Sujet Précédent Sujet Suivant

Comment me debarrasser de gomeo

Fermé
cristal88 Messages postés 23 Date d'inscription mardi 9 juin 2009 Statut Membre Dernière intervention 14 mai 2021 - 13 août 2011 à 16:50
 Utilisateur anonyme - 15 août 2011 à 10:14
Bonjour,


Apres voir prete mon pc portable à ma fille, je me retrouve avec un satané virus appelé goméo, dont je n'arrive absolument pas à me debarrasser, j'ai donc vraiment besoin d'aide merci.


Windows 7 64 bits google chrome

9 réponses

Réponse 1 / 9
Utilisateur anonyme
13 août 2011 à 16:55
salut

▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan"

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.
0
Réponse 2 / 9
cristal88 Messages postés 23 Date d'inscription mardi 9 juin 2009 Statut Membre Dernière intervention 14 mai 2021
13 août 2011 à 17:01
Bonjour, tout d'abord merci de votre réponse.

Voici le rapport :


2011/08/13 16:58:32.0101 4312 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13
2011/08/13 16:58:32.0422 4312 ================================================================================
2011/08/13 16:58:32.0422 4312 SystemInfo:
2011/08/13 16:58:32.0423 4312
2011/08/13 16:58:32.0423 4312 OS Version: 6.1.7601 ServicePack: 1.0
2011/08/13 16:58:32.0423 4312 Product type: Workstation
2011/08/13 16:58:32.0423 4312 ComputerName: CHRISTELLE-PC
2011/08/13 16:58:32.0423 4312 UserName: CHRISTELLE
2011/08/13 16:58:32.0423 4312 Windows directory: C:\windows
2011/08/13 16:58:32.0423 4312 System windows directory: C:\windows
2011/08/13 16:58:32.0423 4312 Running under WOW64
2011/08/13 16:58:32.0423 4312 Processor architecture: Intel x64
2011/08/13 16:58:32.0423 4312 Number of processors: 2
2011/08/13 16:58:32.0423 4312 Page size: 0x1000
2011/08/13 16:58:32.0423 4312 Boot type: Normal boot
2011/08/13 16:58:32.0423 4312 ================================================================================
2011/08/13 16:58:33.0659 4312 Initialize success
2011/08/13 16:58:36.0402 3568 ================================================================================
2011/08/13 16:58:36.0402 3568 Scan started
2011/08/13 16:58:36.0402 3568 Mode: Manual;
2011/08/13 16:58:36.0402 3568 ================================================================================
2011/08/13 16:58:38.0337 3568 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
2011/08/13 16:58:38.0820 3568 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
2011/08/13 16:58:39.0076 3568 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
2011/08/13 16:58:39.0310 3568 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
2011/08/13 16:58:39.0475 3568 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
2011/08/13 16:58:39.0817 3568 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
2011/08/13 16:58:40.0585 3568 AFD (d5b031c308a409a0a576bff4cf083d30) C:\windows\system32\drivers\afd.sys
2011/08/13 16:58:41.0261 3568 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
2011/08/13 16:58:41.0583 3568 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
2011/08/13 16:58:41.0708 3568 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
2011/08/13 16:58:41.0786 3568 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
2011/08/13 16:58:41.0852 3568 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
2011/08/13 16:58:42.0067 3568 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
2011/08/13 16:58:42.0203 3568 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
2011/08/13 16:58:42.0521 3568 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
2011/08/13 16:58:43.0247 3568 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\windows\system32\Drivers\ssadadb.sys
2011/08/13 16:58:43.0668 3568 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
2011/08/13 16:58:44.0001 3568 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
2011/08/13 16:58:44.0712 3568 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
2011/08/13 16:58:45.0349 3568 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
2011/08/13 16:58:45.0659 3568 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
2011/08/13 16:58:45.0870 3568 athr (cca705cdf038d5bc243203ce4416b345) C:\windows\system32\DRIVERS\athrx.sys
2011/08/13 16:58:46.0067 3568 avfwim (d585d4b4d4fe4cb0ea9307e477976735) C:\windows\system32\DRIVERS\avfwim.sys
2011/08/13 16:58:46.0159 3568 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\windows\system32\DRIVERS\avgntflt.sys
2011/08/13 16:58:46.0579 3568 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
2011/08/13 16:58:46.0732 3568 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
2011/08/13 16:58:46.0866 3568 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
2011/08/13 16:58:47.0667 3568 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
2011/08/13 16:58:47.0914 3568 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
2011/08/13 16:58:48.0083 3568 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/08/13 16:58:48.0112 3568 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/08/13 16:58:48.0236 3568 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
2011/08/13 16:58:48.0691 3568 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
2011/08/13 16:58:48.0809 3568 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/08/13 16:58:48.0871 3568 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
