SymEvent - ok 22:41:02.0106 5448 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS 22:41:02.0141 5448 SymIRON - ok 22:41:02.0272 5448 SYMTDIv (5136f99a60ddbdeb1f6fd1eefc44407f) C:\Windows\system32\drivers\NIS\1206000.01D\SYMTDIV.SYS 22:41:02.0423 5448 SYMTDIv - ok 22:41:02.0666 5448 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 22:41:02.0724 5448 Sym_hi - ok 22:41:03.0152 5448 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 22:41:03.0218 5448 Sym_u3 - ok 22:41:03.0374 5448 SynTP (067cb9d745407a8c1b26e89a6a2ce152) C:\Windows\system32\DRIVERS\SynTP.sys 22:41:03.0416 5448 SynTP - ok 22:41:03.0699 5448 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys 22:41:03.0947 5448 Tcpip - ok 22:41:04.0379 5448 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys 22:41:04.0534 5448 Tcpip6 - ok 22:41:04.0940 5448 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 22:41:05.0014 5448 tcpipreg - ok 22:41:05.0216 5448 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 22:41:05.0405 5448 TDPIPE - ok 22:41:05.0559 5448 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 22:41:05.0654 5448 TDTCP - ok 22:41:05.0803 5448 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 22:41:05.0892 5448 tdx - ok 22:41:06.0005 5448 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 22:41:06.0048 5448 TermDD - ok 22:41:06.0187 5448 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 22:41:06.0265 5448 tssecsrv - ok 22:41:06.0538 5448 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 22:41:06.0612 5448 tunmp - ok 22:41:06.0780 5448 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 22:41:06.0888 5448 tunnel - ok 22:41:06.0958 5448 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 22:41:07.0000 5448 uagp35 - ok 22:41:07.0182 5448 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 22:41:07.0310 5448 udfs - ok 22:41:07.0510 5448 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 22:41:07.0580 5448 uliagpkx - ok 22:41:07.0690 5448 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 22:41:07.0770 5448 uliahci - ok 22:41:07.0830 5448 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 22:41:07.0880 5448 UlSata - ok 22:41:08.0127 5448 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 22:41:08.0180 5448 ulsata2 - ok 22:41:08.0244 5448 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 22:41:08.0322 5448 umbus - ok 22:41:08.0506 5448 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 22:41:08.0610 5448 usbccgp - ok 22:41:08.0732 5448 USBCCID (32c068eaf37c92d7194eee1faa1e7853) C:\Windows\system32\DRIVERS\usbccid.sys 22:41:08.0822 5448 USBCCID - ok 22:41:09.0056 5448 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 22:41:09.0211 5448 usbcir - ok 22:41:09.0376 5448 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 22:41:09.0475 5448 usbehci - ok 22:41:09.0573 5448 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 22:41:09.0679 5448 usbhub - ok 22:41:09.0811 5448 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys 22:41:09.0908 5448 usbohci - ok 22:41:10.0063 5448 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 22:41:10.0148 5448 usbprint - ok 22:41:10.0342 5448 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 22:41:10.0446 5448 usbscan - ok 22:41:10.0706 5448 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 22:41:10.0807 5448 USBSTOR - ok 22:41:11.0009 5448 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 22:41:11.0448 5448 usbuhci - ok 22:41:11.0616 5448 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 22:41:11.0990 5448 usbvideo - ok 22:41:12.0382 5448 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 22:41:12.0494 5448 vga - ok 22:41:12.0611 5448 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 22:41:12.0726 5448 VgaSave - ok 22:41:12.0958 5448 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 22:41:13.0013 5448 viaagp - ok 22:41:13.0079 5448 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 22:41:13.0183 5448 ViaC7 - ok 22:41:13.0460 5448 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 22:41:13.0497 5448 viaide - ok 22:41:13.0703 5448 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 22:41:13.0741 5448 volmgr - ok 22:41:13.0868 5448 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 22:41:13.0937 5448 volmgrx - ok 22:41:14.0140 5448 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 22:41:14.0598 5448 volsnap - ok 22:41:14.0725 5448 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 22:41:14.0766 5448 vsmraid - ok 22:41:14.0843 5448 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 22:41:15.0114 5448 WacomPen - ok 22:41:15.0212 5448 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 22:41:15.0353 5448 Wanarp - ok 22:41:15.0407 5448 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 22:41:15.0464 5448 Wanarpv6 - ok 22:41:15.0623 5448 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 22:41:15.0782 5448 Wd - ok 22:41:15.0947 5448 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 22:41:16.0065 5448 Wdf01000 - ok 22:41:16.0287 5448 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 22:41:16.0468 5448 winachsf - ok 22:41:16.0733 5448 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 22:41:16.0808 5448 WmiAcpi - ok 22:41:17.0088 5448 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 22:41:17.0163 5448 WpdUsb - ok 22:41:17.0233 5448 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 22:41:17.0326 5448 ws2ifsl - ok 22:41:17.0507 5448 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 22:41:17.0639 5448 WUDFRd - ok 22:41:17.0701 5448 MBR (0x1B8) (85d751f0e41b8e520aee8c07a8da777b) \Device\Harddisk0\DR0 22:41:17.0962 5448 \Device\Harddisk0\DR0 - ok 22:41:17.0989 5448 Boot (0x1200) (d91c8b953e274575370b20a6fd422ff5) \Device\Harddisk0\DR0\Partition0 22:41:17.0991 5448 \Device\Harddisk0\DR0\Partition0 - ok 22:41:18.0001 5448 Boot (0x1200) (178f28556fafad917a0d6c39bf6557cd) \Device\Harddisk0\DR0\Partition1 22:41:18.0003 5448 \Device\Harddisk0\DR0\Partition1 - ok 22:41:18.0010 5448 ============================================================ 22:41:18.0010 5448 Scan finished 22:41:18.0010 5448 ============================================================ 22:41:18.0041 5432 Detected object count: 6 22:41:18.0041 5432 Actual detected object count: 6 22:45:03.0050 5432 Amfilter ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:03.0050 5432 Amfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:03.0056 5432 Amusbprt ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:03.0056 5432 Amusbprt ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:03.0061 5432 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:03.0061 5432 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:03.0065 5432 lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:03.0065 5432 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:03.0070 5432 sptd ( LockedFile.Multi.Generic ) - skipped by user 22:45:03.0071 5432 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 22:45:03.0071 5432 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:03.0072 5432 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

