comment supprimer un rootkit physical driveFermé

Question

Bonjour, 
je suis actuellement en pleine dépression nerveuse
Avast a detecter sur mon ordinateur un rootkit win 32 physical drive, et depuis je sais pas quoi faire. J'ai telecharger tdsskiller qui la detecter aussi il y a ecrit "Malicieux, Rootkit.win32.tdss.tdl4 / Name : :HardDisk0".
Je vous poste le rapport de tdsskiller en espérant que je pourrais avoir de l'aide !! Je ne sais pas si cela peut aider mais j'ai windows vista !!!!

Merci de l'aide que vous pouvez m'apporter merci beaucoup !!!!!


2011/02/16 00:02:10.0663 3596	TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20
2011/02/16 00:02:11.0132 3596	================================================================================
2011/02/16 00:02:11.0132 3596	SystemInfo:
2011/02/16 00:02:11.0132 3596	
2011/02/16 00:02:11.0132 3596	OS Version: 6.0.6002 ServicePack: 2.0
2011/02/16 00:02:11.0132 3596	Product type: Workstation
2011/02/16 00:02:11.0132 3596	ComputerName: PC-DE-LOLO
2011/02/16 00:02:11.0133 3596	UserName: Lolo
2011/02/16 00:02:11.0133 3596	Windows directory: C:\windows
2011/02/16 00:02:11.0133 3596	System windows directory: C:\windows
2011/02/16 00:02:11.0133 3596	Processor architecture: Intel x86
2011/02/16 00:02:11.0133 3596	Number of processors: 1
2011/02/16 00:02:11.0133 3596	Page size: 0x1000
2011/02/16 00:02:11.0133 3596	Boot type: Normal boot
2011/02/16 00:02:11.0133 3596	================================================================================
2011/02/16 00:02:11.0833 3596	Initialize success
2011/02/16 00:02:35.0430 2472	================================================================================
2011/02/16 00:02:35.0430 2472	Scan started
2011/02/16 00:02:35.0430 2472	Mode: Manual; 
2011/02/16 00:02:35.0430 2472	================================================================================
2011/02/16 00:02:36.0356 2472	Accelerometer   (a9b917777841b76f299e2ea946e03adf) C:\windows\system32\DRIVERS\Accelerometer.sys
2011/02/16 00:02:36.0490 2472	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\windows\system32\drivers\acpi.sys
2011/02/16 00:02:36.0649 2472	adfs            (6d7f09cd92a9fef3a8efce66231fdd79) C:\windows\system32\drivers\adfs.sys
2011/02/16 00:02:36.0717 2472	ADIHdAudAddService (364a903711e84eb1386fa04106681b7a) C:\windows\system32\drivers\ADIHdAud.sys
2011/02/16 00:02:36.0833 2472	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys
2011/02/16 00:02:36.0932 2472	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys
2011/02/16 00:02:36.0985 2472	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys
2011/02/16 00:02:37.0043 2472	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys
2011/02/16 00:02:37.0191 2472	AFD             (a201207363aa900abf1a388468688570) C:\windows\system32\drivers\afd.sys
2011/02/16 00:02:37.0358 2472	AgereSoftModem  (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys
2011/02/16 00:02:37.0495 2472	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys
2011/02/16 00:02:37.0560 2472	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys
2011/02/16 00:02:37.0679 2472	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys
2011/02/16 00:02:37.0730 2472	amdagp          (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys
2011/02/16 00:02:37.0780 2472	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys
2011/02/16 00:02:37.0882 2472	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys
2011/02/16 00:02:37.0938 2472	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys
2011/02/16 00:02:38.0164 2472	arc             (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys
2011/02/16 00:02:38.0232 2472	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys
2011/02/16 00:02:38.0426 2472	aswFsBlk        (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys
2011/02/16 00:02:38.0535 2472	aswMonFlt       (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys
2011/02/16 00:02:38.0617 2472	aswRdr          (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys
2011/02/16 00:02:38.0676 2472	aswSP           (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys
2011/02/16 00:02:38.0835 2472	aswTdi          (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys
2011/02/16 00:02:39.0017 2472	AsyncMac        (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys
2011/02/16 00:02:39.0130 2472	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\windows\system32\drivers\atapi.sys
2011/02/16 00:02:39.0334 2472	b57nd60x        (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/02/16 00:02:39.0582 2472	BCM43XX         (3f5e7621cdf6867d3d8417d13a098277) C:\windows\system32\DRIVERS\bcmwl6.sys
2011/02/16 00:02:39.0777 2472	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys
2011/02/16 00:02:39.0992 2472	blbdrive        (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys
2011/02/16 00:02:40.0076 2472	bowser          (74b442b2be1260b7588c136177ceac66) C:\windows\system32\DRIVERS\bowser.sys
2011/02/16 00:02:40.0195 2472	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys
2011/02/16 00:02:40.0301 2472	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys
2011/02/16 00:02:40.0424 2472	Brserid         (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys
2011/02/16 00:02:40.0477 2472	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys
2011/02/16 00:02:40.0553 2472	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys
2011/02/16 00:02:40.0617 2472	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys
2011/02/16 00:02:40.0734 2472	BthEnum         (6d39c954799b63ba866910234cf7d726) C:\windows\system32\DRIVERS\BthEnum.sys
2011/02/16 00:02:40.0822 2472	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\windows\system32\drivers\bthmodem.sys
2011/02/16 00:02:40.0977 2472	BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys
2011/02/16 00:02:41.0102 2472	BTHPORT         (5a3abaa2f8eece7aefb942773766e3db) C:\windows\system32\Drivers\BTHport.sys
2011/02/16 00:02:41.0307 2472	BTHUSB          (94e2941280e3756a5e0bcb467865c43a) C:\windows\system32\Drivers\BTHUSB.sys
2011/02/16 00:02:41.0472 2472	btwaudio        (99aeea7cefdfc6e4151a8f620d682088) C:\windows\system32\drivers\btwaudio.sys
2011/02/16 00:02:41.0530 2472	btwavdt         (195872e48a7fb01f8bc9b800f70f4054) C:\windows\system32\drivers\btwavdt.sys
2011/02/16 00:02:41.0676 2472	btwrchid        (0724e7d6c9b6a289eddda33fa8176e80) C:\windows\system32\DRIVERS\btwrchid.sys
2011/02/16 00:02:41.0801 2472	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys
2011/02/16 00:02:41.0953 2472	cdrom           (6b4bffb9becd728097024276430db314) C:\windows\system32\DRIVERS\cdrom.sys
2011/02/16 00:02:42.0018 2472	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys
2011/02/16 00:02:42.0124 2472	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\windows\system32\CLFS.sys
2011/02/16 00:02:42.0357 2472	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys
2011/02/16 00:02:42.0463 2472	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys
2011/02/16 00:02:42.0552 2472	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys
2011/02/16 00:02:42.0682 2472	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys
2011/02/16 00:02:42.0768 2472	Crusoe          (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys
2011/02/16 00:02:42.0884 2472	CSC             (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\windows\system32\drivers\csc.sys
2011/02/16 00:02:43.0009 2472	DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\windows\system32\Drivers\dfsc.sys
2011/02/16 00:02:43.0263 2472	disk            (5d4aefc3386920236a548271f8f1af6a) C:\windows\system32\drivers\disk.sys
2011/02/16 00:02:43.0431 2472	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys
2011/02/16 00:02:43.0552 2472	DXGKrnl         (5c7e2097b91d689ded7a6ff90f0f3a25) C:\windows\System32\drivers\dxgkrnl.sys
2011/02/16 00:02:43.0732 2472	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys
2011/02/16 00:02:43.0869 2472	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\windows\system32\drivers\ecache.sys
2011/02/16 00:02:43.0969 2472	elxstor         (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys
2011/02/16 00:02:44.0095 2472	ErrDev          (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys
2011/02/16 00:02:44.0213 2472	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\windows\system32\drivers\exfat.sys
2011/02/16 00:02:44.0517 2472	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\windows\system32\drivers\fastfat.sys
2011/02/16 00:02:44.0661 2472	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys
2011/02/16 00:02:44.0783 2472	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys
2011/02/16 00:02:44.0837 2472	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys
2011/02/16 00:02:44.0930 2472	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys
2011/02/16 00:02:45.0026 2472	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\windows\system32\drivers\fltmgr.sys
2011/02/16 00:02:45.0203 2472	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys
2011/02/16 00:02:45.0278 2472	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys
2011/02/16 00:02:45.0475 2472	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/02/16 00:02:45.0644 2472	HBtnKey         (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys
2011/02/16 00:02:45.0768 2472	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys
2011/02/16 00:02:45.0921 2472	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/02/16 00:02:46.0069 2472	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys
2011/02/16 00:02:46.0120 2472	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys
2011/02/16 00:02:46.0204 2472	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\windows\system32\DRIVERS\hidusb.sys
2011/02/16 00:02:46.0399 2472	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys
2011/02/16 00:02:46.0492 2472	hpdskflt        (3520a74fca88a5aefbbe7b937bea75f7) C:\windows\system32\DRIVERS\hpdskflt.sys
2011/02/16 00:02:46.0655 2472	HpqKbFiltr      (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2011/02/16 00:02:46.0975 2472	HTTP            (f870aa3e254628ebeafe754108d664de) C:\windows\system32\drivers\HTTP.sys
2011/02/16 00:02:47.0115 2472	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys
2011/02/16 00:02:47.0246 2472	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys
2011/02/16 00:02:47.0375 2472	iaStor          (db0cc620b27a928d968c1a1e9cd9cb87) C:\windows\system32\drivers\iastor.sys
2011/02/16 00:02:47.0703 2472	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys
2011/02/16 00:02:48.0233 2472	igfx            (d97e70e4e243c9660f91c1112e36c73b) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/02/16 00:02:48.0558 2472	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys
2011/02/16 00:02:48.0672 2472	intelide        (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys
2011/02/16 00:02:48.0785 2472	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys
2011/02/16 00:02:49.0076 2472	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/02/16 00:02:49.0245 2472	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys
2011/02/16 00:02:49.0336 2472	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys
2011/02/16 00:02:49.0596 2472	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys
2011/02/16 00:02:49.0669 2472	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys
2011/02/16 00:02:49.0755 2472	iScsiPrt        (232fa340531d940aac623b121a595034) C:\windows\system32\DRIVERS\msiscsi.sys
2011/02/16 00:02:49.0900 2472	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys
2011/02/16 00:02:50.0100 2472	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys
2011/02/16 00:02:50.0193 2472	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/02/16 00:02:50.0360 2472	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\windows\system32\DRIVERS\kbdhid.sys
2011/02/16 00:02:50.0535 2472	KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\windows\system32\Drivers\ksecdd.sys
2011/02/16 00:02:50.0931 2472	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys
2011/02/16 00:02:51.0129 2472	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys
2011/02/16 00:02:51.0174 2472	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys
2011/02/16 00:02:51.0269 2472	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys
2011/02/16 00:02:51.0513 2472	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys
2011/02/16 00:02:51.0677 2472	megasas         (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys
2011/02/16 00:02:51.0881 2472	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys
2011/02/16 00:02:51.0967 2472	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys
2011/02/16 00:02:52.0089 2472	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys
2011/02/16 00:02:52.0243 2472	mouclass        (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys
2011/02/16 00:02:52.0388 2472	mouhid          (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys
2011/02/16 00:02:52.0442 2472	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys
2011/02/16 00:02:52.0521 2472	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys
2011/02/16 00:02:52.0573 2472	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys
2011/02/16 00:02:52.0746 2472	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys
2011/02/16 00:02:52.0822 2472	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\windows\system32\drivers\mrxdav.sys
2011/02/16 00:02:52.0896 2472	mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/02/16 00:02:53.0073 2472	mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/02/16 00:02:53.0150 2472	mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/02/16 00:02:53.0279 2472	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\windows\system32\drivers\msahci.sys
2011/02/16 00:02:53.0377 2472	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys
2011/02/16 00:02:53.0581 2472	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys
2011/02/16 00:02:53.0652 2472	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys
2011/02/16 00:02:53.0893 2472	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys
2011/02/16 00:02:54.0042 2472	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys
2011/02/16 00:02:54.0096 2472	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys
2011/02/16 00:02:54.0256 2472	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\windows\system32\drivers\MsRPC.sys
2011/02/16 00:02:54.0339 2472	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys
2011/02/16 00:02:54.0429 2472	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys
2011/02/16 00:02:54.0535 2472	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\windows\system32\Drivers\mup.sys
2011/02/16 00:02:54.0607 2472	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\windows\system32\DRIVERS
wifi.sys
2011/02/16 00:02:54.0676 2472	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\windows\system32\drivers
dis.sys
2011/02/16 00:02:54.0786 2472	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\windows\system32\DRIVERS
distapi.sys
2011/02/16 00:02:54.0843 2472	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS
disuio.sys
2011/02/16 00:02:54.0916 2472	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\windows\system32\DRIVERS
diswan.sys
2011/02/16 00:02:55.0258 2472	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys
2011/02/16 00:02:55.0436 2472	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS
etbios.sys
2011/02/16 00:02:55.0509 2472	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\windows\system32\DRIVERS
etbt.sys
2011/02/16 00:02:55.0618 2472	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers
frd960.sys
2011/02/16 00:02:55.0712 2472	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\windows\system32\drivers\Npfs.sys
2011/02/16 00:02:55.0812 2472	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers
siproxy.sys
2011/02/16 00:02:55.0906 2472	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\windows\system32\drivers\Ntfs.sys
2011/02/16 00:02:55.0993 2472	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers
trigdigi.sys
2011/02/16 00:02:56.0078 2472	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys
2011/02/16 00:02:56.0151 2472	nvraid          (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers
vraid.sys
2011/02/16 00:02:56.0208 2472	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers
vstor.sys
2011/02/16 00:02:56.0260 2472	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers
v_agp.sys
2011/02/16 00:02:56.0497 2472	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\windows\system32\drivers\ohci1394.sys
2011/02/16 00:02:56.0631 2472	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\windows\system32\drivers\parport.sys
2011/02/16 00:02:56.0693 2472	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\windows\system32\drivers\partmgr.sys
2011/02/16 00:02:56.0744 2472	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\windows\system32\drivers\parvdm.sys
2011/02/16 00:02:56.0842 2472	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\windows\system32\drivers\pci.sys
2011/02/16 00:02:56.0971 2472	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\windows\system32\drivers\pciide.sys
2011/02/16 00:02:57.0167 2472	pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\windows\system32\DRIVERS\pcmcia.sys
2011/02/16 00:02:57.0293 2472	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys
2011/02/16 00:02:57.0714 2472	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERSaspptp.sys
2011/02/16 00:02:57.0793 2472	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\drivers\processr.sys
2011/02/16 00:02:58.0005 2472	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\windows\system32\DRIVERS\pacer.sys
2011/02/16 00:02:58.0163 2472	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys
2011/02/16 00:02:58.0281 2472	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys
2011/02/16 00:02:58.0371 2472	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys
2011/02/16 00:02:58.0468 2472	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys
2011/02/16 00:02:58.0570 2472	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERSasacd.sys
2011/02/16 00:02:58.0716 2472	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERSasl2tp.sys
2011/02/16 00:02:58.0808 2472	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\windows\system32\DRIVERSaspppoe.sys
2011/02/16 00:02:58.0930 2472	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\windows\system32\DRIVERSassstp.sys
2011/02/16 00:02:59.0020 2472	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\windows\system32\DRIVERSdbss.sys
2011/02/16 00:02:59.0224 2472	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/02/16 00:02:59.0388 2472	rdpdr           (943b18305eae3935598a9b4a3d560b4c) C:\windows\system32\DRIVERSdpdr.sys
2011/02/16 00:02:59.0459 2472	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\driversdpencdd.sys
2011/02/16 00:02:59.0534 2472	RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\windows\system32\drivers\RDPWD.sys
2011/02/16 00:02:59.0648 2472	RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\windows\system32\DRIVERSfcomm.sys
2011/02/16 00:02:59.0785 2472	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERSspndr.sys
2011/02/16 00:02:59.0876 2472	RsvLock         (3beefe509c414f3a6e55e5c7c4024581) C:\windows\system32\drivers\RsvLock.sys
2011/02/16 00:02:59.0941 2472	SafeBoot        (2a5eedcb22a5d6bb0231e38a38e7a7d9) C:\windows\system32\drivers\SafeBoot.sys
2011/02/16 00:02:59.0941 2472	Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 2a5eedcb22a5d6bb0231e38a38e7a7d9
2011/02/16 00:02:59.0955 2472	SafeBoot - detected Locked file (1)
2011/02/16 00:03:00.0051 2472	SbAlg           (52dcde2d1787217e15ffdca1cbf8cce9) C:\windows\system32\drivers\SbAlg.sys
2011/02/16 00:03:00.0118 2472	SbFsLock        (69a5af9ce49a0982e7ae7c7d62bdb2b1) C:\windows\system32\drivers\SbFsLock.sys
2011/02/16 00:03:00.0175 2472	sbp2port        (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys
2011/02/16 00:03:00.0275 2472	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/02/16 00:03:00.0446 2472	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\windows\system32\drivers\serenum.sys
2011/02/16 00:03:00.0503 2472	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\windows\system32\drivers\serial.sys
2011/02/16 00:03:00.0589 2472	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys
2011/02/16 00:03:00.0687 2472	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys
2011/02/16 00:03:00.0784 2472	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys
2011/02/16 00:03:00.0854 2472	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys
2011/02/16 00:03:00.0924 2472	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\windows\system32\drivers\sfloppy.sys
2011/02/16 00:03:01.0027 2472	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys
2011/02/16 00:03:01.0128 2472	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys
2011/02/16 00:03:01.0198 2472	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys
2011/02/16 00:03:01.0282 2472	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\windows\system32\DRIVERS\smb.sys
2011/02/16 00:03:01.0463 2472	SNP2UVC         (cf9cde12fbc19dba8de528b7511a2f4f) C:\windows\system32\DRIVERS\snp2uvc.sys
2011/02/16 00:03:01.0594 2472	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys
2011/02/16 00:03:01.0905 2472	srv             (ff3cbc13db84d81f56931bc922cc37c4) C:\windows\system32\DRIVERS\srv.sys
2011/02/16 00:03:01.0999 2472	srv2            (d15959d9f69f0d39a0153e9c244f20dd) C:\windows\system32\DRIVERS\srv2.sys
2011/02/16 00:03:02.0069 2472	srvnet          (faa0d553a49e85008c6bb3781987c574) C:\windows\system32\DRIVERS\srvnet.sys
2011/02/16 00:03:02.0189 2472	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys
2011/02/16 00:03:02.0281 2472	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys
2011/02/16 00:03:02.0362 2472	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys
2011/02/16 00:03:02.0435 2472	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys
2011/02/16 00:03:02.0541 2472	SynTP           (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys
2011/02/16 00:03:02.0651 2472	Tcpip           (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\drivers	cpip.sys
2011/02/16 00:03:03.0052 2472	Tcpip6          (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\DRIVERS	cpip.sys
2011/02/16 00:03:03.0134 2472	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\windows\system32\drivers	cpipreg.sys
2011/02/16 00:03:03.0276 2472	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers	dpipe.sys
2011/02/16 00:03:03.0373 2472	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers	dtcp.sys
2011/02/16 00:03:03.0457 2472	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\windows\system32\DRIVERS	dx.sys
2011/02/16 00:03:03.0566 2472	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\windows\system32\DRIVERS	ermdd.sys
2011/02/16 00:03:03.0913 2472	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS	ssecsrv.sys
2011/02/16 00:03:04.0071 2472	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS	unmp.sys
2011/02/16 00:03:04.0297 2472	tunnel          (300db877ac094feab0be7688c3454a9c) C:\windows\system32\DRIVERS	unnel.sys
2011/02/16 00:03:04.0434 2472	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys
2011/02/16 00:03:04.0771 2472	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\windows\system32\DRIVERS\udfs.sys
2011/02/16 00:03:05.0125 2472	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys
2011/02/16 00:03:05.0353 2472	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys
2011/02/16 00:03:05.0489 2472	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys
2011/02/16 00:03:05.0616 2472	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys
2011/02/16 00:03:05.0804 2472	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys
2011/02/16 00:03:05.0955 2472	USBAAPL         (4b8a9c16b6d9258ed99c512aecb8c555) C:\windows\system32\Drivers\usbaapl.sys
2011/02/16 00:03:06.0141 2472	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys
2011/02/16 00:03:06.0299 2472	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys
2011/02/16 00:03:06.0552 2472	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\windows\system32\DRIVERS\usbehci.sys
2011/02/16 00:03:06.0746 2472	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\windows\system32\DRIVERS\usbhub.sys
2011/02/16 00:03:07.0006 2472	usbohci         (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys
2011/02/16 00:03:07.0358 2472	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys
2011/02/16 00:03:07.0569 2472	usbscan         (a508c9bd8724980512136b039bba65e9) C:\windows\system32\DRIVERS\usbscan.sys
2011/02/16 00:03:07.0715 2472	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/02/16 00:03:07.0813 2472	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys
2011/02/16 00:03:07.0912 2472	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\windows\system32\Drivers\usbvideo.sys
2011/02/16 00:03:08.0102 2472	vga             (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys
2011/02/16 00:03:08.0288 2472	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys
2011/02/16 00:03:08.0370 2472	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys
2011/02/16 00:03:08.0498 2472	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys
2011/02/16 00:03:08.0605 2472	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys
2011/02/16 00:03:08.0814 2472	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys
2011/02/16 00:03:08.0949 2472	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\windows\system32\drivers\volmgrx.sys
2011/02/16 00:03:09.0068 2472	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\windows\system32\drivers\volsnap.sys
2011/02/16 00:03:09.0223 2472	vsmraid         (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys
2011/02/16 00:03:09.0439 2472	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys
2011/02/16 00:03:09.0649 2472	Wanarp          (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/02/16 00:03:09.0680 2472	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/02/16 00:03:09.0843 2472	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys
2011/02/16 00:03:10.0012 2472	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys
2011/02/16 00:03:10.0388 2472	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/02/16 00:03:10.0495 2472	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys
2011/02/16 00:03:10.0631 2472	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/02/16 00:03:10.0814 2472	yukonwlh        (f72d4bffa37e857d195048c498afc61b) C:\windows\system32\DRIVERS\yk60x86.sys
2011/02/16 00:03:10.0914 2472	\HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/02/16 00:03:10.0920 2472	================================================================================
2011/02/16 00:03:10.0921 2472	Scan finished
2011/02/16 00:03:10.0921 2472	================================================================================
2011/02/16 00:03:10.0935 2908	Detected object count: 2
2011/02/16 00:03:35.0888 2908	HKLM\SYSTEM\ControlSet001\services\SafeBoot - will be deleted after reboot
2011/02/16 00:03:35.0962 2908	HKLM\SYSTEM\ControlSet003\services\SafeBoot - will be deleted after reboot
2011/02/16 00:03:36.0003 2908	C:\windows\system32\drivers\SafeBoot.sys - will be deleted after reboot
2011/02/16 00:03:36.0003 2908	Locked file(SafeBoot) - User select action: Delete 
2011/02/16 00:03:36.0004 2908	Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Skip 




