Sujet Précédent Sujet Suivant

Ompossible de supprimer boot.tidserv

jopraloup -  
 Utilisateur anonyme -
Bonjour, j'ai lu plusieurs tuto pour supprimer boot.tidserv mais son aucun resultat je suis perdu aider moi svp

A voir également:

20 réponses

Réponse 1 / 20
Utilisateur anonyme
 
salut

▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : télécharger la derniere version

▶ relance-le

choisis : lancer le nettoyage

TDSSKiller va s'ouvrir , clique sur "Start Scan"

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.
0
Réponse 2 / 20
jopraloup
 
2011/05/23 15:46:15.0065 4896 TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29
2011/05/23 15:46:15.0157 4896 ================================================================================
2011/05/23 15:46:15.0157 4896 SystemInfo:
2011/05/23 15:46:15.0157 4896
2011/05/23 15:46:15.0157 4896 OS Version: 6.1.7600 ServicePack: 0.0
2011/05/23 15:46:15.0157 4896 Product type: Workstation
2011/05/23 15:46:15.0157 4896 ComputerName: MELIJO-HP
2011/05/23 15:46:15.0158 4896 UserName: Melijo
2011/05/23 15:46:15.0158 4896 Windows directory: C:\Windows
2011/05/23 15:46:15.0158 4896 System windows directory: C:\Windows
2011/05/23 15:46:15.0158 4896 Running under WOW64
2011/05/23 15:46:15.0158 4896 Processor architecture: Intel x64
2011/05/23 15:46:15.0158 4896 Number of processors: 4
2011/05/23 15:46:15.0158 4896 Page size: 0x1000
2011/05/23 15:46:15.0158 4896 Boot type: Normal boot
2011/05/23 15:46:15.0158 4896 ================================================================================
2011/05/23 15:46:15.0457 4896 Initialize success
2011/05/23 15:46:17.0249 1980 ================================================================================
2011/05/23 15:46:17.0249 1980 Scan started
2011/05/23 15:46:17.0249 1980 Mode: Manual;
2011/05/23 15:46:17.0249 1980 ================================================================================
2011/05/23 15:46:17.0503 1980 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/05/23 15:46:17.0527 1980 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/05/23 15:46:17.0544 1980 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/05/23 15:46:17.0576 1980 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/23 15:46:17.0604 1980 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/23 15:46:17.0626 1980 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/23 15:46:17.0665 1980 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/05/23 15:46:17.0686 1980 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/05/23 15:46:17.0719 1980 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/05/23 15:46:17.0749 1980 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/05/23 15:46:17.0763 1980 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/23 15:46:17.0795 1980 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/23 15:46:17.0821 1980 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
2011/05/23 15:46:17.0851 1980 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/23 15:46:17.0871 1980 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
2011/05/23 15:46:17.0915 1980 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/05/23 15:46:17.0944 1980 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/05/23 15:46:17.0957 1980 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/23 15:46:17.0988 1980 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/23 15:46:18.0009 1980 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/05/23 15:46:18.0049 1980 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/05/23 15:46:18.0090 1980 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/05/23 15:46:18.0114 1980 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/05/23 15:46:18.0247 1980 BHDrvx64 (3b9b31981894123f78c4ef0d97184319) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110518.001\BHDrvx64.sys
2011/05/23 15:46:18.0285 1980 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/23 15:46:18.0319 1980 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/23 15:46:18.0335 1980 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/23 15:46:18.0346 1980 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/23 15:46:18.0365 1980 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/05/23 15:46:18.0386 1980 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/23 15:46:18.0401 1980 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/23 15:46:18.0421 1980 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/23 15:46:18.0442 1980 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/23 15:46:18.0464 1980 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/23 15:46:18.0494 1980 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/23 15:46:18.0516 1980 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/23 15:46:18.0546 1980 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/05/23 15:46:18.0579 1980 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/23 15:46:18.0595 1980 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/05/23 15:46:18.0620 1980 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/05/23 15:46:18.0634 1980 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/23 15:46:18.0684 1980 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/05/23 15:46:18.0707 1980 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/23 15:46:18.0751 1980 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/05/23 15:46:18.0771 1980 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/05/23 15:46:18.0793 1980 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/05/23 15:46:18.0821 1980 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/05/23 15:46:18.0851 1980 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/23 15:46:18.0912 1980 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/05/23 15:46:19.0015 1980 eeCtrl (eb0883462ac43829e47929d705d40933) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
2011/05/23 15:46:19.0060 1980 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/23 15:46:19.0096 1980 EraserUtilRebootDrv (86fc0d272f6bb43e7214d4ba955a41e7) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/05/23 15:46:19.0117 1980 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/05/23 15:46:19.0149 1980 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/05/23 15:46:19.0165 1980 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/05/23 15:46:19.0190 1980 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/23 15:46:19.0220 1980 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/05/23 15:46:19.0232 1980 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/05/23 15:46:19.0249 1980 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/23 15:46:19.0272 1980 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/05/23 15:46:19.0295 1980 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/05/23 15:46:19.0332 1980 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/05/23 15:46:19.0357 1980 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/23 15:46:19.0383 1980 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/23 15:46:19.0396 1980 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/23 15:46:19.0406 1980 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/23 15:46:19.0429 1980 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/05/23 15:46:19.0442 1980 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/23 15:46:19.0468 1980 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/05/23 15:46:19.0478 1980 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/23 15:46:19.0492 1980 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/23 15:46:19.0502 1980 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/23 15:46:19.0522 1980 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/23 15:46:19.0570 1980 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/05/23 15:46:19.0601 1980 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/05/23 15:46:19.0627 1980 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/23 15:46:19.0636 1980 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/23 15:46:19.0668 1980 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
2011/05/23 15:46:19.0702 1980 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
2011/05/23 15:46:19.0822 1980 IDSVia64 (8f9faa4583e634a1505bad8d0c04c5c9) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110518.001\IDSvia64.sys
2011/05/23 15:46:19.0853 1980 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/23 15:46:19.0908 1980 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
2011/05/23 15:46:19.0974 1980 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/05/23 15:46:19.0992 1980 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/23 15:46:20.0012 1980 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/23 15:46:20.0033 1980 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/05/23 15:46:20.0053 1980 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/05/23 15:46:20.0068 1980 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/05/23 15:46:20.0082 1980 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/05/23 15:46:20.0104 1980 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/23 15:46:20.0123 1980 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/23 15:46:20.0147 1980 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/23 15:46:20.0162 1980 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/23 15:46:20.0185 1980 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/23 15:46:20.0200 1980 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/05/23 15:46:20.0230 1980 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/23 15:46:20.0244 1980 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/23 15:46:20.0255 1980 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/23 15:46:20.0282 1980 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/23 15:46:20.0299 1980 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/23 15:46:20.0316 1980 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/05/23 15:46:20.0332 1980 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/23 15:46:20.0352 1980 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/23 15:46:20.0363 1980 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/05/23 15:46:20.0378 1980 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/23 15:46:20.0397 1980 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/23 15:46:20.0418 1980 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/23 15:46:20.0434 1980 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/05/23 15:46:20.0451 1980 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/05/23 15:46:20.0469 1980 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/23 15:46:20.0481 1980 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/05/23 15:46:20.0520 1980 mrxsmb (b7f3d2c40bdf8ffb73ebfb19c77734e2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/23 15:46:20.0541 1980 mrxsmb10 (86c6f88b5168ce21cf8d69d0b3ff5d19) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/23 15:46:20.0569 1980 mrxsmb20 (b081069251c8e9f42cb8769d07148f9c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/23 15:46:20.0597 1980 msahci (2ba4ff3d5eb68587dd662a896f649c7d) C:\Windows\system32\DRIVERS\msahci.sys