2011/08/13 16:58:48.0914 3568 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
2011/08/13 16:58:48.0989 3568 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
2011/08/13 16:58:49.0518 3568 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
2011/08/13 16:58:50.0309 3568 cfwids (676535b3156fecf7133cf80b4d2f6cf7) C:\windows\system32\drivers\cfwids.sys
2011/08/13 16:58:50.0823 3568 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
2011/08/13 16:58:51.0026 3568 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
2011/08/13 16:58:51.0223 3568 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
2011/08/13 16:58:51.0310 3568 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
2011/08/13 16:58:51.0489 3568 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
2011/08/13 16:58:51.0721 3568 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
2011/08/13 16:58:51.0891 3568 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
2011/08/13 16:58:52.0055 3568 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
2011/08/13 16:58:52.0539 3568 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
2011/08/13 16:58:52.0846 3568 dgderdrv (def365f0f6e017888c4b869d3ba4b8e0) C:\windows\system32\drivers\dgderdrv.sys
2011/08/13 16:58:53.0365 3568 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
2011/08/13 16:58:53.0971 3568 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
2011/08/13 16:58:54.0766 3568 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
2011/08/13 16:58:55.0436 3568 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
2011/08/13 16:58:56.0145 3568 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
2011/08/13 16:58:56.0476 3568 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
2011/08/13 16:58:56.0589 3568 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
2011/08/13 16:58:56.0749 3568 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
2011/08/13 16:58:56.0957 3568 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
2011/08/13 16:58:57.0185 3568 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
2011/08/13 16:58:57.0424 3568 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
2011/08/13 16:58:57.0533 3568 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
2011/08/13 16:58:57.0594 3568 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
2011/08/13 16:58:57.0764 3568 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
2011/08/13 16:58:57.0851 3568 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
2011/08/13 16:58:58.0045 3568 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
2011/08/13 16:58:58.0666 3568 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
2011/08/13 16:58:59.0293 3568 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/08/13 16:58:59.0659 3568 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
2011/08/13 16:58:59.0794 3568 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
2011/08/13 16:59:00.0036 3568 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
2011/08/13 16:59:00.0156 3568 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
2011/08/13 16:59:00.0232 3568 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
2011/08/13 16:59:00.0271 3568 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
2011/08/13 16:59:00.0588 3568 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
2011/08/13 16:59:00.0837 3568 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
2011/08/13 16:59:01.0134 3568 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
2011/08/13 16:59:01.0664 3568 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
2011/08/13 16:59:02.0348 3568 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
2011/08/13 16:59:02.0837 3568 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\windows\system32\DRIVERS\iaStor.sys
2011/08/13 16:59:03.0714 3568 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
2011/08/13 16:59:04.0394 3568 igfx (677aa5991026a65ada128c4b59cf2bad) C:\windows\system32\DRIVERS\igdkmd64.sys
2011/08/13 16:59:04.0843 3568 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
2011/08/13 16:59:05.0151 3568 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
2011/08/13 16:59:05.0773 3568 IntcAzAudAddService (801946ce25dd2179fe68599826b0bb88) C:\windows\system32\drivers\RTKVHD64.sys
2011/08/13 16:59:06.0018 3568 IntcDAud (c6c1f19205da83c801be7c25f4e2ee07) C:\windows\system32\DRIVERS\IntcDAud.sys
2011/08/13 16:59:06.0095 3568 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
2011/08/13 16:59:06.0158 3568 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
2011/08/13 16:59:06.0697 3568 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/08/13 16:59:06.0982 3568 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
2011/08/13 16:59:07.0445 3568 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
2011/08/13 16:59:08.0370 3568 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
2011/08/13 16:59:08.0897 3568 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
2011/08/13 16:59:09.0524 3568 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
2011/08/13 16:59:09.0759 3568 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\windows\system32\DRIVERS\ivusb.sys
2011/08/13 16:59:09.0975 3568 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