Configuration: Windows Vista / Internet Explorer 7.0

gen-hackman · Answer

salut il fallait faire "Cure" et non "Skip" :)

darkovnus · Answer

Et bien j'ai cure, mais ce la ne change rien le virus et toujours là, j'ai recommencer deux fois mais rien n'y fait, j'ai aussi redemarrer mon pc a chaque fois biensur, mais cela ne change rien d'ailleur quand il se rallume l'ordi se lance dans la reparation de demarrage windows a chaque fois et cela depuis que j'ai essayer de l'effacer !! Auriez vous une idée de se que je doit faire !!!

gen-hackman · Answer

/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\ __________________________________________________________ >Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.< >>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<< ===================================================== ▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur Telecharge ici : Combofix Avant d'utiliser ComboFix : Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système. La simple désactivation du résident n'est pas suffisante. Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover Choisis la version adéquate (32 ou 64 bits)/!\ Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement : ▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau ▶ Lance le Une fenêtre apparait : clique sur "Disable" ▶ Fais redémarrer l'ordinateur si l'outil te le demande Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable" _________________________________________________________ >> referme les fenêtres de tous les programmes en cours. >> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, >>la protection en temps réel de ton Antivirus et de tes Antispywares, >>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil. °°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°° si tu as XP => double clique si tu as Vista ou windows 7 => clic droit "executer en tant que...." sur combofix renommé ¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤ ▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!! ▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet. ▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

darkovnus · Answer

Desoler j'ai mis du temps avant de vous repondre le travaille ma pris de cours. 
J'ai fait se que vous m'avez dit je vous colle le rapport qui est apparue a la fin sur combofix

ComboFix 11-03-12.01 - Lolo 13/03/2011   9:29.1.1 - x86
Microsoft® Windows Vista(TM) Professionnel   6.0.6002.2.1252.33.1036.18.1976.904 [GMT 1:00]
Lancé depuis: c:\users\Lolo\Downloads\ComboFix.exe
AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lolo\AppData\Roaming\AntiVirus 2010
c:\users\Lolo\AppData\Roaming\WhereSphere
c:\users\Lolo\AppData\Roaming\WhereSphere\config.cfg
c:\users\Lolo\Desktop\Internet Explorer.lnk
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-02-13 au 2011-03-13  ))))))))))))))))))))))))))))))))))))
.
.
2011-03-13 08:42 . 2011-03-13 08:47	--------	d-----w-	c:\users\Lolo\AppData\Local	emp
2011-03-13 08:42 . 2011-03-13 08:42	--------	d-----w-	c:\users\Default\AppData\Local	emp
2011-03-10 18:51 . 2010-12-29 18:28	322560	----a-w-	c:\windows\system32\sbe.dll
2011-03-10 18:51 . 2010-12-29 18:28	429056	----a-w-	c:\windows\system32\EncDec.dll
2011-03-10 18:51 . 2010-12-29 18:26	177664	----a-w-	c:\windows\system32\mpg2splt.ax
2011-03-10 18:51 . 2010-12-29 18:28	153088	----a-w-	c:\windows\system32\sbeio.dll
2011-03-10 18:51 . 2010-12-17 15:45	2067968	----a-w-	c:\windows\system32\mstscax.dll
2011-03-10 18:51 . 2010-12-17 13:54	677888	----a-w-	c:\windows\system32\mstsc.exe
2011-02-27 11:26 . 2011-02-27 11:26	--------	d-----w-	c:\program files\iPod
2011-02-27 11:26 . 2011-02-27 11:27	--------	d-----w-	c:\program files\iTunes
2011-02-27 11:20 . 2011-02-27 11:20	--------	d-----w-	c:\program files\Bonjour
2011-02-19 02:05 . 2011-02-19 02:05	23040	----a-w-	c:\windows\system32\bddel.exe
2011-02-18 22:33 . 2011-02-18 22:33	--------	d-----w-	c:\users\Lolo\AppData\Roaming\QuickScan
2011-02-18 22:31 . 2011-03-13 08:44	--------	d-----w-	c:\program files\Common Files\BitDefender
2011-02-18 22:29 . 2011-03-13 08:24	512599	----a-w-	c:\programdata\bdinstall.bin
2011-02-18 17:32 . 2011-02-02 16:10	5890896	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{48C382E4-26E4-45EF-B541-0D40565F2CDC}\mpengine.dll
2011-02-17 19:03 . 2011-02-17 19:03	--------	d-----w-	c:\windows\fr
2011-02-17 18:57 . 2009-09-04 16:44	69464	----a-w-	c:\windows\system32\XAPOFX1_3.dll
2011-02-17 18:57 . 2009-09-04 16:44	515416	----a-w-	c:\windows\system32\XAudio2_5.dll
2011-02-17 18:57 . 2009-09-04 16:29	453456	----a-w-	c:\windows\system32\d3dx10_42.dll
2011-02-17 18:54 . 2011-02-17 18:54	94040	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54	525656	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54	1691480	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\dsetup32.dll
2011-02-17 18:54 . 2011-02-17 18:54	94040	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54	525656	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54	1691480	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\dsetup32.dll
2011-02-17 18:53 . 2009-08-04 08:02	754688	----a-w-	c:\windows\system32\webservices.dll
2011-02-16 22:35 . 2010-10-18 13:37	81920	----a-w-	c:\windows\system32\consent.exe
2011-02-16 22:34 . 2010-10-28 13:20	2048	----a-w-	c:\windows\system32	zres.dll
2011-02-16 22:34 . 2011-01-08 08:47	34304	----a-w-	c:\windows\system32\atmlib.dll
2011-02-16 22:34 . 2011-01-08 06:28	292352	----a-w-	c:\windows\system32\atmfd.dll
2011-02-16 22:34 . 2010-06-16 15:30	72704	----a-w-	c:\windows\system32\fontsub.dll
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 18:41 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 16:11 . 2009-10-03 07:56	222080	------w-	c:\windows\system32\MpSigStub.exe
2010-12-14 17:51 . 2010-12-14 17:51	41984	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2010-12-14 17:51 . 2010-12-14 17:51	4184352	----a-w-	c:\windows\system32\usbaaplrc.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 10244096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 197904]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-10 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-10 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-10 145944]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
.
c:\users\Lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-6-18 197904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSP;avast! Self Protection; [x]
S1 RsvLock;RsvLock; [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-04-07 24936]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
Cognizance	REG_MULTI_SZ   	ASBroker ASChannel
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
Akamai	REG_MULTI_SZ   	Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-12 c:\windows\Tasks\Norton Security Scan for Lolo.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-10-23 07:48]
.
2011-03-13 c:\windows\Tasks\User_Feed_Synchronization-{AF1FD668-6C39-4ACD-B4AA-8512F55AB2A9}.job
- c:\windows\system32\msfeedssync.exe [2011-02-16 04:47]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Lolo\AppData\Roaming\Mozilla\Firefox\Profiles\4m9vyvqd.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-{F0A37341-D692-11D4-A984-009027EC0A9C} - c:\program files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe
.
.
.
**************************************************************************
Recherche de processus cachés ... 
.
Recherche d'éléments en démarrage automatique cachés ... 
.
Recherche de fichiers cachés ... 
.
Scan terminé avec succès
Fichiers cachés: 
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(3572)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
c:\windows\system32\btncopy.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\ActivIdentity\ActivClient\acevents.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Heure de fin: 2011-03-13  09:54:31 - La machine a redémarré
ComboFix-quarantined-files.txt  2011-03-13 08:53
.
Avant-CF: 134 128 775 168 octets libres
Après-CF: 134 470 795 264 octets libres
.
- - End Of File - - E1A3675C92304167E5540E5FD198C973

gen-hackman · Answer

tu n'as pas fait ce qui éétait demandé !!

darkovnus · Answer

comment ça ? je doit faire quoi alors ??

darkovnus · Answer

j'ai pourtant suivis a la lettre le message que tu m'a envoyer !!!

totobetourne · Answer

IL VEUT TE DIRE QUE TU NE L AS PAS RENOMMé combo fix avant de le telecharger et aussi mais ce n est pas indique(je crois) c est que combo fix doit se situer sur ton bureau lorsque tu lances le scan.

darkovnus · Answer

Et voici le rapport Combofix.txt






ComboFix 11-03-12.01 - Lolo 13/03/2011  14:28:47.2.1 - x86
Microsoft® Windows Vista(TM) Professionnel   6.0.6002.2.1252.33.1036.18.1976.833 [GMT 1:00]
Lancé depuis: c:\users\Lolo\Desktop\ComboFix.exe
AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-02-13 au 2011-03-13  ))))))))))))))))))))))))))))))))))))
.
.
2011-03-13 13:41 . 2011-03-13 13:41	--------	d-----w-	c:\users\Default\AppData\Local	emp
2011-03-13 13:26 . 2011-03-13 13:27	--------	d-----w-	C:\32788R22FWJFW
2011-03-13 09:06 . 2011-02-11 06:54	5943120	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF469371-68B2-4F03-871D-582C1D7F8437}\mpengine.dll
2011-03-13 08:42 . 2011-03-13 13:41	--------	d-----w-	c:\users\Lolo\AppData\Local	emp
2011-03-10 18:51 . 2010-12-29 18:28	322560	----a-w-	c:\windows\system32\sbe.dll
2011-03-10 18:51 . 2010-12-29 18:28	429056	----a-w-	c:\windows\system32\EncDec.dll
2011-03-10 18:51 . 2010-12-29 18:26	177664	----a-w-	c:\windows\system32\mpg2splt.ax
2011-03-10 18:51 . 2010-12-29 18:28	153088	----a-w-	c:\windows\system32\sbeio.dll
2011-03-10 18:51 . 2010-12-17 15:45	2067968	----a-w-	c:\windows\system32\mstscax.dll
2011-03-10 18:51 . 2010-12-17 13:54	677888	----a-w-	c:\windows\system32\mstsc.exe
2011-02-27 11:26 . 2011-02-27 11:26	--------	d-----w-	c:\program files\iPod
2011-02-27 11:26 . 2011-02-27 11:27	--------	d-----w-	c:\program files\iTunes
2011-02-27 11:20 . 2011-02-27 11:20	--------	d-----w-	c:\program files\Bonjour
2011-02-19 02:05 . 2011-02-19 02:05	23040	----a-w-	c:\windows\system32\bddel.exe
2011-02-18 22:33 . 2011-02-18 22:33	--------	d-----w-	c:\users\Lolo\AppData\Roaming\QuickScan
2011-02-18 22:31 . 2011-03-13 08:44	--------	d-----w-	c:\program files\Common Files\BitDefender
2011-02-18 22:29 . 2011-03-13 08:24	512599	----a-w-	c:\programdata\bdinstall.bin
2011-02-17 19:03 . 2011-02-17 19:03	--------	d-----w-	c:\windows\fr
2011-02-17 18:57 . 2009-09-04 16:44	69464	----a-w-	c:\windows\system32\XAPOFX1_3.dll
2011-02-17 18:57 . 2009-09-04 16:44	515416	----a-w-	c:\windows\system32\XAudio2_5.dll
2011-02-17 18:57 . 2009-09-04 16:29	453456	----a-w-	c:\windows\system32\d3dx10_42.dll
2011-02-17 18:54 . 2011-02-17 18:54	94040	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54	525656	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54	1691480	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\dsetup32.dll
2011-02-17 18:54 . 2011-02-17 18:54	94040	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54	525656	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54	1691480	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\dsetup32.dll
2011-02-17 18:53 . 2009-08-04 08:02	754688	----a-w-	c:\windows\system32\webservices.dll
2011-02-16 22:35 . 2010-10-18 13:37	81920	----a-w-	c:\windows\system32\consent.exe
2011-02-16 22:34 . 2010-10-28 13:20	2048	----a-w-	c:\windows\system32	zres.dll
2011-02-16 22:34 . 2011-01-08 08:47	34304	----a-w-	c:\windows\system32\atmlib.dll
2011-02-16 22:34 . 2011-01-08 06:28	292352	----a-w-	c:\windows\system32\atmfd.dll
2011-02-16 22:34 . 2010-06-16 15:30	72704	----a-w-	c:\windows\system32\fontsub.dll
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 18:41 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 16:11 . 2009-10-03 07:56	222080	------w-	c:\windows\system32\MpSigStub.exe
2010-12-14 17:51 . 2010-12-14 17:51	41984	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2010-12-14 17:51 . 2010-12-14 17:51	4184352	----a-w-	c:\windows\system32\usbaaplrc.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 10244096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 197904]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-10 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-10 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-10 145944]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
.
c:\users\Lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-6-18 197904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSP;avast! Self Protection; [x]
S1 RsvLock;RsvLock; [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-04-07 24936]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
Cognizance	REG_MULTI_SZ   	ASBroker ASChannel
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
Akamai	REG_MULTI_SZ   	Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-12 c:\windows\Tasks\Norton Security Scan for Lolo.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-10-23 07:48]
.
2011-03-13 c:\windows\Tasks\User_Feed_Synchronization-{AF1FD668-6C39-4ACD-B4AA-8512F55AB2A9}.job
- c:\windows\system32\msfeedssync.exe [2011-02-16 04:47]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Lolo\AppData\Roaming\Mozilla\Firefox\Profiles\4m9vyvqd.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-13 14:41
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ... 
.
Recherche d'éléments en démarrage automatique cachés ... 
.
Recherche de fichiers cachés ... 
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(644)
c:\windows\System32\APSHook.dll
.
- - - - - - - > 'lsass.exe'(704)
c:\windows\System32\APSHook.dll
.
- - - - - - - > 'Explorer.exe'(5368)
c:\windows\system32\btmmhook.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
.
Heure de fin: 2011-03-13  14:45:07
ComboFix-quarantined-files.txt  2011-03-13 13:45
ComboFix2.txt  2011-03-13 08:54
.
Avant-CF: 130 688 692 224 octets libres
Après-CF: 130 658 848 768 octets libres
.
- - End Of File - - 9571D68C735367A57F156DADABECDF1E

gen-hackman · Answer

qu'est-ce-qui lui arrive à cette Dll ?