2011/05/23 15:46:20.0607 1980 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/05/23 15:46:20.0631 1980 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/05/23 15:46:20.0647 1980 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/23 15:46:20.0661 1980 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/05/23 15:46:20.0675 1980 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/23 15:46:20.0687 1980 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/23 15:46:20.0709 1980 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/05/23 15:46:20.0730 1980 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/05/23 15:46:20.0748 1980 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/23 15:46:20.0760 1980 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/05/23 15:46:20.0781 1980 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/23 15:46:20.0801 1980 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/05/23 15:46:20.0829 1980 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/23 15:46:20.0934 1980 NAVENG (f594e1acbbb3ba48586b5dd69b3a6bc2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110522.002\ENG64.SYS
2011/05/23 15:46:20.0976 1980 NAVEX15 (cfe00b55488acf0cd9f62b0401297864) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110522.002\EX64.SYS
2011/05/23 15:46:21.0042 1980 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/05/23 15:46:21.0097 1980 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/23 15:46:21.0128 1980 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/23 15:46:21.0138 1980 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/23 15:46:21.0156 1980 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/23 15:46:21.0177 1980 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/05/23 15:46:21.0190 1980 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/23 15:46:21.0207 1980 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/23 15:46:21.0237 1980 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/23 15:46:21.0273 1980 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/05/23 15:46:21.0286 1980 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/23 15:46:21.0336 1980 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
2011/05/23 15:46:21.0379 1980 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/05/23 15:46:21.0410 1980 NVHDA (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys
2011/05/23 15:46:21.0586 1980 nvlddmkm (2f1bc5c1320b07a7480240c4ca6f6387) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/05/23 15:46:21.0777 1980 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
2011/05/23 15:46:21.0800 1980 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
2011/05/23 15:46:21.0825 1980 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/05/23 15:46:21.0867 1980 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/05/23 15:46:21.0890 1980 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/05/23 15:46:21.0915 1980 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/05/23 15:46:21.0943 1980 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/05/23 15:46:21.0962 1980 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/05/23 15:46:21.0981 1980 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/23 15:46:21.0998 1980 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/05/23 15:46:22.0046 1980 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/05/23 15:46:22.0083 1980 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/23 15:46:22.0099 1980 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/05/23 15:46:22.0129 1980 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/23 15:46:22.0167 1980 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/23 15:46:22.0201 1980 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/23 15:46:22.0218 1980 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/23 15:46:22.0232 1980 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/23 15:46:22.0255 1980 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/23 15:46:22.0273 1980 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/23 15:46:22.0304 1980 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/23 15:46:22.0321 1980 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/23 15:46:22.0341 1980 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/23 15:46:22.0363 1980 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/23 15:46:22.0377 1980 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/23 15:46:22.0394 1980 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/23 15:46:22.0404 1980 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/23 15:46:22.0420 1980 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/05/23 15:46:22.0442 1980 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/05/23 15:46:22.0462 1980 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/23 15:46:22.0489 1980 RTL8167 (b15c021c2c9bb217a799d9532e8f04d4) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/05/23 15:46:22.0513 1980 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/05/23 15:46:22.0530 1980 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/23 15:46:22.0546 1980 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/23 15:46:22.0564 1980 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/23 15:46:22.0581 1980 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/05/23 15:46:22.0610 1980 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/23 15:46:22.0643 1980 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/05/23 15:46:22.0662 1980 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/05/23 15:46:22.0673 1980 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/05/23 15:46:22.0686 1980 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/23 15:46:22.0706 1980 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/23 15:46:22.0720 1980 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/23 15:46:22.0735 1980 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/05/23 15:46:22.0758 1980 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/05/23 15:46:22.0809 1980 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NISx64\1206000.01D\SRTSP64.SYS
2011/05/23 15:46:22.0834 1980 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NISx64\1206000.01D\SRTSPX64.SYS
2011/05/23 15:46:22.0894 1980 srv (148d50904d2a0df29a19778715eb35bb) C:\Windows\system32\DRIVERS\srv.sys
2011/05/23 15:46:22.0910 1980 srv2 (ce2189fe31d36678ac9eb7ddee08ec96) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/23 15:46:22.0926 1980 srvnet (cb69edeb069a49577592835659cd0e46) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/23 15:46:22.0937 1980 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/23 15:46:22.0956 1980 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/23 15:46:23.0001 1980 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS
2011/05/23 15:46:23.0028 1980 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS
2011/05/23 15:46:23.0064 1980 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2011/05/23 15:46:23.0084 1980 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS
2011/05/23 15:46:23.0104 1980 SymNetS (81d134628a98a22b6e054e971af525dc) C:\Windows\System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS
2011/05/23 15:46:23.0166 1980 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/05/23 15:46:23.0241 1980 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/23 15:46:23.0276 1980 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/23 15:46:23.0294 1980 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/05/23 15:46:23.0306 1980 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/05/23 15:46:23.0321 1980 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/23 15:46:23.0337 1980 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/23 15:46:23.0363 1980 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/23 15:46:23.0388 1980 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/23 15:46:23.0410 1980 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/23 15:46:23.0432 1980 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/23 15:46:23.0447 1980 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/05/23 15:46:23.0462 1980 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/23 15:46:23.0482 1980 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/23 15:46:23.0518 1980 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/23 15:46:23.0541 1980 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/05/23 15:46:23.0570 1980 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
2011/05/23 15:46:23.0586 1980 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/23 15:46:23.0606 1980 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
2011/05/23 15:46:23.0627 1980 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/23 15:46:23.0656 1980 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/23 15:46:23.0665 1980 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
2011/05/23 15:46:23.0695 1980 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/05/23 15:46:23.0717 1980 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/23 15:46:23.0733 1980 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/05/23 15:46:23.0753 1980 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/05/23 15:46:23.0786 1980 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/05/23 15:46:23.0800 1980 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/05/23 15:46:23.0822 1980 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/05/23 15:46:23.0843 1980 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/05/23 15:46:23.0871 1980 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/23 15:46:23.0895 1980 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/05/23 15:46:23.0911 1980 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/23 15:46:23.0933 1980 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/23 15:46:23.0938 1980 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/23 15:46:23.0961 1980 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/05/23 15:46:23.0982 1980 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/23 15:46:24.0006 1980 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/23 15:46:24.0022 1980 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/05/23 15:46:24.0059 1980 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/05/23 15:46:24.0081 1980 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/23 15:46:24.0098 1980 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/05/23 15:46:24.0111 1980 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/23 15:46:24.0194 1980 ================================================================================
2011/05/23 15:46:24.0194 1980 Scan finished
2011/05/23 15:46:24.0194 1980 ================================================================================
0
Réponse 3 / 20
Utilisateur anonyme
 

