Sujet Précédent Sujet Suivant

Comment supprimer un rootkit physical drive

Fermé
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011 - 16 févr. 2011 à 00:37
 Utilisateur anonyme - 2 avril 2011 à 03:51
Bonjour,
je suis actuellement en pleine dépression nerveuse
Avast a detecter sur mon ordinateur un rootkit win 32 physical drive, et depuis je sais pas quoi faire. J'ai telecharger tdsskiller qui la detecter aussi il y a ecrit "Malicieux, Rootkit.win32.tdss.tdl4 / Name : :HardDisk0".
Je vous poste le rapport de tdsskiller en espérant que je pourrais avoir de l'aide !! Je ne sais pas si cela peut aider mais j'ai windows vista !!!!

Merci de l'aide que vous pouvez m'apporter merci beaucoup !!!!!


2011/02/16 00:02:10.0663 3596 TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20
2011/02/16 00:02:11.0132 3596 ================================================================================
2011/02/16 00:02:11.0132 3596 SystemInfo:
2011/02/16 00:02:11.0132 3596
2011/02/16 00:02:11.0132 3596 OS Version: 6.0.6002 ServicePack: 2.0
2011/02/16 00:02:11.0132 3596 Product type: Workstation
2011/02/16 00:02:11.0132 3596 ComputerName: PC-DE-LOLO
2011/02/16 00:02:11.0133 3596 UserName: Lolo
2011/02/16 00:02:11.0133 3596 Windows directory: C:\windows
2011/02/16 00:02:11.0133 3596 System windows directory: C:\windows
2011/02/16 00:02:11.0133 3596 Processor architecture: Intel x86
2011/02/16 00:02:11.0133 3596 Number of processors: 1
2011/02/16 00:02:11.0133 3596 Page size: 0x1000
2011/02/16 00:02:11.0133 3596 Boot type: Normal boot
2011/02/16 00:02:11.0133 3596 ================================================================================
2011/02/16 00:02:11.0833 3596 Initialize success
2011/02/16 00:02:35.0430 2472 ================================================================================
2011/02/16 00:02:35.0430 2472 Scan started
2011/02/16 00:02:35.0430 2472 Mode: Manual;
2011/02/16 00:02:35.0430 2472 ================================================================================
2011/02/16 00:02:36.0356 2472 Accelerometer (a9b917777841b76f299e2ea946e03adf) C:\windows\system32\DRIVERS\Accelerometer.sys
2011/02/16 00:02:36.0490 2472 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\windows\system32\drivers\acpi.sys
2011/02/16 00:02:36.0649 2472 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\windows\system32\drivers\adfs.sys
2011/02/16 00:02:36.0717 2472 ADIHdAudAddService (364a903711e84eb1386fa04106681b7a) C:\windows\system32\drivers\ADIHdAud.sys
2011/02/16 00:02:36.0833 2472 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys
2011/02/16 00:02:36.0932 2472 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys
2011/02/16 00:02:36.0985 2472 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys
2011/02/16 00:02:37.0043 2472 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys
2011/02/16 00:02:37.0191 2472 AFD (a201207363aa900abf1a388468688570) C:\windows\system32\drivers\afd.sys
2011/02/16 00:02:37.0358 2472 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys
2011/02/16 00:02:37.0495 2472 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys
2011/02/16 00:02:37.0560 2472 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys
2011/02/16 00:02:37.0679 2472 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys
2011/02/16 00:02:37.0730 2472 amdagp (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys
2011/02/16 00:02:37.0780 2472 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys
2011/02/16 00:02:37.0882 2472 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys
2011/02/16 00:02:37.0938 2472 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys
2011/02/16 00:02:38.0164 2472 arc (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys
2011/02/16 00:02:38.0232 2472 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys
2011/02/16 00:02:38.0426 2472 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys
2011/02/16 00:02:38.0535 2472 aswMonFlt (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys
2011/02/16 00:02:38.0617 2472 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys
2011/02/16 00:02:38.0676 2472 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys
2011/02/16 00:02:38.0835 2472 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys
2011/02/16 00:02:39.0017 2472 AsyncMac (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys
2011/02/16 00:02:39.0130 2472 atapi (2d9c903dc76a66813d350a562de40ed9) C:\windows\system32\drivers\atapi.sys
2011/02/16 00:02:39.0334 2472 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/02/16 00:02:39.0582 2472 BCM43XX (3f5e7621cdf6867d3d8417d13a098277) C:\windows\system32\DRIVERS\bcmwl6.sys
2011/02/16 00:02:39.0777 2472 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys
2011/02/16 00:02:39.0992 2472 blbdrive (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys
2011/02/16 00:02:40.0076 2472 bowser (74b442b2be1260b7588c136177ceac66) C:\windows\system32\DRIVERS\bowser.sys
2011/02/16 00:02:40.0195 2472 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys
2011/02/16 00:02:40.0301 2472 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys
2011/02/16 00:02:40.0424 2472 Brserid (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys
2011/02/16 00:02:40.0477 2472 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys
2011/02/16 00:02:40.0553 2472 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys
2011/02/16 00:02:40.0617 2472 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys
2011/02/16 00:02:40.0734 2472 BthEnum (6d39c954799b63ba866910234cf7d726) C:\windows\system32\DRIVERS\BthEnum.sys
2011/02/16 00:02:40.0822 2472 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\windows\system32\drivers\bthmodem.sys
2011/02/16 00:02:40.0977 2472 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys
2011/02/16 00:02:41.0102 2472 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\windows\system32\Drivers\BTHport.sys
2011/02/16 00:02:41.0307 2472 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\windows\system32\Drivers\BTHUSB.sys
2011/02/16 00:02:41.0472 2472 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\windows\system32\drivers\btwaudio.sys
2011/02/16 00:02:41.0530 2472 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\windows\system32\drivers\btwavdt.sys
2011/02/16 00:02:41.0676 2472 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\windows\system32\DRIVERS\btwrchid.sys
2011/02/16 00:02:41.0801 2472 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys
2011/02/16 00:02:41.0953 2472 cdrom (6b4bffb9becd728097024276430db314) C:\windows\system32\DRIVERS\cdrom.sys
2011/02/16 00:02:42.0018 2472 circlass (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys
2011/02/16 00:02:42.0124 2472 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\windows\system32\CLFS.sys
2011/02/16 00:02:42.0357 2472 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys
2011/02/16 00:02:42.0463 2472 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys
2011/02/16 00:02:42.0552 2472 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys
2011/02/16 00:02:42.0682 2472 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys
2011/02/16 00:02:42.0768 2472 Crusoe (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys
2011/02/16 00:02:42.0884 2472 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\windows\system32\drivers\csc.sys
2011/02/16 00:02:43.0009 2472 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\windows\system32\Drivers\dfsc.sys
2011/02/16 00:02:43.0263 2472 disk (5d4aefc3386920236a548271f8f1af6a) C:\windows\system32\drivers\disk.sys
2011/02/16 00:02:43.0431 2472 drmkaud (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys
2011/02/16 00:02:43.0552 2472 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\windows\System32\drivers\dxgkrnl.sys
2011/02/16 00:02:43.0732 2472 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys
2011/02/16 00:02:43.0869 2472 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\windows\system32\drivers\ecache.sys
2011/02/16 00:02:43.0969 2472 elxstor (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys
2011/02/16 00:02:44.0095 2472 ErrDev (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys
2011/02/16 00:02:44.0213 2472 exfat (22b408651f9123527bcee54b4f6c5cae) C:\windows\system32\drivers\exfat.sys
2011/02/16 00:02:44.0517 2472 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\windows\system32\drivers\fastfat.sys
2011/02/16 00:02:44.0661 2472 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys
2011/02/16 00:02:44.0783 2472 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys
2011/02/16 00:02:44.0837 2472 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys
2011/02/16 00:02:44.0930 2472 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys
2011/02/16 00:02:45.0026 2472 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\windows\system32\drivers\fltmgr.sys
2011/02/16 00:02:45.0203 2472 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys
2011/02/16 00:02:45.0278 2472 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys
2011/02/16 00:02:45.0475 2472 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/02/16 00:02:45.0644 2472 HBtnKey (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys
2011/02/16 00:02:45.0768 2472 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys
2011/02/16 00:02:45.0921 2472 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/02/16 00:02:46.0069 2472 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys
2011/02/16 00:02:46.0120 2472 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys
2011/02/16 00:02:46.0204 2472 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\windows\system32\DRIVERS\hidusb.sys
2011/02/16 00:02:46.0399 2472 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys
2011/02/16 00:02:46.0492 2472 hpdskflt (3520a74fca88a5aefbbe7b937bea75f7) C:\windows\system32\DRIVERS\hpdskflt.sys
2011/02/16 00:02:46.0655 2472 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2011/02/16 00:02:46.0975 2472 HTTP (f870aa3e254628ebeafe754108d664de) C:\windows\system32\drivers\HTTP.sys
2011/02/16 00:02:47.0115 2472 i2omp (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys
2011/02/16 00:02:47.0246 2472 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys
2011/02/16 00:02:47.0375 2472 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\windows\system32\drivers\iastor.sys
2011/02/16 00:02:47.0703 2472 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys
2011/02/16 00:02:48.0233 2472 igfx (d97e70e4e243c9660f91c1112e36c73b) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/02/16 00:02:48.0558 2472 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys
2011/02/16 00:02:48.0672 2472 intelide (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys
2011/02/16 00:02:48.0785 2472 intelppm (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys
2011/02/16 00:02:49.0076 2472 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/02/16 00:02:49.0245 2472 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys
2011/02/16 00:02:49.0336 2472 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys
2011/02/16 00:02:49.0596 2472 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys
2011/02/16 00:02:49.0669 2472 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys
2011/02/16 00:02:49.0755 2472 iScsiPrt (232fa340531d940aac623b121a595034) C:\windows\system32\DRIVERS\msiscsi.sys
2011/02/16 00:02:49.0900 2472 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys
2011/02/16 00:02:50.0100 2472 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys
2011/02/16 00:02:50.0193 2472 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/02/16 00:02:50.0360 2472 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\windows\system32\DRIVERS\kbdhid.sys
2011/02/16 00:02:50.0535 2472 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\windows\system32\Drivers\ksecdd.sys
2011/02/16 00:02:50.0931 2472 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys
2011/02/16 00:02:51.0129 2472 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys
2011/02/16 00:02:51.0174 2472 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys
2011/02/16 00:02:51.0269 2472 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys
2011/02/16 00:02:51.0513 2472 luafv (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys
2011/02/16 00:02:51.0677 2472 megasas (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys
2011/02/16 00:02:51.0881 2472 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys
2011/02/16 00:02:51.0967 2472 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys
2011/02/16 00:02:52.0089 2472 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys
2011/02/16 00:02:52.0243 2472 mouclass (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys
2011/02/16 00:02:52.0388 2472 mouhid (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys
2011/02/16 00:02:52.0442 2472 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys
2011/02/16 00:02:52.0521 2472 mpio (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys
2011/02/16 00:02:52.0573 2472 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys
2011/02/16 00:02:52.0746 2472 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys
2011/02/16 00:02:52.0822 2472 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\windows\system32\drivers\mrxdav.sys
2011/02/16 00:02:52.0896 2472 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/02/16 00:02:53.0073 2472 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/02/16 00:02:53.0150 2472 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/02/16 00:02:53.0279 2472 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\windows\system32\drivers\msahci.sys
2011/02/16 00:02:53.0377 2472 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys
2011/02/16 00:02:53.0581 2472 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys
2011/02/16 00:02:53.0652 2472 msisadrv (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys
2011/02/16 00:02:53.0893 2472 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys
2011/02/16 00:02:54.0042 2472 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys
2011/02/16 00:02:54.0096 2472 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys
2011/02/16 00:02:54.0256 2472 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\windows\system32\drivers\MsRPC.sys
2011/02/16 00:02:54.0339 2472 mssmbios (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys
2011/02/16 00:02:54.0429 2472 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys
2011/02/16 00:02:54.0535 2472 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\windows\system32\Drivers\mup.sys
2011/02/16 00:02:54.0607 2472 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\windows\system32\DRIVERS\nwifi.sys
2011/02/16 00:02:54.0676 2472 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\windows\system32\drivers\ndis.sys
2011/02/16 00:02:54.0786 2472 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\windows\system32\DRIVERS\ndistapi.sys
2011/02/16 00:02:54.0843 2472 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS\ndisuio.sys
2011/02/16 00:02:54.0916 2472 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\windows\system32\DRIVERS\ndiswan.sys
2011/02/16 00:02:55.0258 2472 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys
2011/02/16 00:02:55.0436 2472 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS\netbios.sys
2011/02/16 00:02:55.0509 2472 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\windows\system32\DRIVERS\netbt.sys
2011/02/16 00:02:55.0618 2472 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers\nfrd960.sys
2011/02/16 00:02:55.0712 2472 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\windows\system32\drivers\Npfs.sys
2011/02/16 00:02:55.0812 2472 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers\nsiproxy.sys
2011/02/16 00:02:55.0906 2472 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\windows\system32\drivers\Ntfs.sys
2011/02/16 00:02:55.0993 2472 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers\ntrigdigi.sys
2011/02/16 00:02:56.0078 2472 Null (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys
2011/02/16 00:02:56.0151 2472 nvraid (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers\nvraid.sys
2011/02/16 00:02:56.0208 2472 nvstor (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers\nvstor.sys
2011/02/16 00:02:56.0260 2472 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers\nv_agp.sys
2011/02/16 00:02:56.0497 2472 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\windows\system32\drivers\ohci1394.sys
2011/02/16 00:02:56.0631 2472 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\windows\system32\drivers\parport.sys
2011/02/16 00:02:56.0693 2472 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\windows\system32\drivers\partmgr.sys
2011/02/16 00:02:56.0744 2472 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\windows\system32\drivers\parvdm.sys
2011/02/16 00:02:56.0842 2472 pci (941dc1d19e7e8620f40bbc206981efdb) C:\windows\system32\drivers\pci.sys
2011/02/16 00:02:56.0971 2472 pciide (fc175f5ddab666d7f4d17449a547626f) C:\windows\system32\drivers\pciide.sys
2011/02/16 00:02:57.0167 2472 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\windows\system32\DRIVERS\pcmcia.sys
2011/02/16 00:02:57.0293 2472 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys
2011/02/16 00:02:57.0714 2472 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERS\raspptp.sys
2011/02/16 00:02:57.0793 2472 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\drivers\processr.sys
2011/02/16 00:02:58.0005 2472 PSched (99514faa8df93d34b5589187db3aa0ba) C:\windows\system32\DRIVERS\pacer.sys
2011/02/16 00:02:58.0163 2472 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys
2011/02/16 00:02:58.0281 2472 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys
2011/02/16 00:02:58.0371 2472 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys
2011/02/16 00:02:58.0468 2472 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys
2011/02/16 00:02:58.0570 2472 RasAcd (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERS\rasacd.sys
2011/02/16 00:02:58.0716 2472 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/02/16 00:02:58.0808 2472 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\windows\system32\DRIVERS\raspppoe.sys