2011/08/13 16:59:10.0153 3568 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
2011/08/13 16:59:10.0262 3568 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
2011/08/13 16:59:10.0395 3568 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
2011/08/13 16:59:10.0513 3568 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
2011/08/13 16:59:10.0754 3568 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
2011/08/13 16:59:10.0932 3568 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/08/13 16:59:10.0993 3568 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/08/13 16:59:11.0708 3568 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/08/13 16:59:12.0373 3568 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/08/13 16:59:13.0089 3568 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
2011/08/13 16:59:13.0468 3568 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\windows\system32\drivers\mbam.sys
2011/08/13 16:59:13.0681 3568 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
2011/08/13 16:59:13.0730 3568 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
2011/08/13 16:59:13.0969 3568 mfehidk (a2607740bb18d631da01e01dcb81843b) C:\windows\system32\drivers\mfehidk.sys
2011/08/13 16:59:14.0027 3568 mfenlfk (50c3a9d7465d385061c0601deefb5a8e) C:\windows\system32\DRIVERS\mfenlfk.sys
2011/08/13 16:59:14.0185 3568 mfewfpk (9182faf9addd5ea6308d155ceb502c6f) C:\windows\system32\drivers\mfewfpk.sys
2011/08/13 16:59:14.0351 3568 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
2011/08/13 16:59:14.0632 3568 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
2011/08/13 16:59:14.0717 3568 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
2011/08/13 16:59:14.0880 3568 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
2011/08/13 16:59:14.0946 3568 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
2011/08/13 16:59:15.0042 3568 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
2011/08/13 16:59:15.0102 3568 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
2011/08/13 16:59:15.0174 3568 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
2011/08/13 16:59:15.0294 3568 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/08/13 16:59:15.0436 3568 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/08/13 16:59:16.0091 3568 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/08/13 16:59:16.0695 3568 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
2011/08/13 16:59:17.0320 3568 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
2011/08/13 16:59:17.0961 3568 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
2011/08/13 16:59:18.0110 3568 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
2011/08/13 16:59:18.0179 3568 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
2011/08/13 16:59:18.0390 3568 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
2011/08/13 16:59:18.0436 3568 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
2011/08/13 16:59:18.0580 3568 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
2011/08/13 16:59:18.0663 3568 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
2011/08/13 16:59:18.0870 3568 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
2011/08/13 16:59:19.0009 3568 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
2011/08/13 16:59:19.0064 3568 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
2011/08/13 16:59:19.0104 3568 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
2011/08/13 16:59:19.0254 3568 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
2011/08/13 16:59:19.0512 3568 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
2011/08/13 16:59:19.0667 3568 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
2011/08/13 16:59:19.0784 3568 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
2011/08/13 16:59:19.0879 3568 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
2011/08/13 16:59:20.0225 3568 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
2011/08/13 16:59:20.0826 3568 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
2011/08/13 16:59:21.0253 3568 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
2011/08/13 16:59:21.0427 3568 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
2011/08/13 16:59:21.0539 3568 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
2011/08/13 16:59:21.0683 3568 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
2011/08/13 16:59:21.0837 3568 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
2011/08/13 16:59:21.0997 3568 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
2011/08/13 16:59:22.0854 3568 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
2011/08/13 16:59:23.0937 3568 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
2011/08/13 16:59:24.0523 3568 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
2011/08/13 16:59:24.0692 3568 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
2011/08/13 16:59:24.0760 3568 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
2011/08/13 16:59:25.0040 3568 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
2011/08/13 16:59:25.0097 3568 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
2011/08/13 16:59:25.0277 3568 pccsmcfd (81b5e63131090879ad6ef9f32109b88d) C:\windows\system32\DRIVERS\pccsmcfdx64.sys