/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

__________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================

▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur

Telecharge ici : Combofix

Avant d'utiliser ComboFix :

Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n'est pas suffisante.
Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau

▶ Lance le

Une fenêtre apparait : clique sur "Disable"

▶ Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

_________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur combofix renommé

¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤

▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

0
Réponse 4 / 20
jopraloup
 
ComboFix 11-05-22.02 - Melijo 23/05/2011 17:15:42.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3959.2346 [GMT 2:00]
Lancé depuis: c:\users\Melijo\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\users\Melijo\AppData\Roaming\OfferBox
c:\users\Melijo\AppData\Roaming\OfferBox\config.xml
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-23 au 2011-05-23 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-23 15:18 . 2011-05-23 15:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 23:48 . 2011-05-17 23:48 -------- d-----w- c:\program files\CCleaner
2011-05-17 23:29 . 2011-05-17 23:29 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-17 23:29 . 2011-05-17 23:29 -------- d-----w- c:\program files\Java
2011-05-17 23:27 . 2011-05-17 23:27 -------- d-----w- c:\windows\en
2011-05-17 23:24 . 2011-05-17 23:24 -------- d-----w- c:\windows\fr
2011-05-17 23:20 . 2011-05-17 23:20 -------- dc----w- c:\windows\system32\DRVSTORE
2011-05-17 23:20 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-05-17 23:18 . 2011-05-17 23:18 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c2a845591cc14e805\MeshBetaRemover.exe
2011-05-17 23:13 . 2011-05-17 23:13 -------- d-----w- c:\program files (x86)\FileHippo.com
2011-05-17 23:13 . 2011-05-17 23:33 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-17 22:33 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-17 22:33 . 2011-05-17 22:33 -------- d-----w- c:\programdata\Malwarebytes
2011-05-17 22:33 . 2011-05-17 23:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-17 22:33 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-17 22:12 . 2011-05-17 22:12 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-05-17 22:01 . 2011-05-17 22:01 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-05-17 21:58 . 2011-05-18 00:03 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-05-11 11:32 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 11:32 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 11:32 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 11:32 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 11:32 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 11:32 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 11:32 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 11:32 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 11:32 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 11:32 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 00:50 . 2011-05-11 00:50 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-05-10 01:29 . 2011-05-10 01:29 -------- d-----w- c:\windows\SysWow64\Wat
2011-05-10 01:29 . 2011-05-10 01:29 -------- d-----w- c:\windows\system32\Wat
2011-05-10 01:09 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-05-10 01:09 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-05-10 01:03 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-05-10 01:03 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-05-10 01:03 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-10 01:03 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-05-10 01:03 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-05-10 01:03 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-05-10 01:03 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-10 01:03 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-05-10 01:03 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-10 01:03 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-05-10 01:03 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-05-10 00:20 . 2011-05-12 06:59 -------- d-----w- c:\windows\system32\drivers\NISx64\1206000.01D
2011-05-09 21:46 . 2011-05-09 21:46 -------- d-----w- c:\program files (x86)\Mad Skills Motocross
2011-05-09 21:31 . 2011-05-09 21:31 -------- d-----w- c:\programdata\Zylom
2011-05-09 21:23 . 2011-05-18 07:17 -------- d-----w- c:\program files (x86)\JDownloader
2011-05-09 21:23 . 2011-05-09 21:23 411368 ----a-w- c:\windows\SysWow64\deploytk.dll
2011-05-09 21:23 . 2011-05-09 21:23 -------- d-----w- c:\program files (x86)\Java
2011-05-09 20:32 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-05-09 20:32 . 2011-02-19 06:37 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-05-09 20:32 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-05-09 20:32 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-05-09 20:32 . 2011-02-19 05:32 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-05-09 14:11 . 2011-05-09 14:15 -------- d-----w- c:\programdata\Nero
2011-05-09 14:11 . 2011-05-09 14:11 -------- d-----w- c:\program files (x86)\Common Files\Nero
2011-05-09 14:11 . 2011-05-09 14:15 -------- d-----w- c:\program files (x86)\Nero
2011-05-09 11:57 . 2011-05-11 07:21 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-05-09 11:57 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-05-09 11:56 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2011-05-09 11:56 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-05-09 11:56 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll
2011-05-09 11:55 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\SysWow64\d3dx9_34.dll
2011-05-09 09:30 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-05-08 16:32 . 2011-03-19 19:00 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2011-05-08 16:32 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
2011-05-08 16:32 . 2008-09-24 18:41 839680 ----a-w- c:\windows\SysWow64\lameACM.acm
2011-05-08 16:32 . 2011-03-29 08:00 80896 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-05-08 16:32 . 2011-03-24 19:35 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-05-08 16:32 . 2011-03-24 19:28 631808 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-05-08 16:32 . 2010-11-03 18:08 237568 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2011-05-08 16:32 . 2011-05-08 16:32 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2011-05-08 16:26 . 2011-05-08 16:26 -------- d-----w- c:\program files (x86)\VideoLAN
2011-05-08 15:52 . 2011-05-08 15:52 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2011-05-08 14:41 . 2011-05-16 15:54 -------- d-----w- c:\program files (x86)\World of Warcraft
2011-05-08 14:41 . 2011-05-08 14:44 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2011-05-08 14:41 . 2011-05-09 15:42 -------- d-----w- c:\programdata\Blizzard Entertainment
2011-05-08 13:21 . 2011-05-08 13:21 -------- d-----w- c:\users\Public\Symantec
2011-05-08 13:21 . 2011-05-17 23:59 -------- d---a-w- c:\users\Melijo
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-11 14:52 . 2011-01-14 08:34 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-05-08 15:37 . 2010-06-24 19:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-04 06:17 . 2011-05-10 01:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-05-10 01:48 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-04-02 1234216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110518.001\BHDrvx64.sys [2011-04-29 1127032]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110518.001\IDSvia64.sys [2011-03-14 476792]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-21 92216]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-10 136824]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*Deregistered* - klmd25
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-17 c:\windows\Tasks\HPCeeScheduleForMelijo.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Melijo\AppData\Roaming\Mozilla\Firefox\Profiles\0y2o9k1h.default\
FF - prefs.js: browser.startup.homepage - fr.blackle.com/
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8} - c:\program files (x86)\InstallShield Installation Information\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 20
Utilisateur anonyme
 
▶ Télécharge : Gmer (by Przemyslaw Gmerek) et enregistre-le sur ton bureau

Desactive toutes tes protections le temps du scan de gMer

Pour XP => double clique sur gmer.exe
Pour Vista et 7 => clique droit "executer en tant que...."

▶ clique sur l'onglet rootkit,lances le scan,des lignes rouges vont apparaitre.

▶ Les lignes rouges indiquent la presence d'un rootkit.Postes moi le rapport gmer (cliques sur copy,puis vas dans demarrer ,puis ouvres le bloc note,vas dans edition et cliques sur coller,le rapport gmer va apparaitre,postes moi le)
0
Réponse 6 / 20
jopraloup
 
ComboFix 11-05-22.02 - Melijo 23/05/2011 17:15:42.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3959.2346 [GMT 2:00]
Lancé depuis: c:\users\Melijo\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\users\Melijo\AppData\Roaming\OfferBox
c:\users\Melijo\AppData\Roaming\OfferBox\config.xml
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-23 au 2011-05-23 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-23 15:18 . 2011-05-23 15:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 23:48 . 2011-05-17 23:48 -------- d-----w- c:\program files\CCleaner
2011-05-17 23:29 . 2011-05-17 23:29 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-17 23:29 . 2011-05-17 23:29 -------- d-----w- c:\program files\Java
2011-05-17 23:27 . 2011-05-17 23:27 -------- d-----w- c:\windows\en
2011-05-17 23:24 . 2011-05-17 23:24 -------- d-----w- c:\windows\fr
2011-05-17 23:20 . 2011-05-17 23:20 -------- dc----w- c:\windows\system32\DRVSTORE
2011-05-17 23:20 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-05-17 23:18 . 2011-05-17 23:18 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c2a845591cc14e805\MeshBetaRemover.exe
2011-05-17 23:13 . 2011-05-17 23:13 -------- d-----w- c:\program files (x86)\FileHippo.com
2011-05-17 23:13 . 2011-05-17 23:33 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-17 22:33 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-17 22:33 . 2011-05-17 22:33 -------- d-----w- c:\programdata\Malwarebytes
2011-05-17 22:33 . 2011-05-17 23:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-17 22:33 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-17 22:12 . 2011-05-17 22:12 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-05-17 22:01 . 2011-05-17 22:01 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-05-17 21:58 . 2011-05-18 00:03 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-05-11 11:32 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 11:32 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 11:32 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 11:32 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 11:32 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 11:32 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 11:32 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 11:32 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 11:32 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 11:32 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 00:50 . 2011-05-11 00:50 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-05-10 01:29 . 2011-05-10 01:29 -------- d-----w- c:\windows\SysWow64\Wat
2011-05-10 01:29 . 2011-05-10 01:29 -------- d-----w- c:\windows\system32\Wat
2011-05-10 01:09 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-05-10 01:09 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-05-10 01:03 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-05-10 01:03 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-05-10 01:03 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-10 01:03 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-05-10 01:03 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-05-10 01:03 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-05-10 01:03 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-10 01:03 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-05-10 01:03 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-10 01:03 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-05-10 01:03 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-05-10 00:20 . 2011-05-12 06:59 -------- d-----w- c:\windows\system32\drivers\NISx64\1206000.01D
2011-05-09 21:46 . 2011-05-09 21:46 -------- d-----w- c:\program files (x86)\Mad Skills Motocross
2011-05-09 21:31 . 2011-05-09 21:31 -------- d-----w- c:\programdata\Zylom
2011-05-09 21:23 . 2011-05-18 07:17 -------- d-----w- c:\program files (x86)\JDownloader
2011-05-09 21:23 . 2011-05-09 21:23 411368 ----a-w- c:\windows\SysWow64\deploytk.dll
2011-05-09 21:23 . 2011-05-09 21:23 -------- d-----w- c:\program files (x86)\Java
2011-05-09 20:32 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-05-09 20:32 . 2011-02-19 06:37 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-05-09 20:32 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-05-09 20:32 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-05-09 20:32 . 2011-02-19 05:32 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-05-09 14:11 . 2011-05-09 14:15 -------- d-----w- c:\programdata\Nero
2011-05-09 14:11 . 2011-05-09 14:11 -------- d-----w- c:\program files (x86)\Common Files\Nero
2011-05-09 14:11 . 2011-05-09 14:15 -------- d-----w- c:\program files (x86)\Nero
2011-05-09 11:57 . 2011-05-11 07:21 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-05-09 11:57 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-05-09 11:56 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2011-05-09 11:56 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-05-09 11:56 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll
2011-05-09 11:55 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\SysWow64\d3dx9_34.dll
2011-05-09 09:30 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-05-08 16:32 . 2011-03-19 19:00 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2011-05-08 16:32 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
2011-05-08 16:32 . 2008-09-24 18:41 839680 ----a-w- c:\windows\SysWow64\lameACM.acm
2011-05-08 16:32 . 2011-03-29 08:00 80896 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-05-08 16:32 . 2011-03-24 19:35 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-05-08 16:32 . 2011-03-24 19:28 631808 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-05-08 16:32 . 2010-11-03 18:08 237568 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2011-05-08 16:32 . 2011-05-08 16:32 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2011-05-08 16:26 . 2011-05-08 16:26 -------- d-----w- c:\program files (x86)\VideoLAN
2011-05-08 15:52 . 2011-05-08 15:52 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2011-05-08 14:41 . 2011-05-16 15:54 -------- d-----w- c:\program files (x86)\World of Warcraft
2011-05-08 14:41 . 2011-05-08 14:44 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2011-05-08 14:41 . 2011-05-09 15:42 -------- d-----w- c:\programdata\Blizzard Entertainment
2011-05-08 13:21 . 2011-05-08 13:21 -------- d-----w- c:\users\Public\Symantec
2011-05-08 13:21 . 2011-05-17 23:59 -------- d---a-w- c:\users\Melijo
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-11 14:52 . 2011-01-14 08:34 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-05-08 15:37 . 2010-06-24 19:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-04 06:17 . 2011-05-10 01:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-05-10 01:48 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-04-02 1234216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110518.001\BHDrvx64.sys [2011-04-29 1127032]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110518.001\IDSvia64.sys [2011-03-14 476792]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-21 92216]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-10 136824]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*Deregistered* - klmd25
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-17 c:\windows\Tasks\HPCeeScheduleForMelijo.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Melijo\AppData\Roaming\Mozilla\Firefox\Profiles\0y2o9k1h.default\
FF - prefs.js: browser.startup.homepage - fr.blackle.com/
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8} - c:\program files (x86)\InstallShield Installation Information\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
0
Réponse 7 / 20
Utilisateur anonyme
 