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

    *  * Colle directement le chemin des fichiers , un par un , dans l'espace "Parcourir" apres chaque analyse :

c:\windows\System32\APSHook.dll 

    * Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
    * Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
    * Lorsque l'analyse est terminée colle le lien de(s)( la) page(s)  dans ta prochaine réponse.

gen-hackman · Answer

__________________________________________________ =>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <= =>il est fort déconseillé de le transposer sur un autre ordinateur !<= ---------------------------------------------------------------------------- Toujours avec toutes les protections désactivées, fais ceci : ▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes) ▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) : ---------------------------------------------------------- KillAll:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "SunJavaUpdateSched"=- "HP Software Update"=- "QuickTime Task"=- "iTunesHelper"=- RegLock:: [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] ------------------------------------------------------------------ ▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt ▶ Quitte le Bloc Notes ▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix ▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé. ▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu. ▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt

darkovnus · Answer

voici le rapport 


ComboFix 11-03-12.01 - Lolo 13/03/2011  21:19:40.3.1 - x86
Microsoft® Windows Vista(TM) Professionnel   6.0.6002.2.1252.33.1036.18.1976.1010 [GMT 1:00]
Lancé depuis: c:\users\Lolo\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Lolo\Desktop\CFScript.txt.lnk
AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-02-13 au 2011-03-13  ))))))))))))))))))))))))))))))))))))
.
.
2011-03-13 20:30 . 2011-03-13 20:30	--------	d-----w-	c:\users\Default\AppData\Local	emp
2011-03-13 09:06 . 2011-02-11 06:54	5943120	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF469371-68B2-4F03-871D-582C1D7F8437}\mpengine.dll
2011-03-13 08:42 . 2011-03-13 20:30	--------	d-----w-	c:\users\Lolo\AppData\Local	emp
2011-03-10 18:51 . 2010-12-29 18:28	322560	----a-w-	c:\windows\system32\sbe.dll
2011-03-10 18:51 . 2010-12-29 18:28	429056	----a-w-	c:\windows\system32\EncDec.dll
2011-03-10 18:51 . 2010-12-29 18:26	177664	----a-w-	c:\windows\system32\mpg2splt.ax
2011-03-10 18:51 . 2010-12-29 18:28	153088	----a-w-	c:\windows\system32\sbeio.dll
2011-03-10 18:51 . 2010-12-17 15:45	2067968	----a-w-	c:\windows\system32\mstscax.dll
2011-03-10 18:51 . 2010-12-17 13:54	677888	----a-w-	c:\windows\system32\mstsc.exe
2011-02-27 11:26 . 2011-02-27 11:26	--------	d-----w-	c:\program files\iPod
2011-02-27 11:26 . 2011-02-27 11:27	--------	d-----w-	c:\program files\iTunes
2011-02-27 11:20 . 2011-02-27 11:20	--------	d-----w-	c:\program files\Bonjour
2011-02-19 02:05 . 2011-02-19 02:05	23040	----a-w-	c:\windows\system32\bddel.exe
2011-02-18 22:33 . 2011-02-18 22:33	--------	d-----w-	c:\users\Lolo\AppData\Roaming\QuickScan
2011-02-18 22:31 . 2011-03-13 08:44	--------	d-----w-	c:\program files\Common Files\BitDefender
2011-02-18 22:29 . 2011-03-13 08:24	512599	----a-w-	c:\programdata\bdinstall.bin
2011-02-17 19:03 . 2011-02-17 19:03	--------	d-----w-	c:\windows\fr
2011-02-17 18:57 . 2009-09-04 16:44	69464	----a-w-	c:\windows\system32\XAPOFX1_3.dll
2011-02-17 18:57 . 2009-09-04 16:44	515416	----a-w-	c:\windows\system32\XAudio2_5.dll
2011-02-17 18:57 . 2009-09-04 16:29	453456	----a-w-	c:\windows\system32\d3dx10_42.dll
2011-02-17 18:54 . 2011-02-17 18:54	94040	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54	525656	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54	1691480	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\dsetup32.dll
2011-02-17 18:54 . 2011-02-17 18:54	94040	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54	525656	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54	1691480	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\dsetup32.dll
2011-02-17 18:53 . 2009-08-04 08:02	754688	----a-w-	c:\windows\system32\webservices.dll
2011-02-16 22:35 . 2010-10-18 13:37	81920	----a-w-	c:\windows\system32\consent.exe
2011-02-16 22:34 . 2010-10-28 13:20	2048	----a-w-	c:\windows\system32	zres.dll
2011-02-16 22:34 . 2011-01-08 08:47	34304	----a-w-	c:\windows\system32\atmlib.dll
2011-02-16 22:34 . 2011-01-08 06:28	292352	----a-w-	c:\windows\system32\atmfd.dll
2011-02-16 22:34 . 2010-06-16 15:30	72704	----a-w-	c:\windows\system32\fontsub.dll
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 18:41 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 16:11 . 2009-10-03 07:56	222080	------w-	c:\windows\system32\MpSigStub.exe
2010-12-14 17:51 . 2010-12-14 17:51	41984	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2010-12-14 17:51 . 2010-12-14 17:51	4184352	----a-w-	c:\windows\system32\usbaaplrc.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 10244096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 197904]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-10 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-10 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-10 145944]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
.
c:\users\Lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-6-18 197904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSP;avast! Self Protection; [x]
S1 RsvLock;RsvLock; [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-04-07 24936]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
Cognizance	REG_MULTI_SZ   	ASBroker ASChannel
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
Akamai	REG_MULTI_SZ   	Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-13 c:\windows\Tasks\Norton Security Scan for Lolo.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-10-23 07:48]
.
2011-03-13 c:\windows\Tasks\User_Feed_Synchronization-{AF1FD668-6C39-4ACD-B4AA-8512F55AB2A9}.job
- c:\windows\system32\msfeedssync.exe [2011-02-16 04:47]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Lolo\AppData\Roaming\Mozilla\Firefox\Profiles\4m9vyvqd.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-13 21:30
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ... 
.
Recherche d'éléments en démarrage automatique cachés ... 
.
Recherche de fichiers cachés ... 
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(4644)
c:\windows\system32\btmmhook.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
.
Heure de fin: 2011-03-13  21:33:39
ComboFix-quarantined-files.txt  2011-03-13 20:33
ComboFix2.txt  2011-03-13 13:45
ComboFix3.txt  2011-03-13 08:54
.
Avant-CF: 130 713 485 312 octets libres
Après-CF: 130 684 121 088 octets libres
.
- - End Of File - - 8E0041898CD2E32113FE41EB861EE285

gen-hackman · Answer

refais un rapport de TDSSKILLEr

darkovnus · Answer

et voici le rapport de tdsskiller

2011/03/14 22:38:26.0068 5108	TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20
2011/03/14 22:38:30.0405 5108	================================================================================
2011/03/14 22:38:30.0405 5108	SystemInfo:
2011/03/14 22:38:30.0405 5108	
2011/03/14 22:38:30.0405 5108	OS Version: 6.0.6002 ServicePack: 2.0
2011/03/14 22:38:30.0405 5108	Product type: Workstation
2011/03/14 22:38:30.0405 5108	ComputerName: PC-DE-LOLO
2011/03/14 22:38:30.0421 5108	UserName: Lolo
2011/03/14 22:38:30.0421 5108	Windows directory: C:\windows
2011/03/14 22:38:30.0421 5108	System windows directory: C:\windows
2011/03/14 22:38:30.0421 5108	Processor architecture: Intel x86
2011/03/14 22:38:30.0421 5108	Number of processors: 1
2011/03/14 22:38:30.0421 5108	Page size: 0x1000
2011/03/14 22:38:30.0421 5108	Boot type: Normal boot
2011/03/14 22:38:30.0421 5108	================================================================================
2011/03/14 22:38:30.0873 5108	Initialize success
2011/03/14 22:38:34.0508 5720	================================================================================
2011/03/14 22:38:34.0508 5720	Scan started
2011/03/14 22:38:34.0508 5720	Mode: Manual; 
2011/03/14 22:38:34.0508 5720	================================================================================
2011/03/14 22:38:35.0194 5720	Accelerometer   (a9b917777841b76f299e2ea946e03adf) C:\windows\system32\DRIVERS\Accelerometer.sys
2011/03/14 22:38:35.0303 5720	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\windows\system32\drivers\acpi.sys
2011/03/14 22:38:35.0397 5720	adfs            (6d7f09cd92a9fef3a8efce66231fdd79) C:\windows\system32\drivers\adfs.sys
2011/03/14 22:38:35.0491 5720	ADIHdAudAddService (364a903711e84eb1386fa04106681b7a) C:\windows\system32\drivers\ADIHdAud.sys
2011/03/14 22:38:35.0569 5720	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys
2011/03/14 22:38:35.0631 5720	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys
2011/03/14 22:38:35.0709 5720	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys
2011/03/14 22:38:35.0756 5720	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys
2011/03/14 22:38:35.0865 5720	AFD             (a201207363aa900abf1a388468688570) C:\windows\system32\drivers\afd.sys
2011/03/14 22:38:36.0005 5720	AgereSoftModem  (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys
2011/03/14 22:38:36.0115 5720	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys
2011/03/14 22:38:36.0177 5720	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys
2011/03/14 22:38:36.0255 5720	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys
2011/03/14 22:38:36.0317 5720	amdagp          (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys
2011/03/14 22:38:36.0380 5720	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys
2011/03/14 22:38:36.0458 5720	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys
2011/03/14 22:38:36.0536 5720	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys
2011/03/14 22:38:36.0692 5720	arc             (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys
2011/03/14 22:38:36.0754 5720	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys
2011/03/14 22:38:36.0910 5720	aswFsBlk        (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys
2011/03/14 22:38:37.0019 5720	aswMonFlt       (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys
2011/03/14 22:38:37.0097 5720	aswRdr          (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys
2011/03/14 22:38:37.0175 5720	aswSP           (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys
2011/03/14 22:38:37.0269 5720	aswTdi          (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys
2011/03/14 22:38:37.0331 5720	AsyncMac        (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys
2011/03/14 22:38:37.0409 5720	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\windows\system32\drivers\atapi.sys
2011/03/14 22:38:37.0581 5720	b57nd60x        (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/03/14 22:38:37.0721 5720	BCM43XX         (3f5e7621cdf6867d3d8417d13a098277) C:\windows\system32\DRIVERS\bcmwl6.sys
2011/03/14 22:38:37.0846 5720	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys
2011/03/14 22:38:37.0955 5720	blbdrive        (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys
2011/03/14 22:38:38.0080 5720	bowser          (74b442b2be1260b7588c136177ceac66) C:\windows\system32\DRIVERS\bowser.sys
2011/03/14 22:38:38.0158 5720	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys
2011/03/14 22:38:38.0252 5720	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys
2011/03/14 22:38:38.0345 5720	Brserid         (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys
2011/03/14 22:38:38.0423 5720	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys
2011/03/14 22:38:38.0517 5720	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys
2011/03/14 22:38:38.0595 5720	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys
2011/03/14 22:38:38.0689 5720	BthEnum         (6d39c954799b63ba866910234cf7d726) C:\windows\system32\DRIVERS\BthEnum.sys
2011/03/14 22:38:38.0767 5720	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\windows\system32\drivers\bthmodem.sys
2011/03/14 22:38:38.0876 5720	BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys
2011/03/14 22:38:38.0985 5720	BTHPORT         (5a3abaa2f8eece7aefb942773766e3db) C:\windows\system32\Drivers\BTHport.sys
2011/03/14 22:38:39.0141 5720	BTHUSB          (94e2941280e3756a5e0bcb467865c43a) C:\windows\system32\Drivers\BTHUSB.sys
2011/03/14 22:38:39.0281 5720	btwaudio        (99aeea7cefdfc6e4151a8f620d682088) C:\windows\system32\drivers\btwaudio.sys
2011/03/14 22:38:39.0359 5720	btwavdt         (195872e48a7fb01f8bc9b800f70f4054) C:\windows\system32\drivers\btwavdt.sys
2011/03/14 22:38:39.0453 5720	btwrchid        (0724e7d6c9b6a289eddda33fa8176e80) C:\windows\system32\DRIVERS\btwrchid.sys
2011/03/14 22:38:39.0640 5720	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys
2011/03/14 22:38:39.0734 5720	cdrom           (6b4bffb9becd728097024276430db314) C:\windows\system32\DRIVERS\cdrom.sys
2011/03/14 22:38:39.0812 5720	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys
2011/03/14 22:38:39.0890 5720	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\windows\system32\CLFS.sys
2011/03/14 22:38:39.0999 5720	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys
2011/03/14 22:38:40.0077 5720	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys
2011/03/14 22:38:40.0155 5720	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys
2011/03/14 22:38:40.0217 5720	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys
2011/03/14 22:38:40.0280 5720	Crusoe          (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys
2011/03/14 22:38:40.0420 5720	CSC             (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\windows\system32\drivers\csc.sys
2011/03/14 22:38:40.0545 5720	DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\windows\system32\Drivers\dfsc.sys
2011/03/14 22:38:40.0654 5720	disk            (5d4aefc3386920236a548271f8f1af6a) C:\windows\system32\drivers\disk.sys
2011/03/14 22:38:40.0810 5720	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys
2011/03/14 22:38:40.0904 5720	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\windows\System32\drivers\dxgkrnl.sys
2011/03/14 22:38:41.0013 5720	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys
2011/03/14 22:38:41.0122 5720	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\windows\system32\drivers\ecache.sys
2011/03/14 22:38:41.0247 5720	elxstor         (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys
2011/03/14 22:38:41.0341 5720	ErrDev          (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys
2011/03/14 22:38:41.0465 5720	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\windows\system32\drivers\exfat.sys
2011/03/14 22:38:41.0543 5720	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\windows\system32\drivers\fastfat.sys
2011/03/14 22:38:41.0668 5720	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys
2011/03/14 22:38:41.0762 5720	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys
2011/03/14 22:38:41.0824 5720	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys
2011/03/14 22:38:41.0902 5720	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys
2011/03/14 22:38:41.0965 5720	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\windows\system32\drivers\fltmgr.sys
2011/03/14 22:38:42.0058 5720	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys
2011/03/14 22:38:42.0136 5720	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys
2011/03/14 22:38:42.0230 5720	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/03/14 22:38:42.0386 5720	HBtnKey         (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys
2011/03/14 22:38:42.0495 5720	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys
2011/03/14 22:38:42.0604 5720	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/03/14 22:38:42.0713 5720	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys
2011/03/14 22:38:42.0760 5720	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys
2011/03/14 22:38:42.0869 5720	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\windows\system32\DRIVERS\hidusb.sys
2011/03/14 22:38:42.0963 5720	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys
2011/03/14 22:38:43.0057 5720	hpdskflt        (3520a74fca88a5aefbbe7b937bea75f7) C:\windows\system32\DRIVERS\hpdskflt.sys
2011/03/14 22:38:43.0181 5720	HpqKbFiltr      (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2011/03/14 22:38:43.0291 5720	HTTP            (f870aa3e254628ebeafe754108d664de) C:\windows\system32\drivers\HTTP.sys
2011/03/14 22:38:43.0384 5720	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys
2011/03/14 22:38:43.0462 5720	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys
2011/03/14 22:38:43.0571 5720	iaStor          (db0cc620b27a928d968c1a1e9cd9cb87) C:\windows\system32\drivers\iastor.sys
2011/03/14 22:38:43.0634 5720	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys
2011/03/14 22:38:43.0821 5720	igfx            (d97e70e4e243c9660f91c1112e36c73b) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/03/14 22:38:43.0961 5720	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys
2011/03/14 22:38:44.0055 5720	intelide        (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys
2011/03/14 22:38:44.0102 5720	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys
2011/03/14 22:38:44.0164 5720	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/03/14 22:38:44.0305 5720	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys
2011/03/14 22:38:44.0398 5720	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys
2011/03/14 22:38:44.0507 5720	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys
2011/03/14 22:38:44.0570 5720	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys
2011/03/14 22:38:44.0648 5720	iScsiPrt        (232fa340531d940aac623b121a595034) C:\windows\system32\DRIVERS\msiscsi.sys
2011/03/14 22:38:44.0757 5720	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys
2011/03/14 22:38:44.0819 5720	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys
2011/03/14 22:38:44.0882 5720	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/03/14 22:38:44.0975 5720	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\windows\system32\DRIVERS\kbdhid.sys
2011/03/14 22:38:45.0053 5720	KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\windows\system32\Drivers\ksecdd.sys
2011/03/14 22:38:45.0225 5720	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys
2011/03/14 22:38:45.0334 5720	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys
2011/03/14 22:38:45.0397 5720	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys
2011/03/14 22:38:45.0443 5720	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys
2011/03/14 22:38:45.0490 5720	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys
2011/03/14 22:38:45.0599 5720	megasas         (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys
2011/03/14 22:38:45.0662 5720	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys
2011/03/14 22:38:45.0740 5720	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys
2011/03/14 22:38:45.0802 5720	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys
2011/03/14 22:38:45.0896 5720	mouclass        (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys
2011/03/14 22:38:45.0974 5720	mouhid          (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys
2011/03/14 22:38:46.0036 5720	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys
2011/03/14 22:38:46.0114 5720	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys
2011/03/14 22:38:46.0177 5720	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys
2011/03/14 22:38:46.0270 5720	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys
2011/03/14 22:38:46.0364 5720	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\windows\system32\drivers\mrxdav.sys
2011/03/14 22:38:46.0442 5720	mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/03/14 22:38:46.0520 5720	mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/03/14 22:38:46.0598 5720	mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/03/14 22:38:46.0660 5720	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\windows\system32\drivers\msahci.sys
2011/03/14 22:38:46.0723 5720	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys
2011/03/14 22:38:46.0832 5720	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys
2011/03/14 22:38:46.0894 5720	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys
2011/03/14 22:38:47.0003 5720	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys
2011/03/14 22:38:47.0066 5720	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys
2011/03/14 22:38:47.0128 5720	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys
2011/03/14 22:38:47.0206 5720	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\windows\system32\drivers\MsRPC.sys
2011/03/14 22:38:47.0300 5720	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys
2011/03/14 22:38:47.0393 5720	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys
2011/03/14 22:38:47.0471 5720	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\windows\system32\Drivers\mup.sys
2011/03/14 22:38:47.0534 5720	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\windows\system32\DRIVERS
wifi.sys
2011/03/14 22:38:47.0627 5720	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\windows\system32\drivers
dis.sys
2011/03/14 22:38:47.0752 5720	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\windows\system32\DRIVERS
distapi.sys
2011/03/14 22:38:47.0815 5720	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS
disuio.sys
2011/03/14 22:38:47.0893 5720	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\windows\system32\DRIVERS
diswan.sys
2011/03/14 22:38:47.0955 5720	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys
2011/03/14 22:38:48.0080 5720	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS
etbios.sys
2011/03/14 22:38:48.0158 5720	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\windows\system32\DRIVERS
etbt.sys
2011/03/14 22:38:48.0267 5720	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers
frd960.sys
2011/03/14 22:38:48.0361 5720	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\windows\system32\drivers\Npfs.sys
2011/03/14 22:38:48.0454 5720	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers
siproxy.sys
2011/03/14 22:38:48.0532 5720	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\windows\system32\drivers\Ntfs.sys
2011/03/14 22:38:48.0626 5720	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers
trigdigi.sys
2011/03/14 22:38:48.0688 5720	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys
2011/03/14 22:38:48.0735 5720	nvraid          (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers
vraid.sys
2011/03/14 22:38:48.0891 5720	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers
vstor.sys
2011/03/14 22:38:48.0969 5720	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers
v_agp.sys
2011/03/14 22:38:49.0406 5720	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\windows\system32\drivers\ohci1394.sys
2011/03/14 22:38:49.0515 5720	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\windows\system32\drivers\parport.sys
2011/03/14 22:38:49.0577 5720	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\windows\system32\drivers\partmgr.sys
2011/03/14 22:38:49.0655 5720	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\windows\system32\drivers\parvdm.sys
2011/03/14 22:38:49.0796 5720	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\windows\system32\drivers\pci.sys
2011/03/14 22:38:49.0889 5720	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\windows\system32\drivers\pciide.sys
2011/03/14 22:38:49.0983 5720	pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\windows\system32\DRIVERS\pcmcia.sys
2011/03/14 22:38:50.0092 5720	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys
2011/03/14 22:38:50.0279 5720	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERSaspptp.sys
2011/03/14 22:38:50.0357 5720	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\drivers\processr.sys
2011/03/14 22:38:50.0482 5720	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\windows\system32\DRIVERS\pacer.sys
2011/03/14 22:38:50.0576 5720	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys
2011/03/14 22:38:50.0669 5720	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys
2011/03/14 22:38:50.0794 5720	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys
2011/03/14 22:38:50.0872 5720	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys
2011/03/14 22:38:50.0935 5720	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERSasacd.sys
2011/03/14 22:38:50.0997 5720	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERSasl2tp.sys
2011/03/14 22:38:51.0059 5720	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\windows\system32\DRIVERSaspppoe.sys
2011/03/14 22:38:51.0153 5720	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\windows\system32\DRIVERSassstp.sys
2011/03/14 22:38:51.0231 5720	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\windows\system32\DRIVERSdbss.sys
2011/03/14 22:38:51.0293 5720	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/03/14 22:38:51.0403 5720	rdpdr           (943b18305eae3935598a9b4a3d560b4c) C:\windows\system32\DRIVERSdpdr.sys
2011/03/14 22:38:51.0465 5720	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\driversdpencdd.sys
2011/03/14 22:38:51.0559 5720	RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\windows\system32\drivers\RDPWD.sys
2011/03/14 22:38:51.0683 5720	RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\windows\system32\DRIVERSfcomm.sys
2011/03/14 22:38:51.0824 5720	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERSspndr.sys
2011/03/14 22:38:51.0886 5720	RsvLock         (3beefe509c414f3a6e55e5c7c4024581) C:\windows\system32\drivers\RsvLock.sys
2011/03/14 22:38:51.0964 5720	SafeBoot        (2a5eedcb22a5d6bb0231e38a38e7a7d9) C:\windows\system32\drivers\SafeBoot.sys
2011/03/14 22:38:51.0964 5720	Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 2a5eedcb22a5d6bb0231e38a38e7a7d9
2011/03/14 22:38:51.0980 5720	SafeBoot - detected Locked file (1)
2011/03/14 22:38:52.0058 5720	SbAlg           (52dcde2d1787217e15ffdca1cbf8cce9) C:\windows\system32\drivers\SbAlg.sys
2011/03/14 22:38:52.0105 5720	SbFsLock        (69a5af9ce49a0982e7ae7c7d62bdb2b1) C:\windows\system32\drivers\SbFsLock.sys
2011/03/14 22:38:52.0183 5720	sbp2port        (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys
2011/03/14 22:38:52.0292 5720	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/03/14 22:38:52.0385 5720	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\windows\system32\drivers\serenum.sys
2011/03/14 22:38:52.0448 5720	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\windows\system32\drivers\serial.sys
2011/03/14 22:38:52.0541 5720	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys
2011/03/14 22:38:52.0635 5720	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys
2011/03/14 22:38:52.0697 5720	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys
2011/03/14 22:38:52.0791 5720	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys
2011/03/14 22:38:52.0822 5720	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\windows\system32\drivers\sfloppy.sys
2011/03/14 22:38:52.0916 5720	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys
2011/03/14 22:38:52.0978 5720	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys
2011/03/14 22:38:53.0056 5720	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys
2011/03/14 22:38:53.0165 5720	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\windows\system32\DRIVERS\smb.sys
2011/03/14 22:38:53.0321 5720	SNP2UVC         (cf9cde12fbc19dba8de528b7511a2f4f) C:\windows\system32\DRIVERS\snp2uvc.sys
2011/03/14 22:38:53.0431 5720	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys
2011/03/14 22:38:53.0555 5720	srv             (ff3cbc13db84d81f56931bc922cc37c4) C:\windows\system32\DRIVERS\srv.sys
2011/03/14 22:38:53.0649 5720	srv2            (d15959d9f69f0d39a0153e9c244f20dd) C:\windows\system32\DRIVERS\srv2.sys
2011/03/14 22:38:53.0696 5720	srvnet          (faa0d553a49e85008c6bb3781987c574) C:\windows\system32\DRIVERS\srvnet.sys
2011/03/14 22:38:53.0789 5720	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys
2011/03/14 22:38:53.0899 5720	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys
2011/03/14 22:38:53.0977 5720	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys
2011/03/14 22:38:54.0023 5720	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys
2011/03/14 22:38:54.0101 5720	SynTP           (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys
2011/03/14 22:38:54.0257 5720	Tcpip           (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\drivers	cpip.sys
2011/03/14 22:38:54.0382 5720	Tcpip6          (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\DRIVERS	cpip.sys
2011/03/14 22:38:54.0460 5720	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\windows\system32\drivers	cpipreg.sys
2011/03/14 22:38:54.0538 5720	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers	dpipe.sys
2011/03/14 22:38:54.0632 5720	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers	dtcp.sys
2011/03/14 22:38:54.0710 5720	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\windows\system32\DRIVERS	dx.sys
2011/03/14 22:38:54.0788 5720	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\windows\system32\DRIVERS	ermdd.sys
2011/03/14 22:38:55.0474 5720	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS	ssecsrv.sys
2011/03/14 22:38:55.0708 5720	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS	unmp.sys
2011/03/14 22:38:55.0880 5720	tunnel          (300db877ac094feab0be7688c3454a9c) C:\windows\system32\DRIVERS	unnel.sys
2011/03/14 22:38:56.0348 5720	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys
2011/03/14 22:38:56.0629 5720	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\windows\system32\DRIVERS\udfs.sys
2011/03/14 22:38:56.0863 5720	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys
2011/03/14 22:38:57.0159 5720	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys
2011/03/14 22:38:57.0892 5720	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys
2011/03/14 22:38:58.0126 5720	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys
2011/03/14 22:38:58.0750 5720	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys
2011/03/14 22:38:58.0859 5720	USBAAPL         (5c2bdc152bbab34f36473deaf7713f22) C:\windows\system32\Drivers\usbaapl.sys
2011/03/14 22:38:59.0015 5720	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys
2011/03/14 22:38:59.0093 5720	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys
2011/03/14 22:38:59.0218 5720	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\windows\system32\DRIVERS\usbehci.sys
2011/03/14 22:38:59.0421 5720	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\windows\system32\DRIVERS\usbhub.sys
2011/03/14 22:38:59.0499 5720	usbohci         (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys
2011/03/14 22:38:59.0593 5720	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys
2011/03/14 22:38:59.0733 5720	usbscan         (a508c9bd8724980512136b039bba65e9) C:\windows\system32\DRIVERS\usbscan.sys
2011/03/14 22:38:59.0827 5720	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/03/14 22:38:59.0983 5720	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys
2011/03/14 22:39:00.0201 5720	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\windows\system32\Drivers\usbvideo.sys
2011/03/14 22:39:00.0341 5720	vga             (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys
2011/03/14 22:39:00.0466 5720	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys
2011/03/14 22:39:00.0607 5720	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys
2011/03/14 22:39:00.0716 5720	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys
2011/03/14 22:39:00.0794 5720	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys
2011/03/14 22:39:00.0934 5720	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys
2011/03/14 22:39:01.0215 5720	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\windows\system32\drivers\volmgrx.sys
2011/03/14 22:39:01.0387 5720	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\windows\system32\drivers\volsnap.sys
2011/03/14 22:39:01.0496 5720	vsmraid         (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys
2011/03/14 22:39:01.0605 5720	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys
2011/03/14 22:39:01.0667 5720	Wanarp          (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/14 22:39:01.0699 5720	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/14 22:39:01.0870 5720	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys
2011/03/14 22:39:01.0964 5720	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys
2011/03/14 22:39:02.0323 5720	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/03/14 22:39:02.0572 5720	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\windows\system32\DRIVERS\wpdusb.sys
2011/03/14 22:39:02.0666 5720	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys
2011/03/14 22:39:02.0822 5720	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/03/14 22:39:03.0274 5720	yukonwlh        (f72d4bffa37e857d195048c498afc61b) C:\windows\system32\DRIVERS\yk60x86.sys
2011/03/14 22:39:03.0399 5720	================================================================================
2011/03/14 22:39:03.0399 5720	Scan finished
2011/03/14 22:39:03.0399 5720	================================================================================
2011/03/14 22:39:03.0430 2820	Detected object count: 1
2011/03/14 22:39:16.0706 2820	HKLM\SYSTEM\ControlSet001\services\SafeBoot - will be deleted after reboot
2011/03/14 22:39:16.0737 2820	HKLM\SYSTEM\ControlSet005\services\SafeBoot - will be deleted after reboot
2011/03/14 22:39:16.0768 2820	C:\windows\system32\drivers\SafeBoot.sys - will be deleted after reboot
2011/03/14 22:39:16.0768 2820	Locked file(SafeBoot) - User select action: Delete