2011/08/13 16:59:25.0338 3568 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
2011/08/13 16:59:25.0530 3568 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
2011/08/13 16:59:25.0611 3568 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
2011/08/13 16:59:25.0664 3568 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
2011/08/13 16:59:25.0902 3568 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
2011/08/13 16:59:26.0124 3568 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
2011/08/13 16:59:26.0167 3568 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
2011/08/13 16:59:26.0344 3568 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
2011/08/13 16:59:27.0059 3568 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
2011/08/13 16:59:27.0325 3568 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
2011/08/13 16:59:27.0569 3568 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
2011/08/13 16:59:27.0687 3568 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
2011/08/13 16:59:28.0317 3568 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/08/13 16:59:28.0901 3568 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/08/13 16:59:29.0519 3568 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
2011/08/13 16:59:30.0068 3568 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
2011/08/13 16:59:30.0336 3568 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
2011/08/13 16:59:30.0453 3568 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
2011/08/13 16:59:30.0579 3568 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/08/13 16:59:30.0692 3568 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
2011/08/13 16:59:30.0748 3568 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
2011/08/13 16:59:30.0824 3568 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
2011/08/13 16:59:31.0005 3568 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
2011/08/13 16:59:31.0205 3568 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
2011/08/13 16:59:31.0253 3568 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\windows\system32\DRIVERS\Rt64win7.sys
2011/08/13 16:59:31.0435 3568 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\windows\SysWOW64\drivers\rtport.sys
2011/08/13 16:59:31.0692 3568 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\windows\system32\Drivers\SABI.sys
2011/08/13 16:59:31.0777 3568 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
2011/08/13 16:59:31.0930 3568 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
2011/08/13 16:59:32.0125 3568 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
2011/08/13 16:59:32.0275 3568 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
2011/08/13 16:59:32.0450 3568 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
2011/08/13 16:59:32.0532 3568 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
2011/08/13 16:59:32.0650 3568 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
2011/08/13 16:59:32.0701 3568 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
2011/08/13 16:59:32.0756 3568 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
2011/08/13 16:59:32.0876 3568 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
2011/08/13 16:59:33.0413 3568 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/08/13 16:59:33.0577 3568 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
2011/08/13 16:59:33.0675 3568 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
2011/08/13 16:59:33.0831 3568 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
2011/08/13 16:59:33.0937 3568 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
2011/08/13 16:59:34.0080 3568 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
2011/08/13 16:59:34.0190 3568 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
2011/08/13 16:59:34.0308 3568 ssadbus (c1212ba5ab6783191899d194672a5b5c) C:\windows\system32\DRIVERS\ssadbus.sys
2011/08/13 16:59:34.0375 3568 ssadmdfl (eb270596d4117c4306442f36ef2c290e) C:\windows\system32\DRIVERS\ssadmdfl.sys
2011/08/13 16:59:34.0431 3568 ssadmdm (e29027dfaec246299d1cf88627c5cbe6) C:\windows\system32\DRIVERS\ssadmdm.sys
2011/08/13 16:59:34.0478 3568 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\windows\system32\DRIVERS\sscdbus.sys
2011/08/13 16:59:35.0050 3568 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\windows\system32\DRIVERS\sscdmdfl.sys
2011/08/13 16:59:35.0689 3568 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\windows\system32\DRIVERS\sscdmdm.sys
2011/08/13 16:59:35.0910 3568 ss_bbus (ef806d212d34b0e173baeb3564d53e37) C:\windows\system32\DRIVERS\ss_bbus.sys
2011/08/13 16:59:35.0980 3568 ss_bmdfl (08b1b34abebeb6ac2dea06900c56411e) C:\windows\system32\DRIVERS\ss_bmdfl.sys
2011/08/13 16:59:36.0024 3568 ss_bmdm (71a9da6beaa4cb54dfb827fb78600a5d) C:\windows\system32\DRIVERS\ss_bmdm.sys
2011/08/13 16:59:36.0131 3568 ss_bserd (677cdc98f8363accaae783fde1599c2a) C:\windows\system32\DRIVERS\ss_bserd.sys
2011/08/13 16:59:36.0203 3568 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
2011/08/13 16:59:36.0330 3568 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys
2011/08/13 16:59:36.0396 3568 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
2011/08/13 16:59:36.0736 3568 SynTP (3c80203c725c28cea5713d1ab242880a) C:\windows\system32\DRIVERS\SynTP.sys