?
0
Réponse 8 / 20
jopraloup
 
cquand je les mis en route pas de ligne message a la fin gmer has'nt
0
Réponse 9 / 20
Utilisateur anonyme
 
clic sur scan , laisse faire

à la fin clic sur copy , ouvre un nouvau document texte , colle dedans , enregistre , et poste-le via cijoint.fr
0
Réponse 10 / 20
jopraloup
 
j'ai essaye il ne veu pas coller et il me marque a la fin du scan GMER hasn't found any system modification
0
Réponse 11 / 20
Utilisateur anonyme
 
comment se fait-il que combofix ne soit pas renommé comme je l'ai demandé *?
0
Réponse 12 / 20
jopraloup
 
c'est bon je viens de le renommer et refait la simulation

ComboFix 11-05-22.02 - Melijo 23/05/2011 18:32:40.2.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3959.2462 [GMT 2:00]
Lancé depuis: c:\users\Melijo\Desktop\Jopraloup.exe
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-23 au 2011-05-23 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-23 16:35 . 2011-05-23 16:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 23:48 . 2011-05-17 23:48 -------- d-----w- c:\program files\CCleaner
2011-05-17 23:29 . 2011-05-17 23:29 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-17 23:29 . 2011-05-17 23:29 -------- d-----w- c:\program files\Java
2011-05-17 23:27 . 2011-05-17 23:27 -------- d-----w- c:\windows\en
2011-05-17 23:24 . 2011-05-17 23:24 -------- d-----w- c:\windows\fr
2011-05-17 23:20 . 2011-05-17 23:20 -------- dc----w- c:\windows\system32\DRVSTORE
2011-05-17 23:20 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-05-17 23:18 . 2011-05-17 23:18 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c2a845591cc14e805\MeshBetaRemover.exe
2011-05-17 23:13 . 2011-05-17 23:13 -------- d-----w- c:\program files (x86)\FileHippo.com
2011-05-17 23:13 . 2011-05-17 23:33 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-17 22:33 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-17 22:33 . 2011-05-17 22:33 -------- d-----w- c:\programdata\Malwarebytes
2011-05-17 22:33 . 2011-05-17 23:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-17 22:33 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-17 22:12 . 2011-05-17 22:12 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-05-17 22:01 . 2011-05-17 22:01 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-05-17 21:58 . 2011-05-18 00:03 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-05-11 11:32 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 11:32 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 11:32 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 11:32 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 11:32 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 11:32 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 11:32 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 11:32 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 11:32 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 11:32 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 00:50 . 2011-05-11 00:50 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-05-10 01:29 . 2011-05-10 01:29 -------- d-----w- c:\windows\SysWow64\Wat
2011-05-10 01:29 . 2011-05-10 01:29 -------- d-----w- c:\windows\system32\Wat
2011-05-10 01:09 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-05-10 01:09 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-05-10 01:03 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-05-10 01:03 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-05-10 01:03 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-10 01:03 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-05-10 01:03 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-05-10 01:03 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-05-10 01:03 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-10 01:03 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-05-10 01:03 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-10 01:03 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-05-10 01:03 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-05-10 00:20 . 2011-05-12 06:59 -------- d-----w- c:\windows\system32\drivers\NISx64\1206000.01D
2011-05-09 21:46 . 2011-05-09 21:46 -------- d-----w- c:\program files (x86)\Mad Skills Motocross
2011-05-09 21:31 . 2011-05-09 21:31 -------- d-----w- c:\programdata\Zylom
2011-05-09 21:23 . 2011-05-18 07:17 -------- d-----w- c:\program files (x86)\JDownloader
2011-05-09 21:23 . 2011-05-09 21:23 411368 ----a-w- c:\windows\SysWow64\deploytk.dll
2011-05-09 21:23 . 2011-05-09 21:23 -------- d-----w- c:\program files (x86)\Java
2011-05-09 20:32 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-05-09 20:32 . 2011-02-19 06:37 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-05-09 20:32 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-05-09 20:32 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-05-09 20:32 . 2011-02-19 05:32 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-05-09 14:11 . 2011-05-09 14:15 -------- d-----w- c:\programdata\Nero
2011-05-09 14:11 . 2011-05-09 14:11 -------- d-----w- c:\program files (x86)\Common Files\Nero
2011-05-09 14:11 . 2011-05-09 14:15 -------- d-----w- c:\program files (x86)\Nero
2011-05-09 11:57 . 2011-05-11 07:21 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-05-09 11:57 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-05-09 11:56 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2011-05-09 11:56 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-05-09 11:56 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll
2011-05-09 11:55 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\SysWow64\d3dx9_34.dll
2011-05-09 09:30 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-05-08 16:32 . 2011-03-19 19:00 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2011-05-08 16:32 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
2011-05-08 16:32 . 2008-09-24 18:41 839680 ----a-w- c:\windows\SysWow64\lameACM.acm
2011-05-08 16:32 . 2011-03-29 08:00 80896 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-05-08 16:32 . 2011-03-24 19:35 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-05-08 16:32 . 2011-03-24 19:28 631808 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-05-08 16:32 . 2010-11-03 18:08 237568 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2011-05-08 16:32 . 2011-05-08 16:32 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2011-05-08 16:26 . 2011-05-08 16:26 -------- d-----w- c:\program files (x86)\VideoLAN
2011-05-08 15:52 . 2011-05-08 15:52 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2011-05-08 14:41 . 2011-05-16 15:54 -------- d-----w- c:\program files (x86)\World of Warcraft
2011-05-08 14:41 . 2011-05-08 14:44 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2011-05-08 14:41 . 2011-05-09 15:42 -------- d-----w- c:\programdata\Blizzard Entertainment
2011-05-08 13:21 . 2011-05-08 13:21 -------- d-----w- c:\users\Public\Symantec
2011-05-08 13:21 . 2011-05-23 16:30 -------- d---a-w- c:\users\Melijo
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-11 14:52 . 2011-01-14 08:34 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-05-08 15:37 . 2010-06-24 19:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-04 06:17 . 2011-05-10 01:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-05-10 01:48 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-23_15.18.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-05-09 11:12 . 2011-05-23 15:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-09 11:12 . 2011-05-23 16:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-09 11:12 . 2011-05-23 16:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-09 11:12 . 2011-05-23 15:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-04-02 1234216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110518.001\BHDrvx64.sys [2011-04-29 1127032]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110518.001\IDSvia64.sys [2011-03-14 476792]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-21 92216]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-10 136824]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*Deregistered* - klmd25
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-17 c:\windows\Tasks\HPCeeScheduleForMelijo.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Melijo\AppData\Roaming\Mozilla\Firefox\Profiles\0y2o9k1h.default\
FF - prefs.js: browser.startup.homepage - fr.blackle.com/
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
0
Réponse 13 / 20
Utilisateur anonyme
 
c'est à toi ca ?

c:\users\Melijo
0
Réponse 14 / 20
jopraloup
 
oui
0
Réponse 15 / 20
jopraloup
 
j'arrive a avoir ca sa avec gmer

GMER 1.0.15.15627 - http://www.gmer.net
Rootkit scan 2011-05-23 19:05:36
Windows 6.1.7600
Running: gmer.exe