Rapport AdwCleaner : # AdwCleaner v1.319 - Rapport créé le 29/11/2011 à 22:30:29 # Mis à jour le 20/11/11 à 11h par Xplode # Système d'exploitation : Windows Vista Home Premium Service Pack 2 (32 bits) # Nom d'utilisateur : Magali - PC-DE-MAGALI (Administrateur) # Exécuté depuis : C:\Users\Magali\Desktop\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\ProgramData\Babylon Dossier Supprimé : C:\ProgramData\Viewpoint Dossier Supprimé : C:\Users\Magali\AppData\Roaming\Babylon Dossier Supprimé : C:\Users\Magali\AppData\LocalLow\ShoppingReport2 Dossier Supprimé : C:\Program Files\ShoppingReport2 Dossier Supprimé : C:\Program Files\Viewpoint Fichier Supprimé : C:\Windows\system32\f3PSSavr.scr ***** [Navipromo] ***** Fichier Supprimé : C:\Users\Magali\AppData\Local\kfujnc.dat Fichier Supprimé : C:\Users\Magali\AppData\Local\kfujnc_nav.dat Fichier Supprimé : C:\Users\Magali\AppData\Local\kfujnc_navps.dat ***** [Registre] ***** Clé Supprimée : HKCU\Software\ShoppingReport2 Clé Supprimée : HKCU\Software\AppDataLow\Software\ShoppingReport2 Clé Supprimée : HKLM\SOFTWARE\MetaStream Clé Supprimée : HKLM\SOFTWARE\ShoppingReport2 Clé Supprimée : HKLM\SOFTWARE\Viewpoint Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\MenuButtonIE.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll Clé Supprimée : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v3.0.5 (fr) Profil : 02iaomou.default Fichier : C:\Users\Magali\AppData\Roaming\Mozilla\Firefox\Profiles\02iaomou.default\prefs.js ... Fichier absent ! -\\ Google Chrome v0.0.0.0 Fichier : C:\Users\Magali\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. -\\ Opera v10.63.3516.0 Fichier : C:\Users\Magali\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[s1].txt - [5130 octets] - [29/11/2011 22:30:29] ************************* Dossier Temporaire : 0 dossier(s)et 15 fichier(s) supprimés ########## EOF - C:\AdwCleaner[s1].txt - [5350 octets] ########## Je passe à l'étape 2

Merci pour ton aide. Oui, toujours le même message qui apparaît. J'ai nettoyé les fichiers temporaires et voici mon rapport ZHPDiag : Lien CJoint.com AKDwfU6Mvum

Bonjour, Suite à mes recherches sur le web afin d’éradiquer mon problème en vain je viens vous demander votre aide car je pense mon ordi infecté. Un message d'erreur s'affiche continuellement tous les jours, à intervalle variable : Malgré mon analyse anti-virus (qui ne détecte rien), un nettoyage du registre et autre rien n'y fait et cela dure depuis environ 15j, il me semble à la suite de mises à jour à partir de Windows update. Je ne suis pas du tout calée en informatique du coup je ne sais plus quoi faire. Pourriez-vous m'aider svp? Merci d'avance