gen-hackman · Answer

__________________________________________________ =>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <= =>il est fort déconseillé de le transposer sur un autre ordinateur !<= ---------------------------------------------------------------------------- Toujours avec toutes les protections désactivées, fais ceci : ▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes) ▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) : ---------------------------------------------------------- KillAll:: TDL:: C:\windows\system32\drivers\SafeBoot.sys ------------------------------------------------------------------ ▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt ▶ Quitte le Bloc Notes ▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix ▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé. ▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu. ▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt

darkovnus · Answer

J'ai beau essayer une fois que combofix commence a lancer son analyse l'ordianteur beug et ne repond plus. Il finit par s'eteindre tout seul et quand je veux le rallumer il m'envoyer dans le systeme de réparation de demarrage windows.

gen-hackman · Answer

ok essaie en mode sans echec

gen-hackman · Answer

Comment aller en Mode sans échec :

&#9654 Redémarres ton ordi 
&#9654 Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" 
&#9654 Tu verras un écran avec options de démarrage apparaître 
&#9654 Choisis la première option : Sans Échec, et valide avec "Entrée"

darkovnus · Answer

voici le rapport de combofix 

ComboFix 11-03-12.01 - Lolo 16/03/2011  21:03:31.4.1 - x86
Microsoft® Windows Vista(TM) Professionnel   6.0.6002.2.1252.33.1036.18.1976.952 [GMT 1:00]
Lancé depuis: c:\users\Lolo\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Lolo\Desktop\CFScript.txt
AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-02-16 au 2011-03-16  ))))))))))))))))))))))))))))))))))))
.
.
2011-03-16 20:14 . 2011-03-16 20:14	--------	d-----w-	c:\users\Default\AppData\Local	emp
2011-03-16 08:31 . 2011-02-11 06:54	5943120	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{43808BAA-C8E8-4CCE-AD7D-5B523136CE0C}\mpengine.dll
2011-03-13 08:42 . 2011-03-16 20:23	--------	d-----w-	c:\users\Lolo\AppData\Local	emp
2011-03-10 18:51 . 2010-12-29 18:28	322560	----a-w-	c:\windows\system32\sbe.dll
2011-03-10 18:51 . 2010-12-29 18:28	429056	----a-w-	c:\windows\system32\EncDec.dll
2011-03-10 18:51 . 2010-12-29 18:26	177664	----a-w-	c:\windows\system32\mpg2splt.ax
2011-03-10 18:51 . 2010-12-29 18:28	153088	----a-w-	c:\windows\system32\sbeio.dll
2011-03-10 18:51 . 2010-12-17 15:45	2067968	----a-w-	c:\windows\system32\mstscax.dll
2011-03-10 18:51 . 2010-12-17 13:54	677888	----a-w-	c:\windows\system32\mstsc.exe
2011-02-27 11:26 . 2011-02-27 11:26	--------	d-----w-	c:\program files\iPod
2011-02-27 11:26 . 2011-02-27 11:27	--------	d-----w-	c:\program files\iTunes
2011-02-27 11:20 . 2011-02-27 11:20	--------	d-----w-	c:\program files\Bonjour
2011-02-19 02:05 . 2011-02-19 02:05	23040	----a-w-	c:\windows\system32\bddel.exe
2011-02-18 22:33 . 2011-02-18 22:33	--------	d-----w-	c:\users\Lolo\AppData\Roaming\QuickScan
2011-02-18 22:31 . 2011-03-13 08:44	--------	d-----w-	c:\program files\Common Files\BitDefender
2011-02-18 22:29 . 2011-03-13 08:24	512599	----a-w-	c:\programdata\bdinstall.bin
2011-02-17 19:03 . 2011-02-17 19:03	--------	d-----w-	c:\windows\fr
2011-02-17 18:57 . 2009-09-04 16:44	69464	----a-w-	c:\windows\system32\XAPOFX1_3.dll
2011-02-17 18:57 . 2009-09-04 16:44	515416	----a-w-	c:\windows\system32\XAudio2_5.dll
2011-02-17 18:57 . 2009-09-04 16:29	453456	----a-w-	c:\windows\system32\d3dx10_42.dll
2011-02-17 18:54 . 2011-02-17 18:54	94040	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54	525656	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54	1691480	----a-w-	c:\program files\Common Files\Windows Live\.cache\2a9c98e31cbced407\dsetup32.dll
2011-02-17 18:54 . 2011-02-17 18:54	94040	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DSETUP.dll
2011-02-17 18:54 . 2011-02-17 18:54	525656	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\DXSETUP.exe
2011-02-17 18:54 . 2011-02-17 18:54	1691480	----a-w-	c:\program files\Common Files\Windows Live\.cache\29f397431cbced406\dsetup32.dll
2011-02-17 18:53 . 2009-08-04 08:02	754688	----a-w-	c:\windows\system32\webservices.dll
2011-02-16 22:35 . 2010-10-18 13:37	81920	----a-w-	c:\windows\system32\consent.exe
2011-02-16 22:34 . 2010-10-28 13:20	2048	----a-w-	c:\windows\system32	zres.dll
2011-02-16 22:34 . 2011-01-08 08:47	34304	----a-w-	c:\windows\system32\atmlib.dll
2011-02-16 22:34 . 2011-01-08 06:28	292352	----a-w-	c:\windows\system32\atmfd.dll
2011-02-16 22:34 . 2010-06-16 15:30	72704	----a-w-	c:\windows\system32\fontsub.dll
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 18:41 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 16:11 . 2009-10-03 07:56	222080	------w-	c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-08 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-02 10244096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 197904]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-10 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-10 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-10 145944]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
.
c:\users\Lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 503808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-6-18 197904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSP;avast! Self Protection; [x]
S1 RsvLock;RsvLock; [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-04-07 24936]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
Cognizance	REG_MULTI_SZ   	ASBroker ASChannel
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
Akamai	REG_MULTI_SZ   	Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 17:08]
.
2011-03-16 c:\windows\Tasks\Norton Security Scan for Lolo.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-10-23 07:48]
.
2011-03-13 c:\windows\Tasks\User_Feed_Synchronization-{AF1FD668-6C39-4ACD-B4AA-8512F55AB2A9}.job
- c:\windows\system32\msfeedssync.exe [2011-02-16 04:47]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Lolo\AppData\Roaming\Mozilla\Firefox\Profiles\4m9vyvqd.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
Recherche de processus cachés ... 
.
Recherche d'éléments en démarrage automatique cachés ... 
.
Recherche de fichiers cachés ... 
.
Scan terminé avec succès
Fichiers cachés: 
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(2308)
c:\windows\System32\APSHook.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
c:\windows\system32\btncopy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\ActivIdentity\ActivClient\acevents.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\windows\system32\conime.exe
c:\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Heure de fin: 2011-03-16  21:27:58 - La machine a redémarré
ComboFix-quarantined-files.txt  2011-03-16 20:27
ComboFix2.txt  2011-03-13 20:33
ComboFix3.txt  2011-03-13 13:45
ComboFix4.txt  2011-03-13 08:54
.
Avant-CF: 134 559 424 512 octets libres
Après-CF: 134 401 044 480 octets libres
.
- - End Of File - - 49F05B4F9F125AB4E5CAA8DD9EE784BF

gen-hackman · Answer

refais un scan tdsskiller ?

darkovnus · Answer

et voici j'ai fait delete a se qu'a trouver tdsskiller, je redemarre mon ordi !!!!