---- Services - GMER 1.0.15 ----

Service .NET CLR Data
Service .NET CLR Networking
Service .NET CLR Networking 4.0.0.0
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service system32\DRIVERS\1394ohci.sys (1394 OpenHCI Driver/Microsoft Corporation) [MANUAL] 1394ohci
Service system32\DRIVERS\ACPI.sys (Pilote ACPI pour NT/Microsoft Corporation) [BOOT] ACPI
Service system32\DRIVERS\acpipmi.sys (ACPI Power Metering Driver/Microsoft Corporation) [MANUAL] AcpiPmi
Service system32\DRIVERS\adp94xx.sys (Adaptec Windows SAS/SATA Storport Driver/Adaptec, Inc.) [MANUAL] adp94xx
Service system32\DRIVERS\adpahci.sys (Adaptec Windows SATA Storport Driver/Adaptec, Inc.) [MANUAL] adpahci
Service system32\DRIVERS\adpu320.sys (Adaptec StorPort Ultra320 SCSI Driver (X64)/Adaptec, Inc.) [MANUAL] adpu320
Service adsi
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] AeLookupSvc
Service system32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service system32\DRIVERS\agp440.sys (Filtre AGP 440 NT/Microsoft Corporation) [MANUAL] agp440
Service C:\Windows\System32\alg.exe (Service de la passerelle de la couche Application/Microsoft Corporation) [MANUAL] ALG
Service system32\DRIVERS\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.) [MANUAL] aliide
Service system32\DRIVERS\amdide.sys (Pilote IDE AMD/Microsoft Corporation) [MANUAL] amdide
Service system32\DRIVERS\amdk8.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] AmdK8
Service system32\DRIVERS\amdppm.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] AmdPPM
Service system32\drivers\amdsata.sys (AHCI 1.2 Device Driver/Advanced Micro Devices) [MANUAL] amdsata
Service system32\DRIVERS\amdsbs.sys (AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform/AMD Technologies Inc.) [MANUAL] amdsbs
Service system32\drivers\amdxata.sys (Storage Filter Driver/Advanced Micro Devices) [BOOT] amdxata
Service system32\drivers\appid.sys (AppID Driver/Microsoft Corporation) [MANUAL] AppID
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] AppIDSvc
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] Appinfo
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) AppMgmt
Service system32\DRIVERS\arc.sys (Adaptec RAID Storport Driver/Adaptec, Inc.) [MANUAL] arc
Service system32\DRIVERS\arcsas.sys (Adaptec SAS RAID WS03 Driver/Adaptec, Inc.) [MANUAL] arcsas
Service system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service system32\DRIVERS\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation) [MANUAL] atapi
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] AudioEndpointBuilder
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] AudioSrv
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] AxInstSV
Service system32\DRIVERS\bxvbda.sys (Broadcom NetXtreme II GigE VBD/Broadcom Corporation) [MANUAL] b06bdrv
Service system32\DRIVERS\b57nd60a.sys (Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver./Broadcom Corporation) [MANUAL] b57nd60a
Service (Battery Class Driver/Microsoft Corporation) BattC
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] BDESVC
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] BFE
Service C:\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110518.001\BHDrvx64.sys [SYSTEM] BHDrvx64
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] BITS
Service system32\DRIVERS\blbdrive.sys (BLB Drive Driver/Microsoft Corporation) [SYSTEM] blbdrive
Service system32\DRIVERS\bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation) [MANUAL] bowser
Service system32\DRIVERS\BrFiltLo.sys (Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltLo
Service system32\DRIVERS\BrFiltUp.sys (Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltUp
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] Browser
Service System32\Drivers\Brserid.sys (Pilote Brother Série I/F (WDM)/Brother Industries Ltd.) [MANUAL] Brserid
Service System32\Drivers\BrSerWdm.sys (Brother Serial driver (WDM version)/Brother Industries Ltd.) [MANUAL] BrSerWdm
Service System32\Drivers\BrUsbMdm.sys (Brother USB MDM Driver /Brother Industries Ltd.) [MANUAL] BrUsbMdm
Service System32\Drivers\BrUsbSer.sys (Brother USB Serial Driver/Brother Industries Ltd.) [MANUAL] BrUsbSer
Service system32\DRIVERS\bthmodem.sys (Bluetooth Communications Driver/Microsoft Corporation) [MANUAL] BTHMODEM
Service BTHPORT
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] bthserv
Service C:\ComboFix\catchme.sys [MANUAL] catchme
Service system32\DRIVERS\cdfs.sys (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] cdfs
Service system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] cdrom
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] CertPropSvc
Service system32\DRIVERS\circlass.sys (Consumer IR Class Driver for eHome/Microsoft Corporation) [MANUAL] circlass
Service System32\CLFS.sys (Common Log File System Driver/Microsoft Corporation) [BOOT] CLFS
Service C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [DISABLED] clr_optimization_v2.0.50727_32
Service C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [DISABLED] clr_optimization_v2.0.50727_64
Service C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [AUTO] clr_optimization_v4.0.30319_32
Service C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [AUTO] clr_optimization_v4.0.30319_64
Service system32\DRIVERS\CmBatt.sys (Control Method Battery Driver/Microsoft Corporation) [MANUAL] CmBatt
Service system32\DRIVERS\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.) [MANUAL] cmdide
Service System32\Drivers\cng.sys (Kernel Cryptography, Next Generation/Microsoft Corporation) [BOOT] CNG
Service system32\DRIVERS\compbatt.sys (Composite Battery Driver/Microsoft Corporation) [MANUAL] Compbatt
Service system32\DRIVERS\CompositeBus.sys (Multi-Transport Composite Bus Enumerator/Microsoft Corporation) [MANUAL] CompositeBus
Service C:\Windows\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service system32\DRIVERS\crcdisk.sys (Disk Block Verification Filter Driver/Microsoft Corporation) [DISABLED] crcdisk
Service crypt32
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] CryptSvc
Service DCLocator
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] defragsvc
Service System32\Drivers\dfsc.sys (DFS Namespace Client Driver/Microsoft Corporation) [SYSTEM] DfsC
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] Dhcp
Service System32\drivers\discache.sys (System Indexer/Cache Driver/Microsoft Corporation) [SYSTEM] discache
Service system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] Dnscache
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] dot3svc
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] DPS
Service system32\drivers\drmkaud.sys (Microsoft Trusted Audio Drivers/Microsoft Corporation) [MANUAL] drmkaud
Service System32\drivers\dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) [MANUAL] DXGKrnl
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] EapHost
Service system32\DRIVERS\evbda.sys (Broadcom NetXtreme II 10 GigE VBD/Broadcom Corporation) [MANUAL] ebdrv
Service C:\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [SYSTEM] eeCtrl
Service C:\Windows\System32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] EFS
Service C:\Windows\ehome\ehRecvr.exe (Service de réception Windows Media Center/Microsoft Corporation) [MANUAL] ehRecvr
Service C:\Windows\ehome\ehsched.exe (Service de planification Windows Media Center/Microsoft Corporation) [MANUAL] ehSched
Service system32\DRIVERS\elxstor.sys (Storport Miniport Driver for LightPulse HBAs/Emulex) [MANUAL] elxstor
Service C:\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [MANUAL] EraserUtilRebootDrv
Service system32\DRIVERS\errdev.sys (Error Device Driver/Microsoft Corporation) [MANUAL] ErrDev
Service ESENT
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] eventlog
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] EventSystem
Service (Microsoft Extended FAT File System/Microsoft Corporation) [MANUAL] exfat
Service C:\Windows\System32\ezSharedSvcHost.exe [AUTO] ezSharedSvc
Service (Fast FAT File System Driver/Microsoft Corporation) [MANUAL] fastfat
Service C:\Windows\system32\fxssvc.exe (Fax Service/Microsoft Corporation) [MANUAL] Fax
Service system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [MANUAL] fdc
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] fdPHost
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] FDResPub
Service system32\drivers\fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation) [BOOT] FileInfo
Service system32\drivers\filetrace.sys (File Trace Filter Driver/Microsoft Corporation) [MANUAL] Filetrace
Service system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) [MANUAL] flpydisk
Service system32\drivers\fltmgr.sys (Gestionnaire de filtres de système de fichiers Microsoft/Microsoft Corporation) [BOOT] FltMgr
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] FontCache
Service C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (PresentationFontCache.exe/Microsoft Corporation) [MANUAL] FontCache3.0.0.0
Service System32\drivers\FsDepends.sys (File System Dependency Manager Mini Filter Driver/Microsoft Corporation) [MANUAL] FsDepends
Service system32\DRIVERS\fssfltr.sys (Family Safety Filter Driver (WFP Callout)/Microsoft Corporation) [MANUAL] fssfltr
Service C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (Windows Live Family Safety Service/Microsoft Corporation) [MANUAL] fsssvc
Service (File System Recognizer Driver/Microsoft Corporation) [BOOT] Fs_Rec
Service System32\DRIVERS\fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) [BOOT] fvevol
Service system32\DRIVERS\gagp30kx.sys (Filtre AGPv3.0 générique Microsoft pour plateformes de processeur K8/9/Microsoft Corporation) [MANUAL] gagp30kx
Service C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (GameConsoleService/WildTangent, Inc.) [MANUAL] GameConsoleService
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] gpsvc
Service system32\drivers\hcw85cir.sys (Hauppauge WinTV 885 Consumer IR Driver for eHome/Hauppauge Computer Works, Inc.) [MANUAL] hcw85cir