2011/02/16 00:02:58.0930 2472 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\windows\system32\DRIVERS\rassstp.sys
2011/02/16 00:02:59.0020 2472 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\windows\system32\DRIVERS\rdbss.sys
2011/02/16 00:02:59.0224 2472 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/02/16 00:02:59.0388 2472 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\windows\system32\DRIVERS\rdpdr.sys
2011/02/16 00:02:59.0459 2472 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\drivers\rdpencdd.sys
2011/02/16 00:02:59.0534 2472 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\windows\system32\drivers\RDPWD.sys
2011/02/16 00:02:59.0648 2472 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\windows\system32\DRIVERS\rfcomm.sys
2011/02/16 00:02:59.0785 2472 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERS\rspndr.sys
2011/02/16 00:02:59.0876 2472 RsvLock (3beefe509c414f3a6e55e5c7c4024581) C:\windows\system32\drivers\RsvLock.sys
2011/02/16 00:02:59.0941 2472 SafeBoot (2a5eedcb22a5d6bb0231e38a38e7a7d9) C:\windows\system32\drivers\SafeBoot.sys
2011/02/16 00:02:59.0941 2472 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 2a5eedcb22a5d6bb0231e38a38e7a7d9
2011/02/16 00:02:59.0955 2472 SafeBoot - detected Locked file (1)
2011/02/16 00:03:00.0051 2472 SbAlg (52dcde2d1787217e15ffdca1cbf8cce9) C:\windows\system32\drivers\SbAlg.sys
2011/02/16 00:03:00.0118 2472 SbFsLock (69a5af9ce49a0982e7ae7c7d62bdb2b1) C:\windows\system32\drivers\SbFsLock.sys
2011/02/16 00:03:00.0175 2472 sbp2port (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys
2011/02/16 00:03:00.0275 2472 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/02/16 00:03:00.0446 2472 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\windows\system32\drivers\serenum.sys
2011/02/16 00:03:00.0503 2472 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\windows\system32\drivers\serial.sys
2011/02/16 00:03:00.0589 2472 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys
2011/02/16 00:03:00.0687 2472 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys
2011/02/16 00:03:00.0784 2472 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys
2011/02/16 00:03:00.0854 2472 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys
2011/02/16 00:03:00.0924 2472 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\windows\system32\drivers\sfloppy.sys
2011/02/16 00:03:01.0027 2472 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys
2011/02/16 00:03:01.0128 2472 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys
2011/02/16 00:03:01.0198 2472 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys
2011/02/16 00:03:01.0282 2472 Smb (7b75299a4d201d6a6533603d6914ab04) C:\windows\system32\DRIVERS\smb.sys
2011/02/16 00:03:01.0463 2472 SNP2UVC (cf9cde12fbc19dba8de528b7511a2f4f) C:\windows\system32\DRIVERS\snp2uvc.sys
2011/02/16 00:03:01.0594 2472 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys
2011/02/16 00:03:01.0905 2472 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\windows\system32\DRIVERS\srv.sys
2011/02/16 00:03:01.0999 2472 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\windows\system32\DRIVERS\srv2.sys
2011/02/16 00:03:02.0069 2472 srvnet (faa0d553a49e85008c6bb3781987c574) C:\windows\system32\DRIVERS\srvnet.sys
2011/02/16 00:03:02.0189 2472 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys
2011/02/16 00:03:02.0281 2472 Symc8xx (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys
2011/02/16 00:03:02.0362 2472 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys
2011/02/16 00:03:02.0435 2472 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys
2011/02/16 00:03:02.0541 2472 SynTP (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys
2011/02/16 00:03:02.0651 2472 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\drivers\tcpip.sys
2011/02/16 00:03:03.0052 2472 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\DRIVERS\tcpip.sys
2011/02/16 00:03:03.0134 2472 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\windows\system32\drivers\tcpipreg.sys
2011/02/16 00:03:03.0276 2472 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers\tdpipe.sys
2011/02/16 00:03:03.0373 2472 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers\tdtcp.sys
2011/02/16 00:03:03.0457 2472 tdx (76b06eb8a01fc8624d699e7045303e54) C:\windows\system32\DRIVERS\tdx.sys
2011/02/16 00:03:03.0566 2472 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\windows\system32\DRIVERS\termdd.sys
2011/02/16 00:03:03.0913 2472 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/02/16 00:03:04.0071 2472 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS\tunmp.sys
2011/02/16 00:03:04.0297 2472 tunnel (300db877ac094feab0be7688c3454a9c) C:\windows\system32\DRIVERS\tunnel.sys
2011/02/16 00:03:04.0434 2472 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys
2011/02/16 00:03:04.0771 2472 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\windows\system32\DRIVERS\udfs.sys
2011/02/16 00:03:05.0125 2472 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys
2011/02/16 00:03:05.0353 2472 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys
2011/02/16 00:03:05.0489 2472 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys
2011/02/16 00:03:05.0616 2472 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys
2011/02/16 00:03:05.0804 2472 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys
2011/02/16 00:03:05.0955 2472 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\windows\system32\Drivers\usbaapl.sys
2011/02/16 00:03:06.0141 2472 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys
2011/02/16 00:03:06.0299 2472 usbcir (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys
2011/02/16 00:03:06.0552 2472 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\windows\system32\DRIVERS\usbehci.sys
2011/02/16 00:03:06.0746 2472 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\windows\system32\DRIVERS\usbhub.sys
2011/02/16 00:03:07.0006 2472 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys
2011/02/16 00:03:07.0358 2472 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys
2011/02/16 00:03:07.0569 2472 usbscan (a508c9bd8724980512136b039bba65e9) C:\windows\system32\DRIVERS\usbscan.sys
2011/02/16 00:03:07.0715 2472 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/02/16 00:03:07.0813 2472 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys
2011/02/16 00:03:07.0912 2472 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\windows\system32\Drivers\usbvideo.sys
2011/02/16 00:03:08.0102 2472 vga (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys
2011/02/16 00:03:08.0288 2472 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys
2011/02/16 00:03:08.0370 2472 viaagp (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys
2011/02/16 00:03:08.0498 2472 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys
2011/02/16 00:03:08.0605 2472 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys
2011/02/16 00:03:08.0814 2472 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys
2011/02/16 00:03:08.0949 2472 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\windows\system32\drivers\volmgrx.sys
2011/02/16 00:03:09.0068 2472 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\windows\system32\drivers\volsnap.sys
2011/02/16 00:03:09.0223 2472 vsmraid (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys
2011/02/16 00:03:09.0439 2472 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys
2011/02/16 00:03:09.0649 2472 Wanarp (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/02/16 00:03:09.0680 2472 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/02/16 00:03:09.0843 2472 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys
2011/02/16 00:03:10.0012 2472 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys
2011/02/16 00:03:10.0388 2472 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/02/16 00:03:10.0495 2472 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys
2011/02/16 00:03:10.0631 2472 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/02/16 00:03:10.0814 2472 yukonwlh (f72d4bffa37e857d195048c498afc61b) C:\windows\system32\DRIVERS\yk60x86.sys
2011/02/16 00:03:10.0914 2472 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/02/16 00:03:10.0920 2472 ================================================================================
2011/02/16 00:03:10.0921 2472 Scan finished
2011/02/16 00:03:10.0921 2472 ================================================================================
2011/02/16 00:03:10.0935 2908 Detected object count: 2
2011/02/16 00:03:35.0888 2908 HKLM\SYSTEM\ControlSet001\services\SafeBoot - will be deleted after reboot
2011/02/16 00:03:35.0962 2908 HKLM\SYSTEM\ControlSet003\services\SafeBoot - will be deleted after reboot
2011/02/16 00:03:36.0003 2908 C:\windows\system32\drivers\SafeBoot.sys - will be deleted after reboot
2011/02/16 00:03:36.0003 2908 Locked file(SafeBoot) - User select action: Delete
2011/02/16 00:03:36.0004 2908 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Skip