2011/03/16 22:10:17.0841 3652	TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20
2011/03/16 22:10:20.0665 3652	================================================================================
2011/03/16 22:10:20.0665 3652	SystemInfo:
2011/03/16 22:10:20.0665 3652	
2011/03/16 22:10:20.0665 3652	OS Version: 6.0.6002 ServicePack: 2.0
2011/03/16 22:10:20.0665 3652	Product type: Workstation
2011/03/16 22:10:20.0665 3652	ComputerName: PC-DE-LOLO
2011/03/16 22:10:20.0665 3652	UserName: Lolo
2011/03/16 22:10:20.0665 3652	Windows directory: C:\windows
2011/03/16 22:10:20.0665 3652	System windows directory: C:\windows
2011/03/16 22:10:20.0665 3652	Processor architecture: Intel x86
2011/03/16 22:10:20.0665 3652	Number of processors: 1
2011/03/16 22:10:20.0665 3652	Page size: 0x1000
2011/03/16 22:10:20.0665 3652	Boot type: Normal boot
2011/03/16 22:10:20.0665 3652	================================================================================
2011/03/16 22:10:21.0149 3652	Initialize success
2011/03/16 22:10:23.0270 3616	================================================================================
2011/03/16 22:10:23.0270 3616	Scan started
2011/03/16 22:10:23.0270 3616	Mode: Manual; 
2011/03/16 22:10:23.0270 3616	================================================================================
2011/03/16 22:10:24.0128 3616	Accelerometer   (a9b917777841b76f299e2ea946e03adf) C:\windows\system32\DRIVERS\Accelerometer.sys
2011/03/16 22:10:24.0237 3616	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\windows\system32\drivers\acpi.sys
2011/03/16 22:10:24.0378 3616	adfs            (6d7f09cd92a9fef3a8efce66231fdd79) C:\windows\system32\drivers\adfs.sys
2011/03/16 22:10:24.0456 3616	ADIHdAudAddService (364a903711e84eb1386fa04106681b7a) C:\windows\system32\drivers\ADIHdAud.sys
2011/03/16 22:10:24.0549 3616	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys
2011/03/16 22:10:24.0643 3616	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys
2011/03/16 22:10:24.0705 3616	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys
2011/03/16 22:10:24.0768 3616	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys
2011/03/16 22:10:24.0908 3616	AFD             (a201207363aa900abf1a388468688570) C:\windows\system32\drivers\afd.sys
2011/03/16 22:10:25.0017 3616	AgereSoftModem  (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys
2011/03/16 22:10:25.0111 3616	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys
2011/03/16 22:10:25.0205 3616	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys
2011/03/16 22:10:25.0267 3616	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys
2011/03/16 22:10:25.0329 3616	amdagp          (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys
2011/03/16 22:10:25.0376 3616	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys
2011/03/16 22:10:25.0439 3616	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys
2011/03/16 22:10:25.0517 3616	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys
2011/03/16 22:10:25.0641 3616	arc             (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys
2011/03/16 22:10:25.0704 3616	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys
2011/03/16 22:10:25.0829 3616	aswFsBlk        (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys
2011/03/16 22:10:25.0922 3616	aswMonFlt       (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys
2011/03/16 22:10:25.0985 3616	aswRdr          (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys
2011/03/16 22:10:26.0016 3616	aswSP           (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys
2011/03/16 22:10:26.0094 3616	aswTdi          (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys
2011/03/16 22:10:26.0172 3616	AsyncMac        (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys
2011/03/16 22:10:26.0250 3616	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\windows\system32\drivers\atapi.sys
2011/03/16 22:10:26.0390 3616	b57nd60x        (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/03/16 22:10:26.0515 3616	BCM43XX         (3f5e7621cdf6867d3d8417d13a098277) C:\windows\system32\DRIVERS\bcmwl6.sys
2011/03/16 22:10:26.0655 3616	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys
2011/03/16 22:10:26.0733 3616	blbdrive        (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys
2011/03/16 22:10:26.0811 3616	bowser          (74b442b2be1260b7588c136177ceac66) C:\windows\system32\DRIVERS\bowser.sys
2011/03/16 22:10:26.0874 3616	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys
2011/03/16 22:10:26.0983 3616	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys
2011/03/16 22:10:27.0061 3616	Brserid         (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys
2011/03/16 22:10:27.0123 3616	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys
2011/03/16 22:10:27.0186 3616	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys
2011/03/16 22:10:27.0279 3616	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys
2011/03/16 22:10:27.0357 3616	BthEnum         (6d39c954799b63ba866910234cf7d726) C:\windows\system32\DRIVERS\BthEnum.sys
2011/03/16 22:10:27.0435 3616	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\windows\system32\drivers\bthmodem.sys
2011/03/16 22:10:27.0498 3616	BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys
2011/03/16 22:10:27.0623 3616	BTHPORT         (5a3abaa2f8eece7aefb942773766e3db) C:\windows\system32\Drivers\BTHport.sys
2011/03/16 22:10:27.0747 3616	BTHUSB          (94e2941280e3756a5e0bcb467865c43a) C:\windows\system32\Drivers\BTHUSB.sys
2011/03/16 22:10:27.0872 3616	btwaudio        (99aeea7cefdfc6e4151a8f620d682088) C:\windows\system32\drivers\btwaudio.sys
2011/03/16 22:10:27.0935 3616	btwavdt         (195872e48a7fb01f8bc9b800f70f4054) C:\windows\system32\drivers\btwavdt.sys
2011/03/16 22:10:28.0028 3616	btwrchid        (0724e7d6c9b6a289eddda33fa8176e80) C:\windows\system32\DRIVERS\btwrchid.sys
2011/03/16 22:10:28.0200 3616	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys
2011/03/16 22:10:28.0278 3616	cdrom           (6b4bffb9becd728097024276430db314) C:\windows\system32\DRIVERS\cdrom.sys
2011/03/16 22:10:28.0356 3616	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys
2011/03/16 22:10:28.0434 3616	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\windows\system32\CLFS.sys
2011/03/16 22:10:28.0559 3616	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys
2011/03/16 22:10:28.0637 3616	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys
2011/03/16 22:10:28.0699 3616	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys
2011/03/16 22:10:28.0761 3616	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys
2011/03/16 22:10:28.0824 3616	Crusoe          (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys
2011/03/16 22:10:28.0949 3616	CSC             (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\windows\system32\drivers\csc.sys
2011/03/16 22:10:29.0042 3616	DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\windows\system32\Drivers\dfsc.sys
2011/03/16 22:10:29.0151 3616	disk            (5d4aefc3386920236a548271f8f1af6a) C:\windows\system32\drivers\disk.sys
2011/03/16 22:10:29.0292 3616	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys
2011/03/16 22:10:29.0385 3616	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\windows\System32\drivers\dxgkrnl.sys
2011/03/16 22:10:29.0495 3616	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys
2011/03/16 22:10:29.0604 3616	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\windows\system32\drivers\ecache.sys
2011/03/16 22:10:29.0697 3616	elxstor         (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys
2011/03/16 22:10:29.0791 3616	ErrDev          (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys
2011/03/16 22:10:29.0900 3616	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\windows\system32\drivers\exfat.sys
2011/03/16 22:10:30.0009 3616	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\windows\system32\drivers\fastfat.sys
2011/03/16 22:10:30.0197 3616	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys
2011/03/16 22:10:30.0290 3616	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys
2011/03/16 22:10:30.0368 3616	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys
2011/03/16 22:10:30.0446 3616	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys
2011/03/16 22:10:30.0524 3616	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\windows\system32\drivers\fltmgr.sys
2011/03/16 22:10:30.0633 3616	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys
2011/03/16 22:10:30.0711 3616	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys
2011/03/16 22:10:30.0805 3616	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/03/16 22:10:30.0930 3616	HBtnKey         (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys
2011/03/16 22:10:31.0039 3616	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys
2011/03/16 22:10:31.0117 3616	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/03/16 22:10:31.0211 3616	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys
2011/03/16 22:10:31.0304 3616	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys
2011/03/16 22:10:31.0382 3616	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\windows\system32\DRIVERS\hidusb.sys
2011/03/16 22:10:31.0476 3616	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys
2011/03/16 22:10:31.0585 3616	hpdskflt        (3520a74fca88a5aefbbe7b937bea75f7) C:\windows\system32\DRIVERS\hpdskflt.sys
2011/03/16 22:10:31.0694 3616	HpqKbFiltr      (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2011/03/16 22:10:31.0788 3616	HTTP            (f870aa3e254628ebeafe754108d664de) C:\windows\system32\drivers\HTTP.sys
2011/03/16 22:10:31.0881 3616	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys
2011/03/16 22:10:31.0959 3616	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys
2011/03/16 22:10:32.0084 3616	iaStor          (db0cc620b27a928d968c1a1e9cd9cb87) C:\windows\system32\drivers\iastor.sys
2011/03/16 22:10:32.0131 3616	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys
2011/03/16 22:10:32.0287 3616	igfx            (d97e70e4e243c9660f91c1112e36c73b) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/03/16 22:10:32.0427 3616	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys
2011/03/16 22:10:32.0537 3616	intelide        (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys
2011/03/16 22:10:32.0599 3616	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys
2011/03/16 22:10:32.0646 3616	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/03/16 22:10:32.0833 3616	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys
2011/03/16 22:10:32.0927 3616	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys
2011/03/16 22:10:33.0005 3616	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys
2011/03/16 22:10:33.0067 3616	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys
2011/03/16 22:10:33.0161 3616	iScsiPrt        (232fa340531d940aac623b121a595034) C:\windows\system32\DRIVERS\msiscsi.sys
2011/03/16 22:10:33.0239 3616	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys
2011/03/16 22:10:33.0285 3616	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys
2011/03/16 22:10:33.0348 3616	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/03/16 22:10:33.0441 3616	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\windows\system32\DRIVERS\kbdhid.sys
2011/03/16 22:10:33.0519 3616	KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\windows\system32\Drivers\ksecdd.sys
2011/03/16 22:10:33.0691 3616	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys
2011/03/16 22:10:33.0785 3616	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys
2011/03/16 22:10:33.0847 3616	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys
2011/03/16 22:10:33.0894 3616	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys
2011/03/16 22:10:33.0941 3616	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys
2011/03/16 22:10:34.0003 3616	megasas         (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys
2011/03/16 22:10:34.0081 3616	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys
2011/03/16 22:10:34.0190 3616	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys
2011/03/16 22:10:34.0237 3616	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys
2011/03/16 22:10:34.0315 3616	mouclass        (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys
2011/03/16 22:10:34.0393 3616	mouhid          (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys
2011/03/16 22:10:34.0455 3616	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys
2011/03/16 22:10:34.0549 3616	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys
2011/03/16 22:10:34.0611 3616	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys
2011/03/16 22:10:34.0689 3616	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys
2011/03/16 22:10:34.0767 3616	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\windows\system32\drivers\mrxdav.sys
2011/03/16 22:10:34.0845 3616	mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/03/16 22:10:34.0908 3616	mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/03/16 22:10:34.0986 3616	mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/03/16 22:10:35.0048 3616	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\windows\system32\drivers\msahci.sys
2011/03/16 22:10:35.0111 3616	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys
2011/03/16 22:10:35.0220 3616	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys
2011/03/16 22:10:35.0267 3616	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys
2011/03/16 22:10:35.0376 3616	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys
2011/03/16 22:10:35.0438 3616	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys
2011/03/16 22:10:35.0532 3616	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys
2011/03/16 22:10:35.0625 3616	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\windows\system32\drivers\MsRPC.sys
2011/03/16 22:10:35.0719 3616	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys
2011/03/16 22:10:35.0797 3616	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys
2011/03/16 22:10:35.0906 3616	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\windows\system32\Drivers\mup.sys
2011/03/16 22:10:35.0969 3616	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\windows\system32\DRIVERS
wifi.sys
2011/03/16 22:10:36.0047 3616	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\windows\system32\drivers
dis.sys
2011/03/16 22:10:36.0140 3616	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\windows\system32\DRIVERS
distapi.sys
2011/03/16 22:10:36.0218 3616	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS
disuio.sys
2011/03/16 22:10:36.0296 3616	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\windows\system32\DRIVERS
diswan.sys
2011/03/16 22:10:36.0359 3616	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys
2011/03/16 22:10:36.0452 3616	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS
etbios.sys
2011/03/16 22:10:36.0530 3616	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\windows\system32\DRIVERS
etbt.sys
2011/03/16 22:10:36.0639 3616	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers
frd960.sys
2011/03/16 22:10:36.0702 3616	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\windows\system32\drivers\Npfs.sys
2011/03/16 22:10:36.0764 3616	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers
siproxy.sys
2011/03/16 22:10:36.0936 3616	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\windows\system32\drivers\Ntfs.sys
2011/03/16 22:10:37.0045 3616	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers
trigdigi.sys
2011/03/16 22:10:37.0092 3616	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys
2011/03/16 22:10:37.0154 3616	nvraid          (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers
vraid.sys
2011/03/16 22:10:37.0217 3616	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers
vstor.sys
2011/03/16 22:10:37.0279 3616	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers
v_agp.sys
2011/03/16 22:10:37.0466 3616	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\windows\system32\drivers\ohci1394.sys
2011/03/16 22:10:37.0591 3616	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\windows\system32\drivers\parport.sys
2011/03/16 22:10:37.0653 3616	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\windows\system32\drivers\partmgr.sys
2011/03/16 22:10:37.0716 3616	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\windows\system32\drivers\parvdm.sys
2011/03/16 22:10:37.0825 3616	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\windows\system32\drivers\pci.sys
2011/03/16 22:10:37.0919 3616	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\windows\system32\drivers\pciide.sys
2011/03/16 22:10:37.0997 3616	pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\windows\system32\DRIVERS\pcmcia.sys
2011/03/16 22:10:38.0075 3616	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys
2011/03/16 22:10:38.0293 3616	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERSaspptp.sys
2011/03/16 22:10:38.0387 3616	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\drivers\processr.sys
2011/03/16 22:10:38.0465 3616	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\windows\system32\DRIVERS\pacer.sys
2011/03/16 22:10:38.0558 3616	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys
2011/03/16 22:10:38.0652 3616	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys
2011/03/16 22:10:38.0761 3616	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys
2011/03/16 22:10:38.0823 3616	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys
2011/03/16 22:10:38.0870 3616	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERSasacd.sys
2011/03/16 22:10:38.0933 3616	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERSasl2tp.sys
2011/03/16 22:10:39.0011 3616	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\windows\system32\DRIVERSaspppoe.sys
2011/03/16 22:10:39.0089 3616	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\windows\system32\DRIVERSassstp.sys
2011/03/16 22:10:39.0167 3616	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\windows\system32\DRIVERSdbss.sys
2011/03/16 22:10:39.0229 3616	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/03/16 22:10:39.0323 3616	rdpdr           (943b18305eae3935598a9b4a3d560b4c) C:\windows\system32\DRIVERSdpdr.sys
2011/03/16 22:10:39.0385 3616	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\driversdpencdd.sys
2011/03/16 22:10:39.0463 3616	RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\windows\system32\drivers\RDPWD.sys
2011/03/16 22:10:39.0572 3616	RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\windows\system32\DRIVERSfcomm.sys
2011/03/16 22:10:39.0697 3616	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERSspndr.sys
2011/03/16 22:10:39.0759 3616	RsvLock         (3beefe509c414f3a6e55e5c7c4024581) C:\windows\system32\drivers\RsvLock.sys
2011/03/16 22:10:39.0822 3616	SafeBoot        (2a5eedcb22a5d6bb0231e38a38e7a7d9) C:\windows\system32\drivers\SafeBoot.sys
2011/03/16 22:10:39.0822 3616	Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 2a5eedcb22a5d6bb0231e38a38e7a7d9
2011/03/16 22:10:39.0837 3616	SafeBoot - detected Locked file (1)
2011/03/16 22:10:39.0900 3616	SbAlg           (52dcde2d1787217e15ffdca1cbf8cce9) C:\windows\system32\drivers\SbAlg.sys
2011/03/16 22:10:39.0947 3616	SbFsLock        (69a5af9ce49a0982e7ae7c7d62bdb2b1) C:\windows\system32\drivers\SbFsLock.sys
2011/03/16 22:10:40.0025 3616	sbp2port        (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys
2011/03/16 22:10:40.0118 3616	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/03/16 22:10:40.0196 3616	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\windows\system32\drivers\serenum.sys
2011/03/16 22:10:40.0259 3616	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\windows\system32\drivers\serial.sys
2011/03/16 22:10:40.0305 3616	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys
2011/03/16 22:10:40.0415 3616	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys
2011/03/16 22:10:40.0477 3616	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys
2011/03/16 22:10:40.0524 3616	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys
2011/03/16 22:10:40.0586 3616	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\windows\system32\drivers\sfloppy.sys
2011/03/16 22:10:40.0680 3616	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys
2011/03/16 22:10:40.0742 3616	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys
2011/03/16 22:10:40.0820 3616	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys
2011/03/16 22:10:40.0898 3616	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\windows\system32\DRIVERS\smb.sys
2011/03/16 22:10:41.0054 3616	SNP2UVC         (cf9cde12fbc19dba8de528b7511a2f4f) C:\windows\system32\DRIVERS\snp2uvc.sys
2011/03/16 22:10:41.0163 3616	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys
2011/03/16 22:10:41.0273 3616	srv             (ff3cbc13db84d81f56931bc922cc37c4) C:\windows\system32\DRIVERS\srv.sys
2011/03/16 22:10:41.0382 3616	srv2            (d15959d9f69f0d39a0153e9c244f20dd) C:\windows\system32\DRIVERS\srv2.sys
2011/03/16 22:10:41.0460 3616	srvnet          (faa0d553a49e85008c6bb3781987c574) C:\windows\system32\DRIVERS\srvnet.sys
2011/03/16 22:10:41.0553 3616	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys
2011/03/16 22:10:41.0663 3616	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys
2011/03/16 22:10:41.0709 3616	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys
2011/03/16 22:10:41.0772 3616	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys
2011/03/16 22:10:41.0865 3616	SynTP           (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys
2011/03/16 22:10:42.0037 3616	Tcpip           (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\drivers	cpip.sys
2011/03/16 22:10:42.0131 3616	Tcpip6          (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\DRIVERS	cpip.sys
2011/03/16 22:10:42.0224 3616	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\windows\system32\drivers	cpipreg.sys
2011/03/16 22:10:42.0302 3616	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers	dpipe.sys
2011/03/16 22:10:42.0380 3616	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers	dtcp.sys
2011/03/16 22:10:42.0443 3616	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\windows\system32\DRIVERS	dx.sys
2011/03/16 22:10:42.0521 3616	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\windows\system32\DRIVERS	ermdd.sys
2011/03/16 22:10:42.0645 3616	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS	ssecsrv.sys
2011/03/16 22:10:42.0739 3616	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS	unmp.sys
2011/03/16 22:10:42.0817 3616	tunnel          (300db877ac094feab0be7688c3454a9c) C:\windows\system32\DRIVERS	unnel.sys
2011/03/16 22:10:42.0879 3616	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys
2011/03/16 22:10:42.0957 3616	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\windows\system32\DRIVERS\udfs.sys
2011/03/16 22:10:43.0067 3616	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys
2011/03/16 22:10:43.0113 3616	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys
2011/03/16 22:10:43.0191 3616	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys
2011/03/16 22:10:43.0254 3616	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys
2011/03/16 22:10:43.0316 3616	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys
2011/03/16 22:10:43.0441 3616	USBAAPL         (5c2bdc152bbab34f36473deaf7713f22) C:\windows\system32\Drivers\usbaapl.sys
2011/03/16 22:10:43.0503 3616	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys
2011/03/16 22:10:43.0566 3616	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys
2011/03/16 22:10:43.0644 3616	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\windows\system32\DRIVERS\usbehci.sys
2011/03/16 22:10:43.0753 3616	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\windows\system32\DRIVERS\usbhub.sys
2011/03/16 22:10:43.0800 3616	usbohci         (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys
2011/03/16 22:10:43.0893 3616	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys
2011/03/16 22:10:43.0987 3616	usbscan         (a508c9bd8724980512136b039bba65e9) C:\windows\system32\DRIVERS\usbscan.sys
2011/03/16 22:10:44.0065 3616	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/03/16 22:10:44.0127 3616	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys
2011/03/16 22:10:44.0205 3616	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\windows\system32\Drivers\usbvideo.sys
2011/03/16 22:10:44.0283 3616	vga             (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys
2011/03/16 22:10:44.0361 3616	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys
2011/03/16 22:10:44.0424 3616	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys
2011/03/16 22:10:44.0486 3616	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys
2011/03/16 22:10:44.0564 3616	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys
2011/03/16 22:10:44.0627 3616	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys
2011/03/16 22:10:44.0705 3616	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\windows\system32\drivers\volmgrx.sys
2011/03/16 22:10:44.0798 3616	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\windows\system32\drivers\volsnap.sys
2011/03/16 22:10:44.0876 3616	vsmraid         (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys
2011/03/16 22:10:44.0954 3616	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys
2011/03/16 22:10:45.0017 3616	Wanarp          (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/16 22:10:45.0048 3616	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/16 22:10:45.0141 3616	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys
2011/03/16 22:10:45.0235 3616	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys
2011/03/16 22:10:45.0453 3616	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/03/16 22:10:45.0578 3616	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\windows\system32\DRIVERS\wpdusb.sys
2011/03/16 22:10:45.0656 3616	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys
2011/03/16 22:10:45.0765 3616	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/03/16 22:10:45.0875 3616	yukonwlh        (f72d4bffa37e857d195048c498afc61b) C:\windows\system32\DRIVERS\yk60x86.sys
2011/03/16 22:10:45.0968 3616	================================================================================
2011/03/16 22:10:45.0968 3616	Scan finished
2011/03/16 22:10:45.0968 3616	================================================================================
2011/03/16 22:10:45.0999 3396	Detected object count: 1
2011/03/16 22:10:54.0829 3396	HKLM\SYSTEM\ControlSet001\services\SafeBoot - will be deleted after reboot
2011/03/16 22:10:54.0907 3396	HKLM\SYSTEM\ControlSet005\services\SafeBoot - will be deleted after reboot
2011/03/16 22:10:54.0938 3396	C:\windows\system32\drivers\SafeBoot.sys - will be deleted after reboot
2011/03/16 22:10:54.0938 3396	Locked file(SafeBoot) - User select action: Delete

gen-hackman · Answer

bon va pas s'en sortir je sens..... 