Service system32\drivers\HdAudio.sys (High Definition Audio Function Driver/Microsoft Corporation) [MANUAL] HdAudAddService
Service system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver/Microsoft Corporation) [MANUAL] HDAudBus
Service system32\DRIVERS\HECIx64.sys (Intel(R) Management Engine Interface/Intel Corporation) [MANUAL] HECIx64
Service system32\DRIVERS\HidBatt.sys (Hid Battery Driver/Microsoft Corporation) [MANUAL] HidBatt
Service system32\DRIVERS\hidbth.sys (Pilote de miniport Bluetooth pour les périphériques HID/Microsoft Corporation) [MANUAL] HidBth
Service system32\DRIVERS\hidir.sys (Infrared Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidIr
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] hidserv
Service system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidUsb
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] hkmsvc
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] HomeGroupListener
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] HomeGroupProvider
Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (HP Support Assistant/Hewlett-Packard Company) [AUTO] HP Health Check Service
Service C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (HP Usage Improvement Tracking/Hewlett-Packard) [AUTO] HPAuto
Service C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (HP Client Services/Hewlett-Packard Company) [AUTO] HPClientSvc
Service C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (HP Quick Synchronization Service/Hewlett-Packard Company) [AUTO] HPDrvMntSvc.exe
Service C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (hpqwmiex Module/Hewlett-Packard Company) [MANUAL] hpqwmiex
Service system32\DRIVERS\HpSAMD.sys (Smart Array SAS/SATA Controller Media Driver/Hewlett-Packard Company) [MANUAL] HpSAMD
Service system32\drivers\HTTP.sys (HTTP Pile du protocole/Microsoft Corporation) [MANUAL] HTTP
Service System32\drivers\hwpolicy.sys (Hardware Policy Driver/Microsoft Corporation) [BOOT] hwpolicy
Service system32\DRIVERS\i8042prt.sys (Pilote de port i8042/Microsoft Corporation) [MANUAL] i8042prt
Service system32\DRIVERS\iaStor.sys (Intel Rapid Storage Technology driver - x64/Intel Corporation) [BOOT] iaStor
Service C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (IAStorDataSvc/Intel Corporation) [AUTO] IAStorDataMgrSvc
Service system32\drivers\iaStorV.sys (Intel Matrix Storage Manager driver - x64/Intel Corporation) [MANUAL] iaStorV
Service C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Windows CardSpace/Microsoft Corporation) [MANUAL] idsvc
Service C:\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110518.001\IDSvia64.sys [SYSTEM] IDSVia64
Service system32\DRIVERS\iirsp.sys (Intel/ICP Raid Storport Driver/Intel Corp./ICP vortex GmbH) [MANUAL] iirsp
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] IKEEXT
Service inetaccs
Service system32\drivers\RTKVHD64.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService
Service system32\DRIVERS\intelide.sys (Intel PCI IDE Driver/Microsoft Corporation) [MANUAL] intelide
Service system32\DRIVERS\intelppm.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] intelppm
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] IPBusEnum
Service system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] iphlpsvc
Service system32\DRIVERS\IPMIDrv.sys (PILOT IPMI WMI/Microsoft Corporation) [MANUAL] IPMIDRV
Service System32\drivers\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IPNAT
Service system32\drivers\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service system32\DRIVERS\isapnp.sys (Pilote de bus PNP ISA/Microsoft Corporation) [MANUAL] isapnp
Service system32\DRIVERS\msiscsi.sys (Microsoft iSCSI Initiator Driver/Microsoft Corporation) [MANUAL] iScsiPrt
Service system32\DRIVERS\kbdclass.sys (Pilote de la classe Clavier/Microsoft Corporation) [MANUAL] kbdclass
Service system32\DRIVERS\kbdhid.sys (Pilote de filtre clavier HID/Microsoft Corporation) [MANUAL] kbdhid
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] KeyIso
Service System32\Drivers\ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service System32\Drivers\ksecpkg.sys (Kernel Security Support Provider Interface Packages/Microsoft Corporation) [BOOT] KSecPkg
Service system32\drivers\ksthunk.sys (Kernel Streaming WOW Thunk Service/Microsoft Corporation) [MANUAL] ksthunk
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] KtmRm
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] LanmanServer
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] LanmanWorkstation
Service ldap
Service c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (LightScribe Service/Hewlett-Packard Company) [AUTO] LightScribeService
Service system32\DRIVERS\lltdio.sys (Link-Layer Topology Mapper I/O Driver/Microsoft Corporation) [AUTO] lltdio
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] lltdsvc
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] lmhosts
Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Local Manageability Service/Intel Corporation) [AUTO] LMS
Service Lsa
Service system32\DRIVERS\lsi_fc.sys (LSI Fusion-MPT FC Driver (StorPort)/LSI Corporation) [MANUAL] LSI_FC
Service system32\DRIVERS\lsi_sas.sys (LSI Fusion-MPT SAS Driver (StorPort)/LSI Corporation) [MANUAL] LSI_SAS
Service system32\DRIVERS\lsi_sas2.sys (LSI SAS Gen2 Driver (StorPort)/LSI Corporation) [MANUAL] LSI_SAS2
Service system32\DRIVERS\lsi_scsi.sys (LSI Fusion-MPT SCSI Driver (StorPort)/LSI Corporation) [MANUAL] LSI_SCSI
Service system32\drivers\luafv.sys (Pilote de filtre de virtualisation de fichier LUA/Microsoft Corporation) [AUTO] luafv
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [DISABLED] Mcx2Svc
Service system32\DRIVERS\megasas.sys (MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64/LSI Corporation) [MANUAL] megasas
Service system32\DRIVERS\MegaSR.sys (LSI MegaRAID Software RAID Driver/LSI Corporation, Inc.) [MANUAL] MegaSR
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] MMCSS
Service system32\drivers\modem.sys (Pilote de périphérique modem/Microsoft Corporation) [MANUAL] Modem
Service system32\DRIVERS\monitor.sys (Monitor Driver/Microsoft Corporation) [MANUAL] monitor
Service system32\DRIVERS\mouclass.sys (Pilote de la classe Souris/Microsoft Corporation) [MANUAL] mouclass
Service system32\DRIVERS\mouhid.sys (Pilote de filtre souris HID/Microsoft Corporation) [MANUAL] mouhid
Service System32\drivers\mountmgr.sys (Gestionnaire des points de montage/Microsoft Corporation) [BOOT] mountmgr
Service system32\DRIVERS\mpio.sys (Pilote du bus de prise en charge des chemins d'accès multiples/Microsoft Corporation) [MANUAL] mpio
Service System32\drivers\mpsdrv.sys (Microsoft Protection Service Driver/Microsoft Corporation) [MANUAL] mpsdrv
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] MpsSvc
Service system32\drivers\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [MANUAL] mrxsmb
Service system32\DRIVERS\mrxsmb10.sys (Longhorn SMB Downlevel SubRdr/Microsoft Corporation) [MANUAL] mrxsmb10
Service system32\DRIVERS\mrxsmb20.sys (Longhorn SMB 2.0 Redirector/Microsoft Corporation) [MANUAL] mrxsmb20
Service system32\DRIVERS\msahci.sys (MS AHCI 1.0 Standard Driver/Microsoft Corporation) [MANUAL] msahci
Service system32\DRIVERS\msdsm.sys (Module spécifique de périphériques Microsoft/Microsoft Corporation) [MANUAL] msdsm
Service C:\Windows\System32\msdtc.exe (Service Microsoft Distributed Transaction Coordinator/Microsoft Corporation) [MANUAL] MSDTC
Service MSDTC Bridge 3.0.0.0
Service MSDTC Bridge 4.0.0.0
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service System32\drivers\mshidkmdf.sys (Pass-through HID to KMDF Filter Driver/Microsoft Corporation) [MANUAL] mshidkmdf
Service system32\DRIVERS\msisadrv.sys (ISA Driver/Microsoft Corporation) [BOOT] msisadrv
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] MSiSCSI
Service C:\Windows\system32\msiexec.exe (Installateur Windows®/Microsoft Corporation) [MANUAL] msiserver
Service system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service (Kernel Remote Procedure Call Provider/Microsoft Corporation) [MANUAL] MsRPC
Service MSSCNTRS
Service system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [SYSTEM] mssmbios
Service system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service system32\DRIVERS\MTConfig.sys (Pilote HID multipoint Microsoft/Microsoft Corporation) [MANUAL] MTConfig
Service System32\Drivers\mup.sys (Multiple UNC Provider Driver/Microsoft Corporation) [BOOT] Mup
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] napagent
Service system32\DRIVERS\nwifi.sys (Pilote de miniport WiFi natif/Microsoft Corporation) [MANUAL] NativeWifiP
Service C:\Program Files (x86)\Nero\Update\NASvc.exe (NeroUpdate/Nero AG) [AUTO] NAUpdate
Service C:\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110522.002\ENG64.SYS [MANUAL] NAVENG
Service C:\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110522.002\EX64.SYS [MANUAL] NAVEX15
Service system32\drivers\ndis.sys (Pilote NDIS 6.20/Microsoft Corporation) [BOOT] NDIS
Service system32\DRIVERS\ndiscap.sys (NDIS Packet Capture Filter Driver/Microsoft Corporation) [MANUAL] NdisCap
Service system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service system32\DRIVERS\ndisuio.sys (Pilote d'E/S du mode utilisateur NDIS/Microsoft Corporation) [MANUAL] Ndisuio
Service system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service System32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] Netlogon
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] Netman
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] netprofm
Service C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetTcpPortSharing
Service system32\DRIVERS\nfrd960.sys (IBM ServeRAID Controller Driver/IBM Corporation) [MANUAL] nfrd960
Service C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Service Framework/Symantec Corporation) [AUTO] NIS
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] NlaSvc