37 réponses

  • 1
  • 2
Réponse 1 / 37
Utilisateur anonyme
16 févr. 2011 à 01:14
salut il fallait faire "Cure" et non "Skip" :)
0
Réponse 2 / 37
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
18 févr. 2011 à 20:26
Et bien j'ai cure, mais ce la ne change rien le virus et toujours là, j'ai recommencer deux fois mais rien n'y fait, j'ai aussi redemarrer mon pc a chaque fois biensur, mais cela ne change rien d'ailleur quand il se rallume l'ordi se lance dans la reparation de demarrage windows a chaque fois et cela depuis que j'ai essayer de l'effacer !! Auriez vous une idée de se que je doit faire !!!
0
Réponse 3 / 37
Utilisateur anonyme
18 févr. 2011 à 21:22

/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

__________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================

▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur

Telecharge ici : Combofix

Avant d'utiliser ComboFix :

Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n'est pas suffisante.
Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau

▶ Lance le

Une fenêtre apparait : clique sur "Disable"

▶ Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

_________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur combofix renommé

¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤

▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.



0
Réponse 4 / 37
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
13 mars 2011 à 10:01
Desoler j'ai mis du temps avant de vous repondre le travaille ma pris de cours.
J'ai fait se que vous m'avez dit je vous colle le rapport qui est apparue a la fin sur combofix

ComboFix 11-03-12.01 - Lolo 13/03/2011 9:29.1.1 - x86
Microsoft® Windows Vista(TM) Professionnel 6.0.6002.2.1252.33.1036.18.1976.904 [GMT 1:00]
Lancé depuis: c:\users\Lolo\Downloads\ComboFix.exe
AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lolo\AppData\Roaming\AntiVirus 2010
c:\users\Lolo\AppData\Roaming\WhereSphere
c:\users\Lolo\AppData\Roaming\WhereSphere\config.cfg
c:\users\Lolo\Desktop\Internet Explorer.lnk
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-02-13 au 2011-03-13 ))))))))))))))))))))))))))))))))))))
.
.
2011-03-13 08:42 . 2011-03-13 08:47 -------- d-----w- c:\users\Lolo\AppData\Local\temp
2011-03-13 08:42 . 2011-03-13 08:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-10 18:51 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-10 18:51 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-10 18:51 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-10 18:51 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-10 18:51 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-10 18:51 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-02-27 11:26 . 2011-02-27 11:26 -------- d-----w- c:\program files\iPod
2011-02-27 11:26 . 2011-02-27 11:27 -------- d-----w- c:\program files\iTunes
2011-02-27 11:20 . 2011-02-27 11:20 -------- d-----w- c:\program files\Bonjour
2011-02-19 02:05 . 2011-02-19 02:05 23040 ----a-w- c:\windows\system32\bddel.exe
2011-02-18 22:33 . 2011-02-18 22:33 -------- d-----w- c:\users\Lolo\AppData\Roaming\QuickScan
2011-02-18 22:31 . 2011-03-13 08:44 -------- d-----w- c:\program files\Common Files\BitDefender
2011-02-18 22:29 . 2011-03-13 08:24 512599 ----a-w- c:\programdata\bdinstall.bin
2011-02-18 17:32 . 2011-02-02 16:10 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{48C382E4-26E4-45EF-B541-0D40565F2CDC}\mpengine.dll
2011-02-17 19:03 . 2011-02-17 19:03 -------- d-----w- c:\windows\fr
2011-02-17 18:57 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-02-17 18:57 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-17 18:57 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-17 18:54 . 2011-02-17 18:54 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\dsetup32.dll
2011-02-17 18:54 . 2011-02-17 18:54 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\dsetup32.dll
2011-02-17 18:53 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2011-02-16 22:35 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe
2011-02-16 22:34 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2011-02-16 22:34 . 2011-01-08 08:47 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-16 22:34 . 2011-01-08 06:28 292352 ----a-w- c:\windows\system32\atmfd.dll
2011-02-16 22:34 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 18:41 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 16:11 . 2009-10-03 07:56 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-12-14 17:51 . 2010-12-14 17:51 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-12-14 17:51 . 2010-12-14 17:51 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 10244096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 197904]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-10 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-10 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-10 145944]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
.
c:\users\Lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-6-18 197904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSP;avast! Self Protection; [x]
S1 RsvLock;RsvLock; [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-04-07 24936]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-12 c:\windows\Tasks\Norton Security Scan for Lolo.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-10-23 07:48]
.
2011-03-13 c:\windows\Tasks\User_Feed_Synchronization-{AF1FD668-6C39-4ACD-B4AA-8512F55AB2A9}.job
- c:\windows\system32\msfeedssync.exe [2011-02-16 04:47]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Lolo\AppData\Roaming\Mozilla\Firefox\Profiles\4m9vyvqd.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-{F0A37341-D692-11D4-A984-009027EC0A9C} - c:\program files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe
.
.
.
**************************************************************************
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(3572)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
c:\windows\system32\btncopy.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\ActivIdentity\ActivClient\acevents.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Heure de fin: 2011-03-13 09:54:31 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-03-13 08:53
.
Avant-CF: 134 128 775 168 octets libres
Après-CF: 134 470 795 264 octets libres
.
- - End Of File - - E1A3675C92304167E5540E5FD198C973
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 37
Utilisateur anonyme
13 mars 2011 à 11:43
tu n'as pas fait ce qui éétait demandé !!
0
Réponse 6 / 37
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
13 mars 2011 à 13:39
comment ça ? je doit faire quoi alors ??
0
Réponse 7 / 37
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
13 mars 2011 à 13:40
j'ai pourtant suivis a la lettre le message que tu m'a envoyer !!!
0
Réponse 8 / 37
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 65
13 mars 2011 à 13:52
IL VEUT TE DIRE QUE TU NE L AS PAS RENOMMé combo fix avant de le telecharger et aussi mais ce n est pas indique(je crois) c est que combo fix doit se situer sur ton bureau lorsque tu lances le scan.
0
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
13 mars 2011 à 14:16
oK d'accord je vais relancer le scan tout de suite en installant cette fois combo directement sur mon bureau merci beaucoup
0
Réponse 9 / 37
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
13 mars 2011 à 15:05
Et voici le rapport Combofix.txt






ComboFix 11-03-12.01 - Lolo 13/03/2011 14:28:47.2.1 - x86
Microsoft® Windows Vista(TM) Professionnel 6.0.6002.2.1252.33.1036.18.1976.833 [GMT 1:00]
Lancé depuis: c:\users\Lolo\Desktop\ComboFix.exe
AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-02-13 au 2011-03-13 ))))))))))))))))))))))))))))))))))))
.
.
2011-03-13 13:41 . 2011-03-13 13:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-13 13:26 . 2011-03-13 13:27 -------- d-----w- C:\32788R22FWJFW
2011-03-13 09:06 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF469371-68B2-4F03-871D-582C1D7F8437}\mpengine.dll
2011-03-13 08:42 . 2011-03-13 13:41 -------- d-----w- c:\users\Lolo\AppData\Local\temp
2011-03-10 18:51 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-10 18:51 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-10 18:51 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-10 18:51 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-10 18:51 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-10 18:51 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-02-27 11:26 . 2011-02-27 11:26 -------- d-----w- c:\program files\iPod
2011-02-27 11:26 . 2011-02-27 11:27 -------- d-----w- c:\program files\iTunes
2011-02-27 11:20 . 2011-02-27 11:20 -------- d-----w- c:\program files\Bonjour
2011-02-19 02:05 . 2011-02-19 02:05 23040 ----a-w- c:\windows\system32\bddel.exe
2011-02-18 22:33 . 2011-02-18 22:33 -------- d-----w- c:\users\Lolo\AppData\Roaming\QuickScan
2011-02-18 22:31 . 2011-03-13 08:44 -------- d-----w- c:\program files\Common Files\BitDefender
2011-02-18 22:29 . 2011-03-13 08:24 512599 ----a-w- c:\programdata\bdinstall.bin
2011-02-17 19:03 . 2011-02-17 19:03 -------- d-----w- c:\windows\fr
2011-02-17 18:57 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-02-17 18:57 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-17 18:57 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-17 18:54 . 2011-02-17 18:54 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\dsetup32.dll
2011-02-17 18:54 . 2011-02-17 18:54 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\dsetup32.dll
2011-02-17 18:53 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2011-02-16 22:35 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe
2011-02-16 22:34 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2011-02-16 22:34 . 2011-01-08 08:47 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-16 22:34 . 2011-01-08 06:28 292352 ----a-w- c:\windows\system32\atmfd.dll
2011-02-16 22:34 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 18:41 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 16:11 . 2009-10-03 07:56 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-12-14 17:51 . 2010-12-14 17:51 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-12-14 17:51 . 2010-12-14 17:51 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 10244096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 197904]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-10 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-10 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-10 145944]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
.
c:\users\Lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-6-18 197904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSP;avast! Self Protection; [x]
S1 RsvLock;RsvLock; [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-04-07 24936]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-12 c:\windows\Tasks\Norton Security Scan for Lolo.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-10-23 07:48]
.
2011-03-13 c:\windows\Tasks\User_Feed_Synchronization-{AF1FD668-6C39-4ACD-B4AA-8512F55AB2A9}.job
- c:\windows\system32\msfeedssync.exe [2011-02-16 04:47]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Lolo\AppData\Roaming\Mozilla\Firefox\Profiles\4m9vyvqd.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-13 14:41
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(644)
c:\windows\System32\APSHook.dll
.
- - - - - - - > 'lsass.exe'(704)
c:\windows\System32\APSHook.dll
.
- - - - - - - > 'Explorer.exe'(5368)
c:\windows\system32\btmmhook.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
.
Heure de fin: 2011-03-13 14:45:07
ComboFix-quarantined-files.txt 2011-03-13 13:45
ComboFix2.txt 2011-03-13 08:54
.
Avant-CF: 130 688 692 224 octets libres
Après-CF: 130 658 848 768 octets libres
.
- - End Of File - - 9571D68C735367A57F156DADABECDF1E
0
Réponse 10 / 37
Utilisateur anonyme
13 mars 2011 à 17:39
qu'est-ce-qui lui arrive à cette Dll ?