2011/08/13 16:59:37.0351 3568 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\windows\system32\drivers\tcpip.sys
2011/08/13 16:59:37.0551 3568 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\windows\system32\DRIVERS\tcpip.sys
2011/08/13 16:59:38.0147 3568 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
2011/08/13 16:59:38.0745 3568 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
2011/08/13 16:59:39.0047 3568 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
2011/08/13 16:59:39.0128 3568 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
2011/08/13 16:59:39.0296 3568 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
2011/08/13 16:59:39.0394 3568 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\windows\System32\Drivers\TFsExDisk.sys
2011/08/13 16:59:39.0605 3568 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/08/13 16:59:39.0645 3568 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
2011/08/13 16:59:39.0783 3568 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
2011/08/13 16:59:39.0838 3568 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
2011/08/13 16:59:39.0892 3568 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
2011/08/13 16:59:40.0071 3568 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
2011/08/13 16:59:40.0795 3568 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
2011/08/13 16:59:41.0416 3568 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
2011/08/13 16:59:42.0049 3568 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
2011/08/13 16:59:42.0641 3568 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
2011/08/13 16:59:43.0261 3568 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
2011/08/13 16:59:43.0848 3568 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
2011/08/13 16:59:43.0999 3568 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
2011/08/13 16:59:44.0094 3568 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
2011/08/13 16:59:44.0204 3568 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\drivers\USBSTOR.SYS
2011/08/13 16:59:44.0260 3568 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
2011/08/13 16:59:44.0355 3568 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
2011/08/13 16:59:44.0484 3568 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
2011/08/13 16:59:44.0545 3568 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
2011/08/13 16:59:44.0583 3568 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
2011/08/13 16:59:44.0640 3568 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
2011/08/13 16:59:44.0754 3568 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
2011/08/13 16:59:44.0830 3568 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
2011/08/13 16:59:44.0913 3568 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
2011/08/13 16:59:45.0012 3568 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
2011/08/13 16:59:45.0103 3568 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
2011/08/13 16:59:45.0214 3568 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
2011/08/13 16:59:45.0281 3568 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
2011/08/13 16:59:45.0354 3568 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
2011/08/13 16:59:45.0493 3568 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
2011/08/13 16:59:45.0567 3568 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
2011/08/13 16:59:45.0676 3568 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
2011/08/13 16:59:45.0924 3568 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
2011/08/13 16:59:46.0052 3568 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
2011/08/13 16:59:46.0290 3568 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
2011/08/13 16:59:46.0410 3568 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
2011/08/13 16:59:46.0841 3568 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
2011/08/13 16:59:46.0951 3568 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
2011/08/13 16:59:47.0132 3568 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
2011/08/13 16:59:47.0228 3568 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
2011/08/13 16:59:47.0357 3568 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/08/13 16:59:47.0448 3568 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\windows\system32\DRIVERS\yk62x64.sys
2011/08/13 16:59:47.0549 3568 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
2011/08/13 16:59:47.0770 3568 Boot (0x1200) (1903235e4f91ea67559c52d72a84ae6c) \Device\Harddisk0\DR0\Partition0
2011/08/13 16:59:47.0800 3568 Boot (0x1200) (0d462fec3148e551c149bb81f907623e) \Device\Harddisk0\DR0\Partition1
2011/08/13 16:59:47.0884 3568 Boot (0x1200) (1e302739ca5bec5816f14b172a7ebde6) \Device\Harddisk0\DR0\Partition2
2011/08/13 16:59:47.0980 3568 ================================================================================
2011/08/13 16:59:47.0980 3568 Scan finished
2011/08/13 16:59:47.0980 3568 ================================================================================
2011/08/13 16:59:48.0006 4820 Detected object count: 0
2011/08/13 16:59:48.0006 4820 Actual detected object count: 0
2011/08/13 17:00:37.0123 5944 Deinitialize success
0
Réponse 3 / 9
Utilisateur anonyme
13 août 2011 à 17:03