Service C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Norton Online Backup Service/Symantec Corporation) [AUTO] NOBU
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] nsi
Service system32\drivers\nsiproxy.sys (NSI Proxy/Microsoft Corporation) [SYSTEM] nsiproxy
Service NTDS
Service (Pilote du système de fichiers NT/Microsoft Corporation) [MANUAL] Ntfs
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service system32\drivers\nvhda64v.sys (NVIDIA HDMI Audio Driver/NVIDIA Corporation) [MANUAL] NVHDA
Service system32\DRIVERS\nvlddmkm.sys (NVIDIA Windows Kernel Mode Driver, Version 259.65 /NVIDIA Corporation) [MANUAL] nvlddmkm
Service system32\drivers\nvraid.sys (NVIDIA® nForce(TM) RAID Driver/NVIDIA Corporation) [MANUAL] nvraid
Service system32\drivers\nvstor.sys (NVIDIA® nForce(TM) Sata Performance Driver/NVIDIA Corporation) [MANUAL] nvstor
Service C:\Windows\system32\nvvsvc.exe (NVIDIA Driver Helper Service, Version 259.65/NVIDIA Corporation) [AUTO] nvsvc
Service system32\DRIVERS\nv_agp.sys (Filtre AGP NForce NT/Microsoft Corporation) [MANUAL] nv_agp
Service system32\DRIVERS\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) [MANUAL] ohci1394
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] p2pimsvc
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] p2psvc
Service system32\DRIVERS\parport.sys (Pilote de port parallèle/Microsoft Corporation) [MANUAL] Parport
Service System32\drivers\partmgr.sys (Partition Management Driver/Microsoft Corporation) [BOOT] partmgr
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] PcaSvc
Service system32\DRIVERS\pci.sys (Énumérateur Plug-and-Play PCI pour NT/Microsoft Corporation) [BOOT] pci
Service system32\DRIVERS\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [MANUAL] pciide
Service system32\DRIVERS\pcmcia.sys (Pilote de bus PCMCIA/Microsoft Corporation) [MANUAL] pcmcia
Service System32\drivers\pcw.sys (Performance Counters for Windows Driver/Microsoft Corporation) [BOOT] pcw
Service C:\Program [AUTO] pdfcDispatcher
Service system32\drivers\peauth.sys (Protected Environment Authentication and Authorization Export Driver/Microsoft Corporation) [AUTO] PEAUTH
Service PerfDisk
Service C:\Windows\SysWow64\perfhost.exe (Hôte de DLL de compteur de performance/Microsoft Corporation) [MANUAL] PerfHost
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] pla
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] PlugPlay
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] PNRPAutoReg
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] PNRPsvc
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] PolicyAgent
Service PortProxy
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] Power
Service system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service system32\DRIVERS\processr.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] Processor
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] ProfSvc
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] ProtectedStorage
Service system32\DRIVERS\pacer.sys (Planificateur de paquets QoS/Microsoft Corporation) [SYSTEM] Psched
Service system32\DRIVERS\ql2300.sys (QLogic Fibre Channel Stor Miniport Driver/QLogic Corporation) [MANUAL] ql2300
Service system32\DRIVERS\ql40xx.sys (QLogic iSCSI Storport Miniport Driver/QLogic Corporation) [MANUAL] ql40xx
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] QWAVE
Service system32\drivers\qwavedrv.sys (Pilote du support de Microsoft Quality Windows Audio Video Experience (qWave)/Microsoft Corporation) [MANUAL] QWAVEdrv
Service System32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [MANUAL] RasAcd
Service system32\DRIVERS\AgileVpn.sys (RAS Agile Vpn Miniport Call Manager/Microsoft Corporation) [MANUAL] RasAgileVpn
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] RasAuto
Service system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] RasMan
Service system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service system32\DRIVERS\rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation) [MANUAL] RasSstp
Service system32\DRIVERS\rdbss.sys (Pilote du sous-système de mise en mémoire tampon de lecteur redirigé/Microsoft Corporation) [SYSTEM] rdbss
Service system32\DRIVERS\rdpbus.sys (Microsoft RDP Bus Device driver/Microsoft Corporation) [MANUAL] rdpbus
Service System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service system32\drivers\rdpencdd.sys (RDP Encoder Miniport/Microsoft Corporation) [SYSTEM] RDPENCDD
Service RDPNP
Service system32\drivers\rdprefmp.sys (RDP Reflector Driver Miniport/Microsoft Corporation) [SYSTEM] RDPREFMP
Service (RDP Terminal Stack Driver/Microsoft Corporation) [MANUAL] RDPWD
Service System32\drivers\rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) [BOOT] rdyboost
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] RemoteRegistry
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] RpcEptMapper
Service C:\Windows\system32\locator.exe (Localisateur d'appels de procédure distante/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] RpcSs
Service system32\DRIVERS\rspndr.sys (Link-Layer Topology Responder Driver for NDIS 6/Microsoft Corporation) [AUTO] rspndr
Service system32\DRIVERS\Rt64win7.sys (Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver /Realtek ) [MANUAL] RTL8167
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [AUTO] SamSs
Service system32\DRIVERS\sbp2port.sys (SBP-2 Protocol Driver/Microsoft Corporation) [MANUAL] sbp2port
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] SCardSvr
Service System32\DRIVERS\scfilter.sys (Pilote de filtre de lecteur de carte à puce Microsoft/Microsoft Corporation) [MANUAL] scfilter
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] Schedule
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] SCPolicySvc
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] SDRSVC
Service C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft SeaPort Search Enhancement Broker/Microsoft Corporation) [AUTO] SeaPort
Service (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] secdrv
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] seclogon
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] SENS
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] SensrSvc
Service system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] Serenum
Service system32\DRIVERS\serial.sys (Pilote de périphérique série/Microsoft Corporation) [MANUAL] Serial
Service system32\DRIVERS\sermouse.sys (Pilote de filtre souris série/Microsoft Corporation) [MANUAL] sermouse
Service ServiceModelEndpoint 3.0.0.0
Service ServiceModelOperation 3.0.0.0
Service ServiceModelService 3.0.0.0
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] SessionEnv
Service system32\DRIVERS\sffdisk.sys (Small Form Factor Disk Driver/Microsoft Corporation) [MANUAL] sffdisk
Service system32\DRIVERS\sffp_mmc.sys (Small Form Factor MMC Protocol Driver/Microsoft Corporation) [MANUAL] sffp_mmc
Service system32\DRIVERS\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation) [MANUAL] sffp_sd
Service system32\DRIVERS\sfloppy.sys (SCSI Floppy Driver/Microsoft Corporation) [MANUAL] sfloppy
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] SharedAccess
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] ShellHWDetection
Service system32\DRIVERS\SiSRaid2.sys (SiS RAID Stor Miniport Driver/Silicon Integrated Systems Corp.) [MANUAL] SiSRaid2
Service system32\DRIVERS\sisraid4.sys (SiS AHCI Stor-Miniport Driver/Silicon Integrated Systems) [MANUAL] SiSRaid4
Service system32\DRIVERS\smb.sys (SMB Transport driver/Microsoft Corporation) [MANUAL] Smb
Service SMSvcHost 3.0.0.0
Service SMSvcHost 4.0.0.0
Service C:\Windows\System32\snmptrap.exe (Interruption SNMP/Microsoft Corporation) [MANUAL] SNMPTRAP
Service (loader for security processor/Microsoft Corporation) [BOOT] spldr
Service C:\Windows\System32\spoolsv.exe (Application sous-système spouleur/Microsoft Corporation) [AUTO] Spooler
Service C:\Windows\system32\sppsvc.exe (Service de la plateforme de protection logicielle Microsoft/Microsoft Corporation) [AUTO] sppsvc
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] sppuinotify
Service System32\Drivers\NISx64\1206000.01D\SRTSP64.SYS (Symantec AutoProtect/Symantec Corporation) [MANUAL] SRTSP
Service system32\drivers\NISx64\1206000.01D\SRTSPX64.SYS (Symantec AutoProtect/Symantec Corporation) [SYSTEM] SRTSPX
Service System32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] srv
Service System32\DRIVERS\srv2.sys (Smb 2.0 Server driver/Microsoft Corporation) [MANUAL] srv2
Service System32\DRIVERS\srvnet.sys (Server Network driver/Microsoft Corporation) [MANUAL] srvnet
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] SSDPSRV
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] SstpSvc
Service system32\DRIVERS\stexstor.sys (Promise SuperTrak EX Series Driver for Windows /Promise Technology) [MANUAL] stexstor
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] stisvc
Service system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] swprv
Service system32\drivers\NISx64\1206000.01D\SYMDS64.SYS (Symantec Data Store/Symantec Corporation) [BOOT] SymDS
Service system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS (Symantec Extended File Attributes/Symantec Corporation) [BOOT] SymEFA
Service C:\Windows\system32\Drivers\SYMEVENT64x86.SYS (Symantec Event Library/Symantec Corporation) [MANUAL] SymEvent
Service system32\drivers\NISx64\1206000.01D\Ironx64.SYS (Iron Driver/Symantec Corporation) [SYSTEM] SymIRON
Service System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS (Network Security Driver/Symantec Corporation) [SYSTEM] SymNetS
Service C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [AUTO] SysMain
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] TabletInputService
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) [MANUAL] TBS
Service System32\drivers\tcpip.sys (Pilote TCP/IP/Microsoft Corporation) [BOOT] Tcpip
Service system32\DRIVERS\tcpip.sys (Pilote TCP/IP/Microsoft Corporation) [MANUAL] TCPIP6
0
Réponse 16 / 20
Utilisateur anonyme
 