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

* * Colle directement le chemin des fichiers , un par un , dans l'espace "Parcourir" apres chaque analyse :

c:\windows\System32\APSHook.dll

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
0
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
13 mars 2011 à 17:54
je doit faire analyser sur se site juste le liens

c:\windows\System32\APSHook.dll

ou tout les fichier qui se trouve dans system 32 et il n'y en a pas qu'un peu
0
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 65
13 mars 2011 à 18:03
a ton avis, réflechis un peu .qu est ce qui est écrit ?
0
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
13 mars 2011 à 19:49
j'espere que c sa

http://www.virustotal.com/file-scan/report.html?id=78a96c7c37dc9f37eec81e06c0b099b37a838cda2863ef0064e0ce6a60605283-1300035866
0
Réponse 11 / 37
Utilisateur anonyme
13 mars 2011 à 20:21

__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
KillAll::

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"SunJavaUpdateSched"=-
"HP Software Update"=-
"QuickTime Task"=-
"iTunesHelper"=-

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]



------------------------------------------------------------------

▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes

▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix

▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt


0
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
13 mars 2011 à 21:13
je fait sa tout de suite merci beaucoup !!!
0
Réponse 12 / 37
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
13 mars 2011 à 21:44
voici le rapport


ComboFix 11-03-12.01 - Lolo 13/03/2011 21:19:40.3.1 - x86
Microsoft® Windows Vista(TM) Professionnel 6.0.6002.2.1252.33.1036.18.1976.1010 [GMT 1:00]
Lancé depuis: c:\users\Lolo\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Lolo\Desktop\CFScript.txt.lnk
AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-02-13 au 2011-03-13 ))))))))))))))))))))))))))))))))))))
.
.
2011-03-13 20:30 . 2011-03-13 20:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-13 09:06 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF469371-68B2-4F03-871D-582C1D7F8437}\mpengine.dll
2011-03-13 08:42 . 2011-03-13 20:30 -------- d-----w- c:\users\Lolo\AppData\Local\temp
2011-03-10 18:51 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-10 18:51 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-10 18:51 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-10 18:51 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-10 18:51 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-10 18:51 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-02-27 11:26 . 2011-02-27 11:26 -------- d-----w- c:\program files\iPod
2011-02-27 11:26 . 2011-02-27 11:27 -------- d-----w- c:\program files\iTunes
2011-02-27 11:20 . 2011-02-27 11:20 -------- d-----w- c:\program files\Bonjour
2011-02-19 02:05 . 2011-02-19 02:05 23040 ----a-w- c:\windows\system32\bddel.exe
2011-02-18 22:33 . 2011-02-18 22:33 -------- d-----w- c:\users\Lolo\AppData\Roaming\QuickScan
2011-02-18 22:31 . 2011-03-13 08:44 -------- d-----w- c:\program files\Common Files\BitDefender
2011-02-18 22:29 . 2011-03-13 08:24 512599 ----a-w- c:\programdata\bdinstall.bin
2011-02-17 19:03 . 2011-02-17 19:03 -------- d-----w- c:\windows\fr
2011-02-17 18:57 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-02-17 18:57 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-17 18:57 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-17 18:54 . 2011-02-17 18:54 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\dsetup32.dll
2011-02-17 18:54 . 2011-02-17 18:54 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\dsetup32.dll
2011-02-17 18:53 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2011-02-16 22:35 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe
2011-02-16 22:34 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2011-02-16 22:34 . 2011-01-08 08:47 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-16 22:34 . 2011-01-08 06:28 292352 ----a-w- c:\windows\system32\atmfd.dll
2011-02-16 22:34 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 18:41 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 16:11 . 2009-10-03 07:56 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-12-14 17:51 . 2010-12-14 17:51 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-12-14 17:51 . 2010-12-14 17:51 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 10244096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 197904]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-10 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-10 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-10 145944]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
.
c:\users\Lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-6-18 197904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSP;avast! Self Protection; [x]
S1 RsvLock;RsvLock; [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-04-07 24936]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-13 c:\windows\Tasks\Norton Security Scan for Lolo.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-10-23 07:48]
.
2011-03-13 c:\windows\Tasks\User_Feed_Synchronization-{AF1FD668-6C39-4ACD-B4AA-8512F55AB2A9}.job
- c:\windows\system32\msfeedssync.exe [2011-02-16 04:47]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Lolo\AppData\Roaming\Mozilla\Firefox\Profiles\4m9vyvqd.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-13 21:30
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(4644)
c:\windows\system32\btmmhook.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
.
Heure de fin: 2011-03-13 21:33:39
ComboFix-quarantined-files.txt 2011-03-13 20:33
ComboFix2.txt 2011-03-13 13:45
ComboFix3.txt 2011-03-13 08:54
.
Avant-CF: 130 713 485 312 octets libres
Après-CF: 130 684 121 088 octets libres
.
- - End Of File - - 8E0041898CD2E32113FE41EB861EE285
0
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
14 mars 2011 à 21:12
Mon ordi peut s'en tirer a votre avis ??
0
Réponse 13 / 37
Utilisateur anonyme
14 mars 2011 à 21:14
refais un rapport de TDSSKILLEr
0
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
14 mars 2011 à 22:37
Je fait sa tout de suite
0
Réponse 14 / 37
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
14 mars 2011 à 22:40
et voici le rapport de tdsskiller