&#9654 Télécharge DelFix sur ton bureau. 

&#9654 Lance le, tape suppression puis valide  

Patiente pendant le scan jusqu'à l'ouverture du rapport. 

&#9654 Copie/Colle le contenu du rapport dans ta prochaine réponse. 

Note : Le rapport se trouve également sous C:\DelFix.txt 

tu peux le desinstaller 

================================== 

Télécharge SEAF.exe de C_XX 


*Double clique sur SF.exe (Exécuter en tant qu'administrateur pour Vista/7) . 

*Une fenêtre va s'ouvrir . 

*Tape Safeboot.sys 

 dans cette fenêtre  

confirme la recherche dans le registre et [Entrée]. 

*Patiente pendant la recherche. 

*Une fenêtre avec un log.txt va s'afficher. 

*Copie/colle ce rapport dans ta prochaine réponse. 
G3?-?@¢??@?......Concepteur de List_Kill'em...

darkovnus · Answer

voici le rapport de delfix 

# DelFix v7.5 - Rapport créé le 16/03/2011 à 22:42
# Mis à jour le 15/03/11 à 16h30 par Xplode
# Système d'exploitation : Windows Vista (TM) Business (32 bits) [version 6.0.6002] Service Pack 2
# Nom d'utilisateur : Lolo - PC-DE-LOLO (Administrateur)
# Exécuté depuis : C:\Users\Lolo\Downloads\DelFix.exe
# Option [Suppression]


~~~~~~ Dossier(s) ~~~~~~


~~~~~~ Fichier(s) ~~~~~~


~~~~~~ Registre ~~~~~~


~~~~~~ Autre ~~~~~~


########## EOF - "C:\DelFixSuppr.txt" - [562 octets] ##########






et voici le rapport de seaf

1. ========================= SEAF 1.0.1.0 - C_XX
2. 
3. Commencé à: 22:49:57 le 16/03/2011
4. 
5. Valeur(s) recherchée(s):
6. Safeboot.sys
7. 
8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
9. 
10. 
11. ====== Fichier(s) ======
12. 
13. 
14. "C:\Windows\System32\drivers\SafeBoot.sys" [ ARCHIVE | 109 Ko ]
15. TC: 14/05/2008,01:36:18 | TM: 14/05/2008,01:36:18 | DA: 18/06/2008,16:27:00
16. 
17. 
18. =========================
19. 
20. 
21. =========================
22. 
23. Fin à: 22:50:17 le 16/03/2011
24. 242407 Éléments analysés
25. 
26. =========================
27. E.O.F

gen-hackman · Answer

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

    *  * Colle directement le chemin des fichiers , un par un , dans l'espace "Parcourir" apres chaque analyse :

C:\windows\system32\drivers\SafeBoot.sys 

    * Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
    * Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
    * Lorsque l'analyse est terminée colle le lien de(s)( la) page(s)  dans ta prochaine réponse.

darkovnus · Answer

y veut pas l'analyser car le fichier fait plus de 20mb

gen-hackman · Answer

???

non il fait 109Ko !!???

"C:\Windows\System32\drivers\SafeBoot.sys" [ ARCHIVE | 109 Ko ]

gen-hackman · Answer

▶ Télécharge Dr Web CureIt sur ton Bureau : ▶- Double clique (clic droit "en tant qu'admin" sous Vista) et ensuite clique sur ; ▶- Clique à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton . Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X". ▶- Lorsque le scan rapide est terminé, clique sur le menu puis ; Choisis l'onglet , et décoche . Clique ensuite sur . ▶- De retour à la fenêtre principale : clique pour activer selectionne tous les disques ▶- Clique le bouton avec flèche verte sur la droite, et le scan débutera. ▶- Clique pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter". ▶- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône , au dessous, et choisis . ▶- Du menu principal de l'outil, au haut à gauche, clique sur le menu et choisis . Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv ▶-pour le rapport tu l enregistres sur ton bureau , tu clic droit dessus /envoyer vers / dossiers compresses ensuite : tu m'envoies l'archive comme ceci : clique sur ce lien : http://www.cijoint.fr/ ▶ Clique sur Parcourir et cherche le fichier ci-dessus. ▶ Clique sur Ouvrir. ▶ Clique sur "Cliquez ici pour déposer le fichier". Un lien de cette forme : http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt est ajouté dans la page. ▶ Copie ce lien dans ta réponse. ▶- Ferme Dr.Web Cureit ▶- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).

darkovnus · Answer

Désoler de ne vous donnez que des nouvelles maintenant le travaille m'a prise de cours !!!

J'ai fait se que vous m'avez demander mais dr web n'a detecter aucun virus ni problème en tout genre. 
Aucun rapport c'est ouvert a la fin du scanner et dans la partie fichier  il ne permette pas d' enregistrer le rapport !!!!

Cela signifie t il que je nes plus rien sur mon pc ???

gen-hackman · Answer

attends refais un scan avec TDSSKiller ?

darkovnus · Answer

2011/03/31 21:22:21.0293 5772	TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20
2011/03/31 21:22:23.0805 5772	================================================================================
2011/03/31 21:22:23.0805 5772	SystemInfo:
2011/03/31 21:22:23.0805 5772	
2011/03/31 21:22:23.0805 5772	OS Version: 6.0.6002 ServicePack: 2.0
2011/03/31 21:22:23.0805 5772	Product type: Workstation
2011/03/31 21:22:23.0805 5772	ComputerName: PC-DE-LOLO
2011/03/31 21:22:23.0805 5772	UserName: Lolo
2011/03/31 21:22:23.0805 5772	Windows directory: C:\windows
2011/03/31 21:22:23.0805 5772	System windows directory: C:\windows
2011/03/31 21:22:23.0805 5772	Processor architecture: Intel x86
2011/03/31 21:22:23.0805 5772	Number of processors: 1
2011/03/31 21:22:23.0805 5772	Page size: 0x1000
2011/03/31 21:22:23.0805 5772	Boot type: Normal boot
2011/03/31 21:22:23.0805 5772	================================================================================
2011/03/31 21:22:24.0164 5772	Initialize success
2011/03/31 21:22:27.0112 4172	================================================================================
2011/03/31 21:22:27.0128 4172	Scan started
2011/03/31 21:22:27.0128 4172	Mode: Manual; 
2011/03/31 21:22:27.0128 4172	================================================================================
2011/03/31 21:22:27.0970 4172	Accelerometer   (a9b917777841b76f299e2ea946e03adf) C:\windows\system32\DRIVERS\Accelerometer.sys
2011/03/31 21:22:28.0079 4172	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\windows\system32\drivers\acpi.sys
2011/03/31 21:22:28.0189 4172	adfs            (6d7f09cd92a9fef3a8efce66231fdd79) C:\windows\system32\drivers\adfs.sys
2011/03/31 21:22:28.0267 4172	ADIHdAudAddService (364a903711e84eb1386fa04106681b7a) C:\windows\system32\drivers\ADIHdAud.sys
2011/03/31 21:22:28.0360 4172	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys
2011/03/31 21:22:28.0407 4172	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys
2011/03/31 21:22:28.0469 4172	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys
2011/03/31 21:22:28.0532 4172	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys
2011/03/31 21:22:28.0657 4172	AFD             (a201207363aa900abf1a388468688570) C:\windows\system32\drivers\afd.sys
2011/03/31 21:22:28.0781 4172	AgereSoftModem  (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys
2011/03/31 21:22:28.0891 4172	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys
2011/03/31 21:22:28.0937 4172	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys
2011/03/31 21:22:29.0000 4172	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys
2011/03/31 21:22:29.0047 4172	amdagp          (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys
2011/03/31 21:22:29.0078 4172	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys
2011/03/31 21:22:29.0171 4172	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys
2011/03/31 21:22:29.0218 4172	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys
2011/03/31 21:22:29.0359 4172	arc             (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys
2011/03/31 21:22:29.0437 4172	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys
2011/03/31 21:22:29.0561 4172	aswFsBlk        (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys
2011/03/31 21:22:29.0671 4172	aswMonFlt       (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys
2011/03/31 21:22:29.0749 4172	aswRdr          (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys
2011/03/31 21:22:29.0780 4172	aswSP           (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys
2011/03/31 21:22:29.0827 4172	aswTdi          (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys
2011/03/31 21:22:29.0873 4172	AsyncMac        (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys
2011/03/31 21:22:29.0936 4172	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\windows\system32\drivers\atapi.sys
2011/03/31 21:22:30.0076 4172	b57nd60x        (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/03/31 21:22:30.0201 4172	BCM43XX         (3f5e7621cdf6867d3d8417d13a098277) C:\windows\system32\DRIVERS\bcmwl6.sys
2011/03/31 21:22:30.0310 4172	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys
2011/03/31 21:22:30.0419 4172	blbdrive        (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys
2011/03/31 21:22:30.0482 4172	bowser          (74b442b2be1260b7588c136177ceac66) C:\windows\system32\DRIVERS\bowser.sys
2011/03/31 21:22:30.0544 4172	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys
2011/03/31 21:22:30.0622 4172	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys
2011/03/31 21:22:30.0716 4172	Brserid         (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys
2011/03/31 21:22:30.0778 4172	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys
2011/03/31 21:22:30.0825 4172	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys
2011/03/31 21:22:30.0872 4172	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys
2011/03/31 21:22:30.0981 4172	BthEnum         (6d39c954799b63ba866910234cf7d726) C:\windows\system32\DRIVERS\BthEnum.sys
2011/03/31 21:22:31.0075 4172	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\windows\system32\drivers\bthmodem.sys
2011/03/31 21:22:31.0137 4172	BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys
2011/03/31 21:22:31.0231 4172	BTHPORT         (5a3abaa2f8eece7aefb942773766e3db) C:\windows\system32\Drivers\BTHport.sys
2011/03/31 21:22:31.0324 4172	BTHUSB          (94e2941280e3756a5e0bcb467865c43a) C:\windows\system32\Drivers\BTHUSB.sys
2011/03/31 21:22:31.0418 4172	btwaudio        (99aeea7cefdfc6e4151a8f620d682088) C:\windows\system32\drivers\btwaudio.sys
2011/03/31 21:22:31.0480 4172	btwavdt         (195872e48a7fb01f8bc9b800f70f4054) C:\windows\system32\drivers\btwavdt.sys
2011/03/31 21:22:31.0543 4172	btwrchid        (0724e7d6c9b6a289eddda33fa8176e80) C:\windows\system32\DRIVERS\btwrchid.sys
2011/03/31 21:22:31.0714 4172	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys
2011/03/31 21:22:31.0808 4172	cdrom           (6b4bffb9becd728097024276430db314) C:\windows\system32\DRIVERS\cdrom.sys
2011/03/31 21:22:31.0870 4172	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys
2011/03/31 21:22:31.0948 4172	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\windows\system32\CLFS.sys
2011/03/31 21:22:32.0057 4172	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys
2011/03/31 21:22:32.0135 4172	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys
2011/03/31 21:22:32.0182 4172	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys
2011/03/31 21:22:32.0260 4172	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys
2011/03/31 21:22:32.0307 4172	Crusoe          (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys
2011/03/31 21:22:32.0432 4172	CSC             (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\windows\system32\drivers\csc.sys
2011/03/31 21:22:32.0541 4172	DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\windows\system32\Drivers\dfsc.sys
2011/03/31 21:22:32.0681 4172	disk            (5d4aefc3386920236a548271f8f1af6a) C:\windows\system32\drivers\disk.sys
2011/03/31 21:22:32.0791 4172	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys
2011/03/31 21:22:32.0884 4172	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\windows\System32\drivers\dxgkrnl.sys
2011/03/31 21:22:32.0978 4172	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys
2011/03/31 21:22:33.0071 4172	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\windows\system32\drivers\ecache.sys
2011/03/31 21:22:33.0149 4172	elxstor         (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys
2011/03/31 21:22:33.0243 4172	ErrDev          (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys
2011/03/31 21:22:33.0337 4172	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\windows\system32\drivers\exfat.sys
2011/03/31 21:22:33.0415 4172	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\windows\system32\drivers\fastfat.sys
2011/03/31 21:22:33.0524 4172	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys
2011/03/31 21:22:33.0617 4172	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys
2011/03/31 21:22:33.0680 4172	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys
2011/03/31 21:22:33.0758 4172	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys
2011/03/31 21:22:33.0820 4172	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\windows\system32\drivers\fltmgr.sys
2011/03/31 21:22:33.0898 4172	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys
2011/03/31 21:22:33.0976 4172	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys
2011/03/31 21:22:34.0054 4172	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/03/31 21:22:34.0195 4172	HBtnKey         (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys
2011/03/31 21:22:34.0304 4172	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys
2011/03/31 21:22:34.0397 4172	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/03/31 21:22:34.0460 4172	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys
2011/03/31 21:22:34.0507 4172	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys
2011/03/31 21:22:34.0585 4172	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\windows\system32\DRIVERS\hidusb.sys
2011/03/31 21:22:34.0694 4172	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys
2011/03/31 21:22:34.0819 4172	hpdskflt        (3520a74fca88a5aefbbe7b937bea75f7) C:\windows\system32\DRIVERS\hpdskflt.sys
2011/03/31 21:22:34.0943 4172	HpqKbFiltr      (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2011/03/31 21:22:35.0037 4172	HTTP            (f870aa3e254628ebeafe754108d664de) C:\windows\system32\drivers\HTTP.sys
2011/03/31 21:22:35.0115 4172	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys
2011/03/31 21:22:35.0193 4172	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys
2011/03/31 21:22:35.0333 4172	iaStor          (db0cc620b27a928d968c1a1e9cd9cb87) C:\windows\system32\drivers\iastor.sys
2011/03/31 21:22:35.0411 4172	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys
2011/03/31 21:22:35.0567 4172	igfx            (d97e70e4e243c9660f91c1112e36c73b) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/03/31 21:22:35.0661 4172	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys
2011/03/31 21:22:35.0770 4172	intelide        (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys
2011/03/31 21:22:35.0848 4172	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys
2011/03/31 21:22:35.0926 4172	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/03/31 21:22:36.0020 4172	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys
2011/03/31 21:22:36.0113 4172	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys
2011/03/31 21:22:36.0207 4172	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys
2011/03/31 21:22:36.0285 4172	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys
2011/03/31 21:22:36.0379 4172	iScsiPrt        (232fa340531d940aac623b121a595034) C:\windows\system32\DRIVERS\msiscsi.sys
2011/03/31 21:22:36.0441 4172	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys
2011/03/31 21:22:36.0519 4172	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys
2011/03/31 21:22:36.0581 4172	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/03/31 21:22:36.0675 4172	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\windows\system32\DRIVERS\kbdhid.sys
2011/03/31 21:22:36.0753 4172	KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\windows\system32\Drivers\ksecdd.sys
2011/03/31 21:22:36.0893 4172	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys
2011/03/31 21:22:36.0987 4172	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys
2011/03/31 21:22:37.0065 4172	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys
2011/03/31 21:22:37.0112 4172	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys
2011/03/31 21:22:37.0143 4172	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys
2011/03/31 21:22:37.0221 4172	megasas         (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys
2011/03/31 21:22:37.0299 4172	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys
2011/03/31 21:22:37.0377 4172	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys
2011/03/31 21:22:37.0439 4172	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys
2011/03/31 21:22:37.0502 4172	mouclass        (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys
2011/03/31 21:22:37.0564 4172	mouhid          (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys
2011/03/31 21:22:37.0627 4172	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys
2011/03/31 21:22:37.0720 4172	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys
2011/03/31 21:22:37.0783 4172	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys
2011/03/31 21:22:37.0845 4172	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys
2011/03/31 21:22:37.0923 4172	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\windows\system32\drivers\mrxdav.sys
2011/03/31 21:22:37.0985 4172	mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/03/31 21:22:38.0079 4172	mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/03/31 21:22:38.0141 4172	mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/03/31 21:22:38.0219 4172	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\windows\system32\drivers\msahci.sys
2011/03/31 21:22:38.0266 4172	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys
2011/03/31 21:22:38.0375 4172	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys
2011/03/31 21:22:38.0422 4172	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys
2011/03/31 21:22:38.0531 4172	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys
2011/03/31 21:22:38.0625 4172	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys
2011/03/31 21:22:38.0656 4172	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys
2011/03/31 21:22:38.0719 4172	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\windows\system32\drivers\MsRPC.sys
2011/03/31 21:22:38.0812 4172	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys
2011/03/31 21:22:38.0906 4172	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys
2011/03/31 21:22:38.0968 4172	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\windows\system32\Drivers\mup.sys
2011/03/31 21:22:39.0046 4172	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\windows\system32\DRIVERS
wifi.sys
2011/03/31 21:22:39.0124 4172	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\windows\system32\drivers
dis.sys
2011/03/31 21:22:39.0233 4172	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\windows\system32\DRIVERS
distapi.sys
2011/03/31 21:22:39.0280 4172	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS
disuio.sys
2011/03/31 21:22:39.0343 4172	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\windows\system32\DRIVERS
diswan.sys
2011/03/31 21:22:39.0421 4172	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys
2011/03/31 21:22:39.0483 4172	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS
etbios.sys
2011/03/31 21:22:39.0561 4172	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\windows\system32\DRIVERS
etbt.sys
2011/03/31 21:22:39.0686 4172	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers
frd960.sys
2011/03/31 21:22:39.0779 4172	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\windows\system32\drivers\Npfs.sys
2011/03/31 21:22:39.0842 4172	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers
siproxy.sys
2011/03/31 21:22:39.0935 4172	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\windows\system32\drivers\Ntfs.sys
2011/03/31 21:22:40.0029 4172	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers
trigdigi.sys
2011/03/31 21:22:40.0107 4172	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys
2011/03/31 21:22:40.0169 4172	nvraid          (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers
vraid.sys
2011/03/31 21:22:40.0201 4172	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers
vstor.sys
2011/03/31 21:22:40.0263 4172	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers
v_agp.sys
2011/03/31 21:22:40.0466 4172	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\windows\system32\drivers\ohci1394.sys
2011/03/31 21:22:40.0575 4172	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\windows\system32\drivers\parport.sys
2011/03/31 21:22:40.0622 4172	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\windows\system32\drivers\partmgr.sys
2011/03/31 21:22:40.0700 4172	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\windows\system32\drivers\parvdm.sys
2011/03/31 21:22:40.0809 4172	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\windows\system32\drivers\pci.sys
2011/03/31 21:22:40.0887 4172	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\windows\system32\drivers\pciide.sys
2011/03/31 21:22:40.0981 4172	pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\windows\system32\DRIVERS\pcmcia.sys
2011/03/31 21:22:41.0059 4172	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys
2011/03/31 21:22:41.0230 4172	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERSaspptp.sys
2011/03/31 21:22:41.0308 4172	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\drivers\processr.sys
2011/03/31 21:22:41.0402 4172	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\windows\system32\DRIVERS\pacer.sys
2011/03/31 21:22:41.0511 4172	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys
2011/03/31 21:22:41.0589 4172	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys
2011/03/31 21:22:41.0698 4172	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys
2011/03/31 21:22:41.0761 4172	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys
2011/03/31 21:22:41.0823 4172	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERSasacd.sys
2011/03/31 21:22:41.0901 4172	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERSasl2tp.sys
2011/03/31 21:22:41.0963 4172	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\windows\system32\DRIVERSaspppoe.sys
2011/03/31 21:22:42.0026 4172	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\windows\system32\DRIVERSassstp.sys
2011/03/31 21:22:42.0088 4172	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\windows\system32\DRIVERSdbss.sys
2011/03/31 21:22:42.0166 4172	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/03/31 21:22:42.0260 4172	rdpdr           (943b18305eae3935598a9b4a3d560b4c) C:\windows\system32\DRIVERSdpdr.sys
2011/03/31 21:22:42.0307 4172	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\driversdpencdd.sys
2011/03/31 21:22:42.0400 4172	RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\windows\system32\drivers\RDPWD.sys
2011/03/31 21:22:42.0525 4172	RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\windows\system32\DRIVERSfcomm.sys
2011/03/31 21:22:42.0650 4172	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERSspndr.sys
2011/03/31 21:22:42.0712 4172	RsvLock         (3beefe509c414f3a6e55e5c7c4024581) C:\windows\system32\drivers\RsvLock.sys
2011/03/31 21:22:42.0759 4172	SafeBoot        (2a5eedcb22a5d6bb0231e38a38e7a7d9) C:\windows\system32\drivers\SafeBoot.sys
2011/03/31 21:22:42.0759 4172	Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 2a5eedcb22a5d6bb0231e38a38e7a7d9
2011/03/31 21:22:42.0790 4172	SafeBoot - detected Locked file (1)
2011/03/31 21:22:42.0853 4172	SbAlg           (52dcde2d1787217e15ffdca1cbf8cce9) C:\windows\system32\drivers\SbAlg.sys
2011/03/31 21:22:42.0915 4172	SbFsLock        (69a5af9ce49a0982e7ae7c7d62bdb2b1) C:\windows\system32\drivers\SbFsLock.sys
2011/03/31 21:22:42.0977 4172	sbp2port        (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys
2011/03/31 21:22:43.0071 4172	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/03/31 21:22:43.0149 4172	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\windows\system32\drivers\serenum.sys
2011/03/31 21:22:43.0258 4172	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\windows\system32\drivers\serial.sys
2011/03/31 21:22:43.0352 4172	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys
2011/03/31 21:22:43.0461 4172	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys
2011/03/31 21:22:43.0508 4172	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys
2011/03/31 21:22:43.0570 4172	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys
2011/03/31 21:22:43.0633 4172	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\windows\system32\drivers\sfloppy.sys
2011/03/31 21:22:43.0726 4172	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys
2011/03/31 21:22:43.0789 4172	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys
2011/03/31 21:22:43.0835 4172	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys
2011/03/31 21:22:43.0929 4172	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\windows\system32\DRIVERS\smb.sys
2011/03/31 21:22:44.0085 4172	SNP2UVC         (cf9cde12fbc19dba8de528b7511a2f4f) C:\windows\system32\DRIVERS\snp2uvc.sys
2011/03/31 21:22:44.0210 4172	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys
2011/03/31 21:22:44.0319 4172	srv             (ff3cbc13db84d81f56931bc922cc37c4) C:\windows\system32\DRIVERS\srv.sys
2011/03/31 21:22:44.0413 4172	srv2            (d15959d9f69f0d39a0153e9c244f20dd) C:\windows\system32\DRIVERS\srv2.sys
2011/03/31 21:22:44.0459 4172	srvnet          (faa0d553a49e85008c6bb3781987c574) C:\windows\system32\DRIVERS\srvnet.sys
2011/03/31 21:22:44.0584 4172	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys
2011/03/31 21:22:44.0647 4172	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys
2011/03/31 21:22:44.0709 4172	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys
2011/03/31 21:22:44.0787 4172	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys
2011/03/31 21:22:44.0881 4172	SynTP           (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys
2011/03/31 21:22:45.0005 4172	Tcpip           (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\drivers	cpip.sys
2011/03/31 21:22:45.0115 4172	Tcpip6          (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\DRIVERS	cpip.sys
2011/03/31 21:22:45.0208 4172	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\windows\system32\drivers	cpipreg.sys
2011/03/31 21:22:45.0286 4172	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers	dpipe.sys
2011/03/31 21:22:45.0349 4172	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers	dtcp.sys
2011/03/31 21:22:45.0427 4172	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\windows\system32\DRIVERS	dx.sys
2011/03/31 21:22:45.0505 4172	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\windows\system32\DRIVERS	ermdd.sys
2011/03/31 21:22:45.0645 4172	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS	ssecsrv.sys
2011/03/31 21:22:45.0707 4172	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS	unmp.sys
2011/03/31 21:22:45.0801 4172	tunnel          (300db877ac094feab0be7688c3454a9c) C:\windows\system32\DRIVERS	unnel.sys
2011/03/31 21:22:45.0879 4172	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys
2011/03/31 21:22:45.0957 4172	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\windows\system32\DRIVERS\udfs.sys
2011/03/31 21:22:46.0066 4172	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys
2011/03/31 21:22:46.0160 4172	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys
2011/03/31 21:22:46.0207 4172	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys
2011/03/31 21:22:46.0269 4172	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys
2011/03/31 21:22:46.0316 4172	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys
2011/03/31 21:22:46.0409 4172	USBAAPL         (5c2bdc152bbab34f36473deaf7713f22) C:\windows\system32\Drivers\usbaapl.sys
2011/03/31 21:22:46.0487 4172	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys
2011/03/31 21:22:46.0550 4172	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys
2011/03/31 21:22:46.0643 4172	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\windows\system32\DRIVERS\usbehci.sys
2011/03/31 21:22:46.0737 4172	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\windows\system32\DRIVERS\usbhub.sys
2011/03/31 21:22:46.0815 4172	usbohci         (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys
2011/03/31 21:22:46.0862 4172	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys
2011/03/31 21:22:46.0955 4172	usbscan         (a508c9bd8724980512136b039bba65e9) C:\windows\system32\DRIVERS\usbscan.sys
2011/03/31 21:22:47.0033 4172	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/03/31 21:22:47.0111 4172	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys
2011/03/31 21:22:47.0174 4172	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\windows\system32\Drivers\usbvideo.sys
2011/03/31 21:22:47.0267 4172	vga             (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys
2011/03/31 21:22:47.0345 4172	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys
2011/03/31 21:22:47.0392 4172	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys
2011/03/31 21:22:47.0455 4172	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys
2011/03/31 21:22:47.0501 4172	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys
2011/03/31 21:22:47.0564 4172	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys
2011/03/31 21:22:47.0657 4172	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\windows\system32\drivers\volmgrx.sys
2011/03/31 21:22:47.0735 4172	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\windows\system32\drivers\volsnap.sys
2011/03/31 21:22:47.0782 4172	vsmraid         (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys
2011/03/31 21:22:47.0907 4172	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys
2011/03/31 21:22:47.0954 4172	Wanarp          (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/31 21:22:47.0985 4172	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/31 21:22:48.0063 4172	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys
2011/03/31 21:22:48.0141 4172	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys
2011/03/31 21:22:48.0359 4172	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/03/31 21:22:48.0484 4172	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\windows\system32\DRIVERS\wpdusb.sys
2011/03/31 21:22:48.0531 4172	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys
2011/03/31 21:22:48.0609 4172	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/03/31 21:22:48.0687 4172	yukonwlh        (f72d4bffa37e857d195048c498afc61b) C:\windows\system32\DRIVERS\yk60x86.sys
2011/03/31 21:22:48.0781 4172	================================================================================
2011/03/31 21:22:48.0781 4172	Scan finished
2011/03/31 21:22:48.0781 4172	================================================================================
2011/03/31 21:22:48.0796 5380	Detected object count: 1
2011/03/31 21:22:59.0045 5380	HKLM\SYSTEM\ControlSet001\services\SafeBoot - will be deleted after reboot
2011/03/31 21:22:59.0092 5380	HKLM\SYSTEM\ControlSet002\services\SafeBoot - will be deleted after reboot
2011/03/31 21:22:59.0123 5380	C:\windows\system32\drivers\SafeBoot.sys - will be deleted after reboot
2011/03/31 21:22:59.0123 5380	Locked file(SafeBoot) - User select action: Delete