__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"=-

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] => Macromedia Shockwave Flash
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] => Macromedia Shockwave Flash
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] => Macromedia Shockwave Flash
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] => Macromedia Shockwave Flash
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] => Macromedia Shockwave Flash
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] => Macromedia Shockwave Flash
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] => Macromedia Shockwave Flash
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] => Macromedia Shockwave Flash
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]


------------------------------------------------------------------

▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes

▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix

▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt

0
Réponse 17 / 20
jopraloup
 
ComboFix 11-05-22.02 - Melijo 23/05/2011 19:14:24.3.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3959.2447 [GMT 2:00]
Lancé depuis: c:\users\Melijo\Desktop\Jopraloup.exe
Commutateurs utilisés :: c:\users\Melijo\Desktop\CFScript.txt
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-23 au 2011-05-23 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-23 17:17 . 2011-05-23 17:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 23:48 . 2011-05-17 23:48 -------- d-----w- c:\program files\CCleaner
2011-05-17 23:29 . 2011-05-17 23:29 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-17 23:29 . 2011-05-17 23:29 -------- d-----w- c:\program files\Java
2011-05-17 23:27 . 2011-05-17 23:27 -------- d-----w- c:\windows\en
2011-05-17 23:24 . 2011-05-17 23:24 -------- d-----w- c:\windows\fr
2011-05-17 23:20 . 2011-05-17 23:20 -------- dc----w- c:\windows\system32\DRVSTORE
2011-05-17 23:20 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-05-17 23:18 . 2011-05-17 23:18 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c2a845591cc14e805\MeshBetaRemover.exe
2011-05-17 23:13 . 2011-05-17 23:13 -------- d-----w- c:\program files (x86)\FileHippo.com
2011-05-17 23:13 . 2011-05-17 23:33 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-17 22:33 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-17 22:33 . 2011-05-17 22:33 -------- d-----w- c:\programdata\Malwarebytes
2011-05-17 22:33 . 2011-05-17 23:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-17 22:33 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-17 22:12 . 2011-05-17 22:12 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-05-17 22:01 . 2011-05-17 22:01 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-05-17 21:58 . 2011-05-18 00:03 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-05-11 11:32 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 11:32 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 11:32 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 11:32 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 11:32 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 11:32 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 11:32 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 11:32 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 11:32 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 11:32 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 00:50 . 2011-05-11 00:50 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-05-10 01:29 . 2011-05-10 01:29 -------- d-----w- c:\windows\SysWow64\Wat
2011-05-10 01:29 . 2011-05-10 01:29 -------- d-----w- c:\windows\system32\Wat
2011-05-10 01:09 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-05-10 01:09 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-05-10 01:03 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-05-10 01:03 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-05-10 01:03 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-10 01:03 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-05-10 01:03 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-05-10 01:03 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-05-10 01:03 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-10 01:03 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-05-10 01:03 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-10 01:03 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-05-10 01:03 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-05-10 00:20 . 2011-05-12 06:59 -------- d-----w- c:\windows\system32\drivers\NISx64\1206000.01D
2011-05-09 21:46 . 2011-05-09 21:46 -------- d-----w- c:\program files (x86)\Mad Skills Motocross
2011-05-09 21:31 . 2011-05-09 21:31 -------- d-----w- c:\programdata\Zylom
2011-05-09 21:23 . 2011-05-18 07:17 -------- d-----w- c:\program files (x86)\JDownloader
2011-05-09 21:23 . 2011-05-09 21:23 411368 ----a-w- c:\windows\SysWow64\deploytk.dll
2011-05-09 21:23 . 2011-05-09 21:23 -------- d-----w- c:\program files (x86)\Java
2011-05-09 20:32 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-05-09 20:32 . 2011-02-19 06:37 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-05-09 20:32 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-05-09 20:32 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-05-09 20:32 . 2011-02-19 05:32 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-05-09 14:11 . 2011-05-09 14:15 -------- d-----w- c:\programdata\Nero
2011-05-09 14:11 . 2011-05-09 14:11 -------- d-----w- c:\program files (x86)\Common Files\Nero
2011-05-09 14:11 . 2011-05-09 14:15 -------- d-----w- c:\program files (x86)\Nero
2011-05-09 11:57 . 2011-05-11 07:21 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-05-09 11:57 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-05-09 11:56 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2011-05-09 11:56 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-05-09 11:56 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll
2011-05-09 11:55 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\SysWow64\d3dx9_34.dll
2011-05-09 09:30 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-05-08 16:32 . 2011-03-19 19:00 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2011-05-08 16:32 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
2011-05-08 16:32 . 2008-09-24 18:41 839680 ----a-w- c:\windows\SysWow64\lameACM.acm
2011-05-08 16:32 . 2011-03-29 08:00 80896 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-05-08 16:32 . 2011-03-24 19:35 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-05-08 16:32 . 2011-03-24 19:28 631808 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-05-08 16:32 . 2010-11-03 18:08 237568 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2011-05-08 16:32 . 2011-05-08 16:32 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2011-05-08 16:26 . 2011-05-08 16:26 -------- d-----w- c:\program files (x86)\VideoLAN
2011-05-08 15:52 . 2011-05-08 15:52 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2011-05-08 14:41 . 2011-05-16 15:54 -------- d-----w- c:\program files (x86)\World of Warcraft
2011-05-08 14:41 . 2011-05-08 14:44 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2011-05-08 14:41 . 2011-05-09 15:42 -------- d-----w- c:\programdata\Blizzard Entertainment
2011-05-08 13:21 . 2011-05-08 13:21 -------- d-----w- c:\users\Public\Symantec
2011-05-08 13:21 . 2011-05-23 16:40 -------- d---a-w- c:\users\Melijo
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-11 14:52 . 2011-01-14 08:34 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-05-08 15:37 . 2010-06-24 19:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-04 06:17 . 2011-05-10 01:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-05-10 01:48 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-23_15.18.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-05-09 11:12 . 2011-05-23 15:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-09 11:12 . 2011-05-23 17:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-09 11:12 . 2011-05-23 17:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-09 11:12 . 2011-05-23 15:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-04-02 1234216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110518.001\BHDrvx64.sys [2011-04-29 1127032]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110518.001\IDSvia64.sys [2011-03-14 476792]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-21 92216]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-10 136824]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*Deregistered* - klmd25
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-17 c:\windows\Tasks\HPCeeScheduleForMelijo.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Melijo\AppData\Roaming\Mozilla\Firefox\Profiles\0y2o9k1h.default\
FF - prefs.js: browser.startup.homepage - fr.blackle.com/
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
0
Réponse 18 / 20
jopraloup
 
c'est des personne qui me lon dit
0
Réponse 19 / 20
Utilisateur anonyme
 
bah c'est normal c'est un outil de deesinfection :)

quand on ne sait pas ...
0
Utilisateur anonyme
 
bref...

t'es sur que tu as bien enregistré avec le texte collé dedans ?
0
jopraloup
 
oui sur
0
Réponse 20 / 20
Utilisateur anonyme
 
reffais la manip en mode sans echec
0

Discussions similaires

Supprimer compte facebook sans mail
Joris77 -
Mollygwen -

24 réponses
Supprimer compte Tendermeets.com
anonyme -
anonyme -

1 réponse