2011/03/14 22:38:26.0068 5108 TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20
2011/03/14 22:38:30.0405 5108 ================================================================================
2011/03/14 22:38:30.0405 5108 SystemInfo:
2011/03/14 22:38:30.0405 5108
2011/03/14 22:38:30.0405 5108 OS Version: 6.0.6002 ServicePack: 2.0
2011/03/14 22:38:30.0405 5108 Product type: Workstation
2011/03/14 22:38:30.0405 5108 ComputerName: PC-DE-LOLO
2011/03/14 22:38:30.0421 5108 UserName: Lolo
2011/03/14 22:38:30.0421 5108 Windows directory: C:\windows
2011/03/14 22:38:30.0421 5108 System windows directory: C:\windows
2011/03/14 22:38:30.0421 5108 Processor architecture: Intel x86
2011/03/14 22:38:30.0421 5108 Number of processors: 1
2011/03/14 22:38:30.0421 5108 Page size: 0x1000
2011/03/14 22:38:30.0421 5108 Boot type: Normal boot
2011/03/14 22:38:30.0421 5108 ================================================================================
2011/03/14 22:38:30.0873 5108 Initialize success
2011/03/14 22:38:34.0508 5720 ================================================================================
2011/03/14 22:38:34.0508 5720 Scan started
2011/03/14 22:38:34.0508 5720 Mode: Manual;
2011/03/14 22:38:34.0508 5720 ================================================================================
2011/03/14 22:38:35.0194 5720 Accelerometer (a9b917777841b76f299e2ea946e03adf) C:\windows\system32\DRIVERS\Accelerometer.sys
2011/03/14 22:38:35.0303 5720 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\windows\system32\drivers\acpi.sys
2011/03/14 22:38:35.0397 5720 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\windows\system32\drivers\adfs.sys
2011/03/14 22:38:35.0491 5720 ADIHdAudAddService (364a903711e84eb1386fa04106681b7a) C:\windows\system32\drivers\ADIHdAud.sys
2011/03/14 22:38:35.0569 5720 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys
2011/03/14 22:38:35.0631 5720 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys
2011/03/14 22:38:35.0709 5720 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys
2011/03/14 22:38:35.0756 5720 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys
2011/03/14 22:38:35.0865 5720 AFD (a201207363aa900abf1a388468688570) C:\windows\system32\drivers\afd.sys
2011/03/14 22:38:36.0005 5720 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys
2011/03/14 22:38:36.0115 5720 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys
2011/03/14 22:38:36.0177 5720 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys
2011/03/14 22:38:36.0255 5720 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys
2011/03/14 22:38:36.0317 5720 amdagp (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys
2011/03/14 22:38:36.0380 5720 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys
2011/03/14 22:38:36.0458 5720 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys
2011/03/14 22:38:36.0536 5720 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys
2011/03/14 22:38:36.0692 5720 arc (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys
2011/03/14 22:38:36.0754 5720 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys
2011/03/14 22:38:36.0910 5720 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys
2011/03/14 22:38:37.0019 5720 aswMonFlt (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys
2011/03/14 22:38:37.0097 5720 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys
2011/03/14 22:38:37.0175 5720 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys
2011/03/14 22:38:37.0269 5720 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys
2011/03/14 22:38:37.0331 5720 AsyncMac (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys
2011/03/14 22:38:37.0409 5720 atapi (2d9c903dc76a66813d350a562de40ed9) C:\windows\system32\drivers\atapi.sys
2011/03/14 22:38:37.0581 5720 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/03/14 22:38:37.0721 5720 BCM43XX (3f5e7621cdf6867d3d8417d13a098277) C:\windows\system32\DRIVERS\bcmwl6.sys
2011/03/14 22:38:37.0846 5720 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys
2011/03/14 22:38:37.0955 5720 blbdrive (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys
2011/03/14 22:38:38.0080 5720 bowser (74b442b2be1260b7588c136177ceac66) C:\windows\system32\DRIVERS\bowser.sys
2011/03/14 22:38:38.0158 5720 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys
2011/03/14 22:38:38.0252 5720 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys
2011/03/14 22:38:38.0345 5720 Brserid (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys
2011/03/14 22:38:38.0423 5720 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys
2011/03/14 22:38:38.0517 5720 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys
2011/03/14 22:38:38.0595 5720 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys
2011/03/14 22:38:38.0689 5720 BthEnum (6d39c954799b63ba866910234cf7d726) C:\windows\system32\DRIVERS\BthEnum.sys
2011/03/14 22:38:38.0767 5720 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\windows\system32\drivers\bthmodem.sys
2011/03/14 22:38:38.0876 5720 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys
2011/03/14 22:38:38.0985 5720 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\windows\system32\Drivers\BTHport.sys
2011/03/14 22:38:39.0141 5720 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\windows\system32\Drivers\BTHUSB.sys
2011/03/14 22:38:39.0281 5720 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\windows\system32\drivers\btwaudio.sys
2011/03/14 22:38:39.0359 5720 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\windows\system32\drivers\btwavdt.sys
2011/03/14 22:38:39.0453 5720 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\windows\system32\DRIVERS\btwrchid.sys
2011/03/14 22:38:39.0640 5720 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys
2011/03/14 22:38:39.0734 5720 cdrom (6b4bffb9becd728097024276430db314) C:\windows\system32\DRIVERS\cdrom.sys
2011/03/14 22:38:39.0812 5720 circlass (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys
2011/03/14 22:38:39.0890 5720 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\windows\system32\CLFS.sys
2011/03/14 22:38:39.0999 5720 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys
2011/03/14 22:38:40.0077 5720 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys
2011/03/14 22:38:40.0155 5720 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys
2011/03/14 22:38:40.0217 5720 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys
2011/03/14 22:38:40.0280 5720 Crusoe (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys
2011/03/14 22:38:40.0420 5720 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\windows\system32\drivers\csc.sys
2011/03/14 22:38:40.0545 5720 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\windows\system32\Drivers\dfsc.sys
2011/03/14 22:38:40.0654 5720 disk (5d4aefc3386920236a548271f8f1af6a) C:\windows\system32\drivers\disk.sys
2011/03/14 22:38:40.0810 5720 drmkaud (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys
2011/03/14 22:38:40.0904 5720 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\windows\System32\drivers\dxgkrnl.sys
2011/03/14 22:38:41.0013 5720 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys
2011/03/14 22:38:41.0122 5720 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\windows\system32\drivers\ecache.sys
2011/03/14 22:38:41.0247 5720 elxstor (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys
2011/03/14 22:38:41.0341 5720 ErrDev (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys
2011/03/14 22:38:41.0465 5720 exfat (22b408651f9123527bcee54b4f6c5cae) C:\windows\system32\drivers\exfat.sys
2011/03/14 22:38:41.0543 5720 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\windows\system32\drivers\fastfat.sys
2011/03/14 22:38:41.0668 5720 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys
2011/03/14 22:38:41.0762 5720 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys
2011/03/14 22:38:41.0824 5720 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys
2011/03/14 22:38:41.0902 5720 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys
2011/03/14 22:38:41.0965 5720 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\windows\system32\drivers\fltmgr.sys
2011/03/14 22:38:42.0058 5720 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys
2011/03/14 22:38:42.0136 5720 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys
2011/03/14 22:38:42.0230 5720 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/03/14 22:38:42.0386 5720 HBtnKey (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys
2011/03/14 22:38:42.0495 5720 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys
2011/03/14 22:38:42.0604 5720 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/03/14 22:38:42.0713 5720 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys
2011/03/14 22:38:42.0760 5720 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys
2011/03/14 22:38:42.0869 5720 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\windows\system32\DRIVERS\hidusb.sys
2011/03/14 22:38:42.0963 5720 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys
2011/03/14 22:38:43.0057 5720 hpdskflt (3520a74fca88a5aefbbe7b937bea75f7) C:\windows\system32\DRIVERS\hpdskflt.sys
2011/03/14 22:38:43.0181 5720 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2011/03/14 22:38:43.0291 5720 HTTP (f870aa3e254628ebeafe754108d664de) C:\windows\system32\drivers\HTTP.sys
2011/03/14 22:38:43.0384 5720 i2omp (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys
2011/03/14 22:38:43.0462 5720 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys
2011/03/14 22:38:43.0571 5720 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\windows\system32\drivers\iastor.sys
2011/03/14 22:38:43.0634 5720 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys
2011/03/14 22:38:43.0821 5720 igfx (d97e70e4e243c9660f91c1112e36c73b) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/03/14 22:38:43.0961 5720 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys
2011/03/14 22:38:44.0055 5720 intelide (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys
2011/03/14 22:38:44.0102 5720 intelppm (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys
2011/03/14 22:38:44.0164 5720 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/03/14 22:38:44.0305 5720 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys
2011/03/14 22:38:44.0398 5720 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys
2011/03/14 22:38:44.0507 5720 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys
2011/03/14 22:38:44.0570 5720 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys
2011/03/14 22:38:44.0648 5720 iScsiPrt (232fa340531d940aac623b121a595034) C:\windows\system32\DRIVERS\msiscsi.sys
2011/03/14 22:38:44.0757 5720 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys
2011/03/14 22:38:44.0819 5720 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys
2011/03/14 22:38:44.0882 5720 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/03/14 22:38:44.0975 5720 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\windows\system32\DRIVERS\kbdhid.sys
2011/03/14 22:38:45.0053 5720 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\windows\system32\Drivers\ksecdd.sys
2011/03/14 22:38:45.0225 5720 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys
2011/03/14 22:38:45.0334 5720 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys
2011/03/14 22:38:45.0397 5720 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys
2011/03/14 22:38:45.0443 5720 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys
2011/03/14 22:38:45.0490 5720 luafv (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys
2011/03/14 22:38:45.0599 5720 megasas (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys
2011/03/14 22:38:45.0662 5720 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys
2011/03/14 22:38:45.0740 5720 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys
2011/03/14 22:38:45.0802 5720 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys
2011/03/14 22:38:45.0896 5720 mouclass (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys
2011/03/14 22:38:45.0974 5720 mouhid (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys
2011/03/14 22:38:46.0036 5720 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys
2011/03/14 22:38:46.0114 5720 mpio (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys
2011/03/14 22:38:46.0177 5720 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys
2011/03/14 22:38:46.0270 5720 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys
2011/03/14 22:38:46.0364 5720 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\windows\system32\drivers\mrxdav.sys
2011/03/14 22:38:46.0442 5720 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/03/14 22:38:46.0520 5720 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/03/14 22:38:46.0598 5720 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/03/14 22:38:46.0660 5720 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\windows\system32\drivers\msahci.sys
2011/03/14 22:38:46.0723 5720 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys
2011/03/14 22:38:46.0832 5720 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys
2011/03/14 22:38:46.0894 5720 msisadrv (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys
2011/03/14 22:38:47.0003 5720 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys
2011/03/14 22:38:47.0066 5720 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys
2011/03/14 22:38:47.0128 5720 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys
2011/03/14 22:38:47.0206 5720 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\windows\system32\drivers\MsRPC.sys
2011/03/14 22:38:47.0300 5720 mssmbios (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys
2011/03/14 22:38:47.0393 5720 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys
2011/03/14 22:38:47.0471 5720 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\windows\system32\Drivers\mup.sys
2011/03/14 22:38:47.0534 5720 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\windows\system32\DRIVERS\nwifi.sys
2011/03/14 22:38:47.0627 5720 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\windows\system32\drivers\ndis.sys
2011/03/14 22:38:47.0752 5720 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\windows\system32\DRIVERS\ndistapi.sys
2011/03/14 22:38:47.0815 5720 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS\ndisuio.sys
2011/03/14 22:38:47.0893 5720 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\windows\system32\DRIVERS\ndiswan.sys
2011/03/14 22:38:47.0955 5720 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys
2011/03/14 22:38:48.0080 5720 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS\netbios.sys
2011/03/14 22:38:48.0158 5720 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\windows\system32\DRIVERS\netbt.sys
2011/03/14 22:38:48.0267 5720 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers\nfrd960.sys
2011/03/14 22:38:48.0361 5720 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\windows\system32\drivers\Npfs.sys
2011/03/14 22:38:48.0454 5720 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers\nsiproxy.sys
2011/03/14 22:38:48.0532 5720 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\windows\system32\drivers\Ntfs.sys
2011/03/14 22:38:48.0626 5720 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers\ntrigdigi.sys
2011/03/14 22:38:48.0688 5720 Null (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys
2011/03/14 22:38:48.0735 5720 nvraid (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers\nvraid.sys
2011/03/14 22:38:48.0891 5720 nvstor (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers\nvstor.sys
2011/03/14 22:38:48.0969 5720 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers\nv_agp.sys
2011/03/14 22:38:49.0406 5720 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\windows\system32\drivers\ohci1394.sys
2011/03/14 22:38:49.0515 5720 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\windows\system32\drivers\parport.sys
2011/03/14 22:38:49.0577 5720 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\windows\system32\drivers\partmgr.sys
2011/03/14 22:38:49.0655 5720 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\windows\system32\drivers\parvdm.sys
2011/03/14 22:38:49.0796 5720 pci (941dc1d19e7e8620f40bbc206981efdb) C:\windows\system32\drivers\pci.sys
2011/03/14 22:38:49.0889 5720 pciide (fc175f5ddab666d7f4d17449a547626f) C:\windows\system32\drivers\pciide.sys
2011/03/14 22:38:49.0983 5720 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\windows\system32\DRIVERS\pcmcia.sys
2011/03/14 22:38:50.0092 5720 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys
2011/03/14 22:38:50.0279 5720 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERS\raspptp.sys
2011/03/14 22:38:50.0357 5720 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\drivers\processr.sys
2011/03/14 22:38:50.0482 5720 PSched (99514faa8df93d34b5589187db3aa0ba) C:\windows\system32\DRIVERS\pacer.sys
2011/03/14 22:38:50.0576 5720 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys
2011/03/14 22:38:50.0669 5720 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys
2011/03/14 22:38:50.0794 5720 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys
2011/03/14 22:38:50.0872 5720 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys
2011/03/14 22:38:50.0935 5720 RasAcd (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERS\rasacd.sys
2011/03/14 22:38:50.0997 5720 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/03/14 22:38:51.0059 5720 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\windows\system32\DRIVERS\raspppoe.sys
2011/03/14 22:38:51.0153 5720 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\windows\system32\DRIVERS\rassstp.sys
2011/03/14 22:38:51.0231 5720 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\windows\system32\DRIVERS\rdbss.sys
2011/03/14 22:38:51.0293 5720 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/03/14 22:38:51.0403 5720 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\windows\system32\DRIVERS\rdpdr.sys
2011/03/14 22:38:51.0465 5720 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\drivers\rdpencdd.sys
2011/03/14 22:38:51.0559 5720 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\windows\system32\drivers\RDPWD.sys
2011/03/14 22:38:51.0683 5720 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\windows\system32\DRIVERS\rfcomm.sys
2011/03/14 22:38:51.0824 5720 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERS\rspndr.sys
2011/03/14 22:38:51.0886 5720 RsvLock (3beefe509c414f3a6e55e5c7c4024581) C:\windows\system32\drivers\RsvLock.sys
2011/03/14 22:38:51.0964 5720 SafeBoot (2a5eedcb22a5d6bb0231e38a38e7a7d9) C:\windows\system32\drivers\SafeBoot.sys
2011/03/14 22:38:51.0964 5720 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 2a5eedcb22a5d6bb0231e38a38e7a7d9
2011/03/14 22:38:51.0980 5720 SafeBoot - detected Locked file (1)
2011/03/14 22:38:52.0058 5720 SbAlg (52dcde2d1787217e15ffdca1cbf8cce9) C:\windows\system32\drivers\SbAlg.sys
2011/03/14 22:38:52.0105 5720 SbFsLock (69a5af9ce49a0982e7ae7c7d62bdb2b1) C:\windows\system32\drivers\SbFsLock.sys
2011/03/14 22:38:52.0183 5720 sbp2port (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys
2011/03/14 22:38:52.0292 5720 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/03/14 22:38:52.0385 5720 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\windows\system32\drivers\serenum.sys
2011/03/14 22:38:52.0448 5720 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\windows\system32\drivers\serial.sys
2011/03/14 22:38:52.0541 5720 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys
2011/03/14 22:38:52.0635 5720 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys
2011/03/14 22:38:52.0697 5720 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys
2011/03/14 22:38:52.0791 5720 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys
2011/03/14 22:38:52.0822 5720 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\windows\system32\drivers\sfloppy.sys
2011/03/14 22:38:52.0916 5720 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys
2011/03/14 22:38:52.0978 5720 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys
2011/03/14 22:38:53.0056 5720 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys
2011/03/14 22:38:53.0165 5720 Smb (7b75299a4d201d6a6533603d6914ab04) C:\windows\system32\DRIVERS\smb.sys
2011/03/14 22:38:53.0321 5720 SNP2UVC (cf9cde12fbc19dba8de528b7511a2f4f) C:\windows\system32\DRIVERS\snp2uvc.sys
2011/03/14 22:38:53.0431 5720 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys
2011/03/14 22:38:53.0555 5720 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\windows\system32\DRIVERS\srv.sys
2011/03/14 22:38:53.0649 5720 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\windows\system32\DRIVERS\srv2.sys
2011/03/14 22:38:53.0696 5720 srvnet (faa0d553a49e85008c6bb3781987c574) C:\windows\system32\DRIVERS\srvnet.sys
2011/03/14 22:38:53.0789 5720 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys
2011/03/14 22:38:53.0899 5720 Symc8xx (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys
2011/03/14 22:38:53.0977 5720 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys
2011/03/14 22:38:54.0023 5720 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys
2011/03/14 22:38:54.0101 5720 SynTP (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys
2011/03/14 22:38:54.0257 5720 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\drivers\tcpip.sys
2011/03/14 22:38:54.0382 5720 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\DRIVERS\tcpip.sys
2011/03/14 22:38:54.0460 5720 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\windows\system32\drivers\tcpipreg.sys
2011/03/14 22:38:54.0538 5720 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers\tdpipe.sys
2011/03/14 22:38:54.0632 5720 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers\tdtcp.sys
2011/03/14 22:38:54.0710 5720 tdx (76b06eb8a01fc8624d699e7045303e54) C:\windows\system32\DRIVERS\tdx.sys
2011/03/14 22:38:54.0788 5720 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\windows\system32\DRIVERS\termdd.sys
2011/03/14 22:38:55.0474 5720 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/03/14 22:38:55.0708 5720 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS\tunmp.sys
2011/03/14 22:38:55.0880 5720 tunnel (300db877ac094feab0be7688c3454a9c) C:\windows\system32\DRIVERS\tunnel.sys
2011/03/14 22:38:56.0348 5720 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys
2011/03/14 22:38:56.0629 5720 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\windows\system32\DRIVERS\udfs.sys
2011/03/14 22:38:56.0863 5720 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys
2011/03/14 22:38:57.0159 5720 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys
2011/03/14 22:38:57.0892 5720 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys
2011/03/14 22:38:58.0126 5720 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys
2011/03/14 22:38:58.0750 5720 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys
2011/03/14 22:38:58.0859 5720 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\windows\system32\Drivers\usbaapl.sys
2011/03/14 22:38:59.0015 5720 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys
2011/03/14 22:38:59.0093 5720 usbcir (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys
2011/03/14 22:38:59.0218 5720 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\windows\system32\DRIVERS\usbehci.sys
2011/03/14 22:38:59.0421 5720 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\windows\system32\DRIVERS\usbhub.sys
2011/03/14 22:38:59.0499 5720 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys
2011/03/14 22:38:59.0593 5720 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys
2011/03/14 22:38:59.0733 5720 usbscan (a508c9bd8724980512136b039bba65e9) C:\windows\system32\DRIVERS\usbscan.sys
2011/03/14 22:38:59.0827 5720 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/03/14 22:38:59.0983 5720 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys
2011/03/14 22:39:00.0201 5720 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\windows\system32\Drivers\usbvideo.sys
2011/03/14 22:39:00.0341 5720 vga (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys
2011/03/14 22:39:00.0466 5720 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys
2011/03/14 22:39:00.0607 5720 viaagp (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys
2011/03/14 22:39:00.0716 5720 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys
2011/03/14 22:39:00.0794 5720 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys
2011/03/14 22:39:00.0934 5720 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys
2011/03/14 22:39:01.0215 5720 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\windows\system32\drivers\volmgrx.sys
2011/03/14 22:39:01.0387 5720 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\windows\system32\drivers\volsnap.sys
2011/03/14 22:39:01.0496 5720 vsmraid (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys
2011/03/14 22:39:01.0605 5720 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys
2011/03/14 22:39:01.0667 5720 Wanarp (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/14 22:39:01.0699 5720 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/14 22:39:01.0870 5720 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys
2011/03/14 22:39:01.0964 5720 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys
2011/03/14 22:39:02.0323 5720 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/03/14 22:39:02.0572 5720 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\windows\system32\DRIVERS\wpdusb.sys
2011/03/14 22:39:02.0666 5720 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys
2011/03/14 22:39:02.0822 5720 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/03/14 22:39:03.0274 5720 yukonwlh (f72d4bffa37e857d195048c498afc61b) C:\windows\system32\DRIVERS\yk60x86.sys
2011/03/14 22:39:03.0399 5720 ================================================================================
2011/03/14 22:39:03.0399 5720 Scan finished
2011/03/14 22:39:03.0399 5720 ================================================================================
2011/03/14 22:39:03.0430 2820 Detected object count: 1
2011/03/14 22:39:16.0706 2820 HKLM\SYSTEM\ControlSet001\services\SafeBoot - will be deleted after reboot
2011/03/14 22:39:16.0737 2820 HKLM\SYSTEM\ControlSet005\services\SafeBoot - will be deleted after reboot
2011/03/14 22:39:16.0768 2820 C:\windows\system32\drivers\SafeBoot.sys - will be deleted after reboot
2011/03/14 22:39:16.0768 2820 Locked file(SafeBoot) - User select action: Delete
0
Réponse 15 / 37
Utilisateur anonyme
14 mars 2011 à 22:48