gen-hackman · Answer

__________________________________________________ =>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <= =>il est fort déconseillé de le transposer sur un autre ordinateur !<= ---------------------------------------------------------------------------- Toujours avec toutes les protections désactivées, fais ceci : ▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes) ▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) : ---------------------------------------------------------- KillAll:: Driver:: Safeboot ------------------------------------------------------------------ ▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt ▶ Quitte le Bloc Notes ▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix ▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé. ▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu. ▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt

darkovnus · Answer

A chaque fois que j'ai essayer cette manoeuvre, mon ordi redémarre automatiquement  a la fin du scanne  de combofix, mon ordinateur refuse  de s'allumer sauf après que j 'ai lancer l'outil de réparation windows, une fois l'ordinateur redémarrer je recherche le rapport de combofix en le cherchant sous le nom C:/Combofix.txt, un fichier apparait mais il est impossible de l'ouvrir une fenetre s'affiche avec ecrit qu'il n'existe pas ou que le nom est inexact.

J'ai tout recommencer trois fois et a chaque fois se scenario se reproduit, que dois je faire du coups ???

gen-hackman · Answer

repasse TDSSKiller ?

supprime tous ses autres rappports dans C'\ et sur ton bureau si presents

darkovnus · Answer

et voici le rapport de TDSS Killer



2011/04/01 22:38:45.0131 5444	TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20
2011/04/01 22:38:47.0893 5444	================================================================================
2011/04/01 22:38:47.0893 5444	SystemInfo:
2011/04/01 22:38:47.0893 5444	
2011/04/01 22:38:47.0893 5444	OS Version: 6.0.6002 ServicePack: 2.0
2011/04/01 22:38:47.0893 5444	Product type: Workstation
2011/04/01 22:38:47.0893 5444	ComputerName: PC-DE-LOLO
2011/04/01 22:38:47.0909 5444	UserName: Lolo
2011/04/01 22:38:47.0909 5444	Windows directory: C:\windows
2011/04/01 22:38:47.0909 5444	System windows directory: C:\windows
2011/04/01 22:38:47.0909 5444	Processor architecture: Intel x86
2011/04/01 22:38:47.0909 5444	Number of processors: 1
2011/04/01 22:38:47.0909 5444	Page size: 0x1000
2011/04/01 22:38:47.0909 5444	Boot type: Normal boot
2011/04/01 22:38:47.0909 5444	================================================================================
2011/04/01 22:38:49.0172 5444	Initialize success
2011/04/01 22:38:50.0936 4004	================================================================================
2011/04/01 22:38:50.0936 4004	Scan started
2011/04/01 22:38:50.0936 4004	Mode: Manual; 
2011/04/01 22:38:50.0936 4004	================================================================================
2011/04/01 22:39:24.0935 4004	Accelerometer   (a9b917777841b76f299e2ea946e03adf) C:\windows\system32\DRIVERS\Accelerometer.sys
2011/04/01 22:39:25.0435 4004	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\windows\system32\drivers\acpi.sys
2011/04/01 22:39:25.0528 4004	adfs            (6d7f09cd92a9fef3a8efce66231fdd79) C:\windows\system32\drivers\adfs.sys
2011/04/01 22:39:26.0137 4004	ADIHdAudAddService (364a903711e84eb1386fa04106681b7a) C:\windows\system32\drivers\ADIHdAud.sys
2011/04/01 22:39:26.0527 4004	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys
2011/04/01 22:39:26.0886 4004	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys
2011/04/01 22:39:27.0073 4004	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys
2011/04/01 22:39:27.0182 4004	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys
2011/04/01 22:39:27.0401 4004	AFD             (a201207363aa900abf1a388468688570) C:\windows\system32\drivers\afd.sys
2011/04/01 22:39:27.0650 4004	AgereSoftModem  (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys
2011/04/01 22:39:28.0072 4004	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys
2011/04/01 22:39:28.0181 4004	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys
2011/04/01 22:39:28.0275 4004	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys
2011/04/01 22:39:28.0368 4004	amdagp          (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys
2011/04/01 22:39:28.0930 4004	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys
2011/04/01 22:39:29.0679 4004	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys
2011/04/01 22:39:30.0006 4004	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys
2011/04/01 22:39:31.0068 4004	arc             (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys
2011/04/01 22:39:31.0146 4004	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys
2011/04/01 22:39:31.0473 4004	aswFsBlk        (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys
2011/04/01 22:39:31.0567 4004	aswMonFlt       (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys
2011/04/01 22:39:31.0801 4004	aswRdr          (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys
2011/04/01 22:39:31.0910 4004	aswSP           (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys
2011/04/01 22:39:32.0035 4004	aswTdi          (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys
2011/04/01 22:39:32.0175 4004	AsyncMac        (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys
2011/04/01 22:39:32.0347 4004	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\windows\system32\drivers\atapi.sys
2011/04/01 22:39:32.0519 4004	b57nd60x        (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/04/01 22:39:32.0706 4004	BCM43XX         (3f5e7621cdf6867d3d8417d13a098277) C:\windows\system32\DRIVERS\bcmwl6.sys
2011/04/01 22:39:32.0956 4004	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys
2011/04/01 22:39:33.0314 4004	blbdrive        (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys
2011/04/01 22:39:33.0455 4004	bowser          (74b442b2be1260b7588c136177ceac66) C:\windows\system32\DRIVERS\bowser.sys
2011/04/01 22:39:33.0814 4004	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys
2011/04/01 22:39:34.0079 4004	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys
2011/04/01 22:39:34.0235 4004	Brserid         (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys
2011/04/01 22:39:34.0329 4004	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys
2011/04/01 22:39:34.0391 4004	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys
2011/04/01 22:39:34.0516 4004	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys
2011/04/01 22:39:34.0610 4004	BthEnum         (6d39c954799b63ba866910234cf7d726) C:\windows\system32\DRIVERS\BthEnum.sys
2011/04/01 22:39:34.0750 4004	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\windows\system32\drivers\bthmodem.sys
2011/04/01 22:39:34.0968 4004	BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys
2011/04/01 22:39:35.0249 4004	BTHPORT         (5a3abaa2f8eece7aefb942773766e3db) C:\windows\system32\Drivers\BTHport.sys
2011/04/01 22:39:35.0686 4004	BTHUSB          (94e2941280e3756a5e0bcb467865c43a) C:\windows\system32\Drivers\BTHUSB.sys
2011/04/01 22:39:35.0905 4004	btwaudio        (99aeea7cefdfc6e4151a8f620d682088) C:\windows\system32\drivers\btwaudio.sys
2011/04/01 22:39:36.0185 4004	btwavdt         (195872e48a7fb01f8bc9b800f70f4054) C:\windows\system32\drivers\btwavdt.sys
2011/04/01 22:39:36.0310 4004	btwrchid        (0724e7d6c9b6a289eddda33fa8176e80) C:\windows\system32\DRIVERS\btwrchid.sys
2011/04/01 22:39:36.0466 4004	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys
2011/04/01 22:39:36.0576 4004	cdrom           (6b4bffb9becd728097024276430db314) C:\windows\system32\DRIVERS\cdrom.sys
2011/04/01 22:39:36.0685 4004	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys
2011/04/01 22:39:36.0825 4004	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\windows\system32\CLFS.sys
2011/04/01 22:39:36.0934 4004	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys
2011/04/01 22:39:36.0981 4004	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys
2011/04/01 22:39:37.0075 4004	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys
2011/04/01 22:39:37.0215 4004	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys
2011/04/01 22:39:37.0340 4004	Crusoe          (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys
2011/04/01 22:39:37.0465 4004	CSC             (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\windows\system32\drivers\csc.sys
2011/04/01 22:39:37.0590 4004	DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\windows\system32\Drivers\dfsc.sys
2011/04/01 22:39:37.0715 4004	disk            (5d4aefc3386920236a548271f8f1af6a) C:\windows\system32\drivers\disk.sys
2011/04/01 22:39:37.0964 4004	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys
2011/04/01 22:39:38.0183 4004	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\windows\System32\drivers\dxgkrnl.sys
2011/04/01 22:39:38.0526 4004	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys
2011/04/01 22:39:38.0854 4004	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\windows\system32\drivers\ecache.sys
2011/04/01 22:39:39.0072 4004	elxstor         (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys
2011/04/01 22:39:39.0384 4004	ErrDev          (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys
2011/04/01 22:39:39.0681 4004	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\windows\system32\drivers\exfat.sys
2011/04/01 22:39:40.0024 4004	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\windows\system32\drivers\fastfat.sys
2011/04/01 22:39:40.0788 4004	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys
2011/04/01 22:39:41.0054 4004	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys
2011/04/01 22:39:41.0303 4004	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys
2011/04/01 22:39:41.0537 4004	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys
2011/04/01 22:39:41.0771 4004	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\windows\system32\drivers\fltmgr.sys
2011/04/01 22:39:42.0084 4004	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys
2011/04/01 22:39:42.0676 4004	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys
2011/04/01 22:39:43.0082 4004	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/01 22:39:43.0581 4004	HBtnKey         (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys
2011/04/01 22:39:43.0800 4004	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys
2011/04/01 22:39:43.0909 4004	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/04/01 22:39:44.0050 4004	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys
2011/04/01 22:39:44.0128 4004	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys
2011/04/01 22:39:44.0518 4004	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\windows\system32\DRIVERS\hidusb.sys
2011/04/01 22:39:44.0877 4004	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys
2011/04/01 22:39:45.0064 4004	hpdskflt        (3520a74fca88a5aefbbe7b937bea75f7) C:\windows\system32\DRIVERS\hpdskflt.sys
2011/04/01 22:39:45.0282 4004	HpqKbFiltr      (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2011/04/01 22:39:45.0501 4004	HTTP            (f870aa3e254628ebeafe754108d664de) C:\windows\system32\drivers\HTTP.sys
2011/04/01 22:39:45.0704 4004	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys
2011/04/01 22:39:45.0969 4004	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys
2011/04/01 22:39:46.0312 4004	iaStor          (db0cc620b27a928d968c1a1e9cd9cb87) C:\windows\system32\drivers\iastor.sys
2011/04/01 22:39:46.0577 4004	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys
2011/04/01 22:39:47.0217 4004	igfx            (d97e70e4e243c9660f91c1112e36c73b) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/04/01 22:39:47.0982 4004	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys
2011/04/01 22:39:48.0419 4004	intelide        (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys
2011/04/01 22:39:48.0731 4004	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys
2011/04/01 22:39:48.0980 4004	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/04/01 22:39:49.0183 4004	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys
2011/04/01 22:39:49.0277 4004	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys
2011/04/01 22:39:49.0402 4004	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys
2011/04/01 22:39:49.0495 4004	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys
2011/04/01 22:39:49.0589 4004	iScsiPrt        (232fa340531d940aac623b121a595034) C:\windows\system32\DRIVERS\msiscsi.sys
2011/04/01 22:39:49.0698 4004	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys
2011/04/01 22:39:49.0807 4004	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys
2011/04/01 22:39:49.0885 4004	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/04/01 22:39:49.0963 4004	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\windows\system32\DRIVERS\kbdhid.sys
2011/04/01 22:39:50.0150 4004	KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\windows\system32\Drivers\ksecdd.sys
2011/04/01 22:39:50.0291 4004	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys
2011/04/01 22:39:50.0416 4004	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys
2011/04/01 22:39:50.0525 4004	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys
2011/04/01 22:39:50.0572 4004	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys
2011/04/01 22:39:50.0665 4004	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys
2011/04/01 22:39:50.0837 4004	megasas         (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys
2011/04/01 22:39:50.0915 4004	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys
2011/04/01 22:39:51.0087 4004	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys
2011/04/01 22:39:51.0165 4004	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys
2011/04/01 22:39:51.0290 4004	mouclass        (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys
2011/04/01 22:39:51.0508 4004	mouhid          (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys
2011/04/01 22:39:51.0617 4004	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys
2011/04/01 22:39:51.0773 4004	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys
2011/04/01 22:39:51.0898 4004	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys
2011/04/01 22:39:52.0070 4004	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys
2011/04/01 22:39:52.0210 4004	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\windows\system32\drivers\mrxdav.sys
2011/04/01 22:39:52.0366 4004	mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/04/01 22:39:52.0538 4004	mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/04/01 22:39:52.0725 4004	mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/04/01 22:39:52.0834 4004	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\windows\system32\drivers\msahci.sys
2011/04/01 22:39:52.0912 4004	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys
2011/04/01 22:39:53.0458 4004	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys
2011/04/01 22:39:53.0786 4004	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys
2011/04/01 22:39:54.0036 4004	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys
2011/04/01 22:39:54.0270 4004	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys
2011/04/01 22:39:54.0629 4004	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys
2011/04/01 22:39:54.0847 4004	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\windows\system32\drivers\MsRPC.sys
2011/04/01 22:39:55.0066 4004	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys
2011/04/01 22:39:55.0222 4004	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys
2011/04/01 22:39:55.0549 4004	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\windows\system32\Drivers\mup.sys
2011/04/01 22:39:55.0924 4004	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\windows\system32\DRIVERS
wifi.sys
2011/04/01 22:39:56.0220 4004	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\windows\system32\drivers
dis.sys
2011/04/01 22:39:56.0579 4004	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\windows\system32\DRIVERS
distapi.sys
2011/04/01 22:39:56.0766 4004	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS
disuio.sys
2011/04/01 22:39:56.0922 4004	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\windows\system32\DRIVERS
diswan.sys
2011/04/01 22:39:57.0172 4004	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys
2011/04/01 22:39:57.0468 4004	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS
etbios.sys
2011/04/01 22:39:57.0765 4004	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\windows\system32\DRIVERS
etbt.sys
2011/04/01 22:39:58.0093 4004	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers
frd960.sys
2011/04/01 22:39:58.0498 4004	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\windows\system32\drivers\Npfs.sys
2011/04/01 22:39:58.0920 4004	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers
siproxy.sys
2011/04/01 22:39:59.0606 4004	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\windows\system32\drivers\Ntfs.sys
2011/04/01 22:39:59.0981 4004	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers
trigdigi.sys
2011/04/01 22:40:00.0293 4004	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys
2011/04/01 22:40:00.0574 4004	nvraid          (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers
vraid.sys
2011/04/01 22:40:00.0854 4004	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers
vstor.sys
2011/04/01 22:40:01.0120 4004	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers
v_agp.sys
2011/04/01 22:40:01.0947 4004	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\windows\system32\drivers\ohci1394.sys
2011/04/01 22:40:02.0540 4004	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\windows\system32\drivers\parport.sys
2011/04/01 22:40:03.0054 4004	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\windows\system32\drivers\partmgr.sys
2011/04/01 22:40:03.0413 4004	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\windows\system32\drivers\parvdm.sys
2011/04/01 22:40:03.0881 4004	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\windows\system32\drivers\pci.sys
2011/04/01 22:40:04.0225 4004	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\windows\system32\drivers\pciide.sys
2011/04/01 22:40:04.0630 4004	pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\windows\system32\DRIVERS\pcmcia.sys
2011/04/01 22:40:05.0099 4004	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys
2011/04/01 22:40:05.0489 4004	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERSaspptp.sys
2011/04/01 22:40:05.0801 4004	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\drivers\processr.sys
2011/04/01 22:40:06.0050 4004	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\windows\system32\DRIVERS\pacer.sys
2011/04/01 22:40:06.0409 4004	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys
2011/04/01 22:40:07.0392 4004	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys
2011/04/01 22:40:07.0923 4004	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys
2011/04/01 22:40:08.0516 4004	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys
2011/04/01 22:40:09.0187 4004	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERSasacd.sys
2011/04/01 22:40:09.0483 4004	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERSasl2tp.sys
2011/04/01 22:40:09.0717 4004	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\windows\system32\DRIVERSaspppoe.sys
2011/04/01 22:40:10.0029 4004	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\windows\system32\DRIVERSassstp.sys
2011/04/01 22:40:10.0310 4004	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\windows\system32\DRIVERSdbss.sys
2011/04/01 22:40:11.0028 4004	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/04/01 22:40:11.0277 4004	rdpdr           (943b18305eae3935598a9b4a3d560b4c) C:\windows\system32\DRIVERSdpdr.sys
2011/04/01 22:40:11.0699 4004	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\driversdpencdd.sys
2011/04/01 22:40:12.0104 4004	RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\windows\system32\drivers\RDPWD.sys
2011/04/01 22:40:12.0401 4004	RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\windows\system32\DRIVERSfcomm.sys
2011/04/01 22:40:12.0900 4004	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERSspndr.sys
2011/04/01 22:40:13.0431 4004	RsvLock         (3beefe509c414f3a6e55e5c7c4024581) C:\windows\system32\drivers\RsvLock.sys
2011/04/01 22:40:13.0790 4004	SafeBoot        (2a5eedcb22a5d6bb0231e38a38e7a7d9) C:\windows\system32\drivers\SafeBoot.sys
2011/04/01 22:40:13.0790 4004	Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 2a5eedcb22a5d6bb0231e38a38e7a7d9
2011/04/01 22:40:13.0790 4004	SafeBoot - detected Locked file (1)
2011/04/01 22:40:14.0102 4004	SbAlg           (52dcde2d1787217e15ffdca1cbf8cce9) C:\windows\system32\drivers\SbAlg.sys
2011/04/01 22:40:14.0523 4004	SbFsLock        (69a5af9ce49a0982e7ae7c7d62bdb2b1) C:\windows\system32\drivers\SbFsLock.sys
2011/04/01 22:40:14.0929 4004	sbp2port        (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys
2011/04/01 22:40:15.0303 4004	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/04/01 22:40:15.0693 4004	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\windows\system32\drivers\serenum.sys
2011/04/01 22:40:16.0130 4004	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\windows\system32\drivers\serial.sys
2011/04/01 22:40:16.0489 4004	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys
2011/04/01 22:40:16.0832 4004	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys
2011/04/01 22:40:17.0160 4004	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys
2011/04/01 22:40:17.0347 4004	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys
2011/04/01 22:40:17.0612 4004	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\windows\system32\drivers\sfloppy.sys
2011/04/01 22:40:17.0971 4004	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys
2011/04/01 22:40:18.0315 4004	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys
2011/04/01 22:40:18.0876 4004	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys
2011/04/01 22:40:19.0376 4004	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\windows\system32\DRIVERS\smb.sys
2011/04/01 22:40:20.0437 4004	SNP2UVC         (cf9cde12fbc19dba8de528b7511a2f4f) C:\windows\system32\DRIVERS\snp2uvc.sys
2011/04/01 22:40:21.0388 4004	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys
2011/04/01 22:40:21.0779 4004	srv             (ff3cbc13db84d81f56931bc922cc37c4) C:\windows\system32\DRIVERS\srv.sys
2011/04/01 22:40:22.0309 4004	srv2            (d15959d9f69f0d39a0153e9c244f20dd) C:\windows\system32\DRIVERS\srv2.sys
2011/04/01 22:40:22.0512 4004	srvnet          (faa0d553a49e85008c6bb3781987c574) C:\windows\system32\DRIVERS\srvnet.sys
2011/04/01 22:40:22.0762 4004	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys
2011/04/01 22:40:22.0840 4004	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys
2011/04/01 22:40:22.0949 4004	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys
2011/04/01 22:40:23.0042 4004	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys
2011/04/01 22:40:23.0198 4004	SynTP           (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys
2011/04/01 22:40:23.0448 4004	Tcpip           (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\drivers	cpip.sys
2011/04/01 22:40:23.0557 4004	Tcpip6          (a474879afa4a596b3a531f3e69730dbf) C:\windows\system32\DRIVERS	cpip.sys
2011/04/01 22:40:23.0667 4004	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\windows\system32\drivers	cpipreg.sys
2011/04/01 22:40:23.0745 4004	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers	dpipe.sys
2011/04/01 22:40:23.0885 4004	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers	dtcp.sys
2011/04/01 22:40:23.0932 4004	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\windows\system32\DRIVERS	dx.sys
2011/04/01 22:40:24.0025 4004	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\windows\system32\DRIVERS	ermdd.sys
2011/04/01 22:40:24.0150 4004	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS	ssecsrv.sys
2011/04/01 22:40:24.0228 4004	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS	unmp.sys
2011/04/01 22:40:24.0322 4004	tunnel          (300db877ac094feab0be7688c3454a9c) C:\windows\system32\DRIVERS	unnel.sys
2011/04/01 22:40:24.0416 4004	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys
2011/04/01 22:40:24.0540 4004	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\windows\system32\DRIVERS\udfs.sys
2011/04/01 22:40:24.0915 4004	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys
2011/04/01 22:40:24.0962 4004	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys
2011/04/01 22:40:25.0055 4004	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys
2011/04/01 22:40:25.0102 4004	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys
2011/04/01 22:40:25.0149 4004	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys
2011/04/01 22:40:25.0305 4004	USBAAPL         (5c2bdc152bbab34f36473deaf7713f22) C:\windows\system32\Drivers\usbaapl.sys
2011/04/01 22:40:25.0383 4004	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys
2011/04/01 22:40:25.0430 4004	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys
2011/04/01 22:40:25.0492 4004	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\windows\system32\DRIVERS\usbehci.sys
2011/04/01 22:40:25.0633 4004	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\windows\system32\DRIVERS\usbhub.sys
2011/04/01 22:40:25.0742 4004	usbohci         (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys
2011/04/01 22:40:25.0835 4004	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys
2011/04/01 22:40:25.0913 4004	usbscan         (a508c9bd8724980512136b039bba65e9) C:\windows\system32\DRIVERS\usbscan.sys
2011/04/01 22:40:25.0991 4004	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/04/01 22:40:26.0070 4004	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys
2011/04/01 22:40:26.0132 4004	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\windows\system32\Drivers\usbvideo.sys
2011/04/01 22:40:26.0257 4004	vga             (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys
2011/04/01 22:40:26.0335 4004	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys
2011/04/01 22:40:26.0522 4004	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys
2011/04/01 22:40:26.0584 4004	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys
2011/04/01 22:40:26.0631 4004	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys
2011/04/01 22:40:26.0678 4004	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys
2011/04/01 22:40:26.0772 4004	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\windows\system32\drivers\volmgrx.sys
2011/04/01 22:40:26.0881 4004	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\windows\system32\drivers\volsnap.sys
2011/04/01 22:40:26.0943 4004	vsmraid         (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys
2011/04/01 22:40:27.0131 4004	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys
2011/04/01 22:40:27.0209 4004	Wanarp          (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/04/01 22:40:27.0240 4004	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/04/01 22:40:27.0380 4004	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys
2011/04/01 22:40:27.0552 4004	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys
2011/04/01 22:40:27.0801 4004	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/04/01 22:40:28.0098 4004	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\windows\system32\DRIVERS\wpdusb.sys
2011/04/01 22:40:28.0207 4004	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys
2011/04/01 22:40:28.0426 4004	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/04/01 22:40:28.0597 4004	yukonwlh        (f72d4bffa37e857d195048c498afc61b) C:\windows\system32\DRIVERS\yk60x86.sys
2011/04/01 22:40:28.0691 4004	================================================================================
2011/04/01 22:40:28.0691 4004	Scan finished
2011/04/01 22:40:28.0691 4004	================================================================================
2011/04/01 22:40:28.0706 3444	Detected object count: 1
2011/04/01 22:40:36.0571 3444	HKLM\SYSTEM\ControlSet001\services\SafeBoot - will be deleted after reboot
2011/04/01 22:40:36.0633 3444	HKLM\SYSTEM\ControlSet002\services\SafeBoot - will be deleted after reboot
2011/04/01 22:40:36.0742 3444	C:\windows\system32\drivers\SafeBoot.sys - will be deleted after reboot
2011/04/01 22:40:36.0742 3444	Locked file(SafeBoot) - User select action: Delete

gen-hackman · Answer

bbon on a un gros probleme là...... 

1. Télécharge The Avenger par Swandog46 sur le Bureau 

http://www.geekstogo.com/forum/files/file/393-the-avenger-by-swandog46/ 

Clique sur Avenger.zip pour ouvrir le fichier 
Extraire avenger.exe sur le bureau 

2. Copier tout le texte en gras ci-dessous : mettre en surbrillance et appuyer sur les touches(Ctrl+C): 

DRivers to Disable: 
Safeboot 

Drivers to delete:
safeboot 

File to delete: 
C:\Windows\System32\Drivers\Safeboot.sys 
 
IMPORTANT: Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur. 
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système. 

Ferme toutes les applications et ton navigateur 

3. Maintenant, lance The Avenger en cliquant sur son icône du bureau. 

Vérifie que la case devant "Automatically disable any rootkits found" n'est pas cochée. 


Cclique sur l'icone de droite (en rose et bleu). Le texte va se copier dans la fenêtre. 

Clique sur Execute 

4. The Avenger va automatiquement faire ce qui suit: 


Il va Re-démarrer le système. 
Pendant le re-démarrage, il apparaitra brièvement une fenêtre de commande de windows noire sur le bureau, ceci est NORMAL. 
Après le re-démarrage, il crée un fichier log qui s'ouvrira, faisant apparaitre les actions exécutées par The Avenger. Ce fichier log se trouve ici : C:\avenger.txt 
The Avenger aura également sauvegardé tous les fichiers, etc., que tu lui as demandé de supprimer, les aura compactés (zipped) et tranféré l'archive zip ici C:\avenger\backup.zip. 

5. Pour finir copier/coller le contenu du ficher c:\avenger.txt dans ta réponse  
G3?-?@¢??@?......Concepteur de List_Kill'em...

darkovnus · Answer

Je viens de faire cette manoeuvre a deux reprise et mon ordinateur fait exactement le meme scenario que lorsque j'ai utiliser combofix tout a l'heure sauf qu'avant d'atterir sur l'ecran qui me demande de lancer l'outil de réparation windows, un ecran bleu s'allume avec des ecriture blanche reste même pas trente seconde et ensuite s'en va !!!!!

gen-hackman · Answer

__________________________________________________ =>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <= =>il est fort déconseillé de le transposer sur un autre ordinateur !<= ---------------------------------------------------------------------------- Toujours avec toutes les protections désactivées, fais ceci : ▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes) ▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) : ---------------------------------------------------------- KillAll:: Rootkit:: C:\windows\system32\drivers\SafeBoot.sys [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SafeBoot] [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SafeBoot] ------------------------------------------------------------------ ▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt ▶ Quitte le Bloc Notes ▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix ▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé. ▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu. ▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt

Comment supprimer un rootkit physical drive

37 réponses

Newsletters