__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
KillAll::

TDL::
C:\windows\system32\drivers\SafeBoot.sys

------------------------------------------------------------------

▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes

▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix

▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt


0
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
14 mars 2011 à 23:39
je fait sa tout de suite merci
0
Réponse 16 / 37
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
16 mars 2011 à 13:07
J'ai beau essayer une fois que combofix commence a lancer son analyse l'ordianteur beug et ne repond plus. Il finit par s'eteindre tout seul et quand je veux le rallumer il m'envoyer dans le systeme de réparation de demarrage windows.
0
Réponse 17 / 37
Utilisateur anonyme
16 mars 2011 à 13:10
ok essaie en mode sans echec
0
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
16 mars 2011 à 13:29
c'est a dire ???
0
Réponse 18 / 37
Utilisateur anonyme
16 mars 2011 à 14:58
Comment aller en Mode sans échec :

▶ Redémarres ton ordi
▶ Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
▶ Tu verras un écran avec options de démarrage apparaître
▶ Choisis la première option : Sans Échec, et valide avec "Entrée"
0
Réponse 19 / 37
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
16 mars 2011 à 21:45
voici le rapport de combofix

ComboFix 11-03-12.01 - Lolo 16/03/2011 21:03:31.4.1 - x86
Microsoft® Windows Vista(TM) Professionnel 6.0.6002.2.1252.33.1036.18.1976.952 [GMT 1:00]
Lancé depuis: c:\users\Lolo\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Lolo\Desktop\CFScript.txt
AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-02-16 au 2011-03-16 ))))))))))))))))))))))))))))))))))))
.
.
2011-03-16 20:14 . 2011-03-16 20:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-16 08:31 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{43808BAA-C8E8-4CCE-AD7D-5B523136CE0C}\mpengine.dll
2011-03-13 08:42 . 2011-03-16 20:23 -------- d-----w- c:\users\Lolo\AppData\Local\temp
2011-03-10 18:51 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-10 18:51 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-10 18:51 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-10 18:51 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-10 18:51 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-10 18:51 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-02-27 11:26 . 2011-02-27 11:26 -------- d-----w- c:\program files\iPod
2011-02-27 11:26 . 2011-02-27 11:27 -------- d-----w- c:\program files\iTunes
2011-02-27 11:20 . 2011-02-27 11:20 -------- d-----w- c:\program files\Bonjour
2011-02-19 02:05 . 2011-02-19 02:05 23040 ----a-w- c:\windows\system32\bddel.exe
2011-02-18 22:33 . 2011-02-18 22:33 -------- d-----w- c:\users\Lolo\AppData\Roaming\QuickScan
2011-02-18 22:31 . 2011-03-13 08:44 -------- d-----w- c:\program files\Common Files\BitDefender
2011-02-18 22:29 . 2011-03-13 08:24 512599 ----a-w- c:\programdata\bdinstall.bin
2011-02-17 19:03 . 2011-02-17 19:03 -------- d-----w- c:\windows\fr
2011-02-17 18:57 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-02-17 18:57 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-17 18:57 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-17 18:54 . 2011-02-17 18:54 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\dsetup32.dll
2011-02-17 18:54 . 2011-02-17 18:54 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\dsetup32.dll
2011-02-17 18:53 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2011-02-16 22:35 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe
2011-02-16 22:34 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2011-02-16 22:34 . 2011-01-08 08:47 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-16 22:34 . 2011-01-08 06:28 292352 ----a-w- c:\windows\system32\atmfd.dll
2011-02-16 22:34 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 18:41 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 16:11 . 2009-10-03 07:56 222080 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 10244096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 197904]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-10 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-10 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-10 145944]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
.
c:\users\Lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-6-18 197904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSP;avast! Self Protection; [x]
S1 RsvLock;RsvLock; [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-04-07 24936]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-16 c:\windows\Tasks\Norton Security Scan for Lolo.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-10-23 07:48]
.
2011-03-13 c:\windows\Tasks\User_Feed_Synchronization-{AF1FD668-6C39-4ACD-B4AA-8512F55AB2A9}.job
- c:\windows\system32\msfeedssync.exe [2011-02-16 04:47]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Lolo\AppData\Roaming\Mozilla\Firefox\Profiles\4m9vyvqd.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(2308)
c:\windows\System32\APSHook.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
c:\windows\system32\btncopy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\ActivIdentity\ActivClient\acevents.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\windows\system32\conime.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Heure de fin: 2011-03-16 21:27:58 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-03-16 20:27
ComboFix2.txt 2011-03-13 20:33
ComboFix3.txt 2011-03-13 13:45
ComboFix4.txt 2011-03-13 08:54
.
Avant-CF: 134 559 424 512 octets libres
Après-CF: 134 401 044 480 octets libres
.
- - End Of File - - 49F05B4F9F125AB4E5CAA8DD9EE784BF
0
Réponse 20 / 37
Utilisateur anonyme
16 mars 2011 à 22:00
refais un scan tdsskiller ?
0
darkovnus Messages postés 35 Date d'inscription jeudi 8 janvier 2009 Statut Membre Dernière intervention 26 septembre 2011
16 mars 2011 à 22:09
ok
0