/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

__________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================

▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur

Telecharge ici : Combofix

Avant d'utiliser ComboFix :

Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n'est pas suffisante.
Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau

▶ Lance le

Une fenêtre apparait : clique sur "Disable"

▶ Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

_________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur combofix renommé

¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤

▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.



0
Réponse 4 / 9
cristal88 Messages postés 23 Date d'inscription mardi 9 juin 2009 Statut Membre Dernière intervention 14 mai 2021
13 août 2011 à 17:09
je sais pas si j'ai avg je peu le voir dans la liste de programme du panneau de config?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
cristal88 Messages postés 23 Date d'inscription mardi 9 juin 2009 Statut Membre Dernière intervention 14 mai 2021
13 août 2011 à 18:12
voici le rapport



ComboFix 11-08-13.02 - CHRISTELLE 13/08/2011 17:38:02.1.2 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3893.1865 [GMT 2:00]
Lancé depuis: c:\users\CHRISTELLE\Desktop\christelle.exe.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\CHRISTELLE\Desktop\Setup.exe
c:\windows\pl
c:\windows\pl\WLXPGSS.SCR.mui
c:\windows\system32\consrv.dll
c:\windows\System64
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-07-13 au 2011-08-13 ))))))))))))))))))))))))))))))))))))
.
.
2011-08-13 15:47 . 2011-08-13 15:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-12 23:59 . 2011-08-12 23:59 -------- d-----w- c:\users\CHRISTELLE\AppData\Roaming\Malwarebytes
2011-08-12 23:59 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-12 23:59 . 2011-08-12 23:59 -------- d-----w- c:\programdata\Malwarebytes
2011-08-12 23:59 . 2011-08-12 23:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-12 23:59 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-12 23:22 . 2011-08-12 23:22 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-08-12 10:06 . 2011-07-20 07:44 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C992928C-FB3A-4C68-B1C6-3FA16729618D}\mpengine.dll
2011-08-12 00:34 . 2011-08-12 00:34 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-08-11 20:25 . 2011-07-16 05:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-11 20:25 . 2011-07-16 05:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-11 20:25 . 2011-07-16 04:15 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-08-11 20:25 . 2011-07-16 04:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-08-11 20:25 . 2011-07-16 02:21 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-08-11 20:25 . 2011-07-16 02:21 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-08-11 20:25 . 2011-06-21 06:34 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-11 20:25 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-08-11 20:25 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-11 20:25 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-08-10 20:35 . 2011-08-10 20:35 -------- d-----w- c:\users\CHRISTELLE\AppData\Roaming\Avira
2011-08-10 20:12 . 2011-08-10 20:12 -------- d-----w- c:\windows\fr
2011-08-10 20:06 . 2011-01-21 07:42 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-08-10 20:06 . 2011-01-21 07:42 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-08-10 20:06 . 2011-01-21 07:42 126792 ----a-w- c:\windows\system32\drivers\avfwot.sys
2011-08-10 20:06 . 2010-06-17 12:23 98120 ----a-w- c:\windows\system32\drivers\avfwim.sys
2011-08-10 20:06 . 2011-08-10 20:06 -------- d-----w- c:\program files (x86)\Avira
2011-08-10 20:05 . 2011-08-10 20:05 -------- d-----w- c:\windows\en
2011-08-10 20:05 . 2011-08-10 20:05 -------- d-----w- c:\windows\ar
2011-08-10 20:05 . 2011-08-10 20:05 -------- d-----w- c:\windows\bg
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\cs
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\da
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\de
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\el
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\es
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\fi
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\he
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\hr
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\hu
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\it
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\ko
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\lt
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\lv
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\nl
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\no
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\pt-br
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\pt-pt
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\ro
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\ru
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\sk
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\sl
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\sr-latn-cs
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\sv
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\th
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\tr
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\zh-cn
2011-08-10 20:00 . 2011-08-10 20:00 -------- d-----w- c:\windows\zh-tw
2011-08-10 19:09 . 2011-08-10 19:09 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-10 19:08 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-08-10 19:08 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-08-10 19:08 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-08-10 19:08 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-08-10 19:07 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-08-10 19:07 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2011-08-10 19:05 . 2011-08-10 19:05 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7282832c1cc579001\MeshBetaRemover.exe
2011-08-10 17:44 . 2011-08-10 20:06 -------- d-----w- c:\programdata\Avira
2011-08-04 09:40 . 2011-08-04 09:40 -------- d-----w- c:\windows\system32\SPReview
2011-08-03 13:54 . 2011-08-03 13:54 -------- d-----w- c:\windows\AutoKMS
2011-08-03 13:51 . 2011-08-03 13:53 151552 ----a-w- c:\windows\KMSEmulator.exe
2011-07-24 20:00 . 2011-07-24 20:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-07-24 19:59 . 2011-07-24 19:58 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-07-24 19:58 . 2011-07-24 19:58 -------- d-----w- c:\program files (x86)\Java
2011-07-21 16:28 . 2011-07-21 16:28 -------- d-----w- c:\users\CHRISTELLE\AppData\Local\Deployment
2011-07-16 21:24 . 2011-07-16 21:24 -------- d-----w- c:\users\CHRISTELLE\AppData\Roaming\PC Suite
2011-07-16 21:24 . 2011-07-16 21:24 -------- d-----w- c:\programdata\PC Suite
2011-07-16 20:54 . 2007-05-02 14:33 66560 ----a-w- c:\windows\system32\nmwcdclsx64.dll
2011-07-16 20:54 . 2011-07-16 20:54 -------- d-----w- c:\program files\DIFX
2011-07-16 20:54 . 2007-09-17 13:53 29184 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2011-07-16 20:54 . 2011-07-16 20:54 -------- dc----w- c:\windows\system32\DRVSTORE
2011-07-16 20:52 . 2011-07-16 20:54 -------- d-----w- c:\windows\SysWow64\Samsung_USB_Drivers
2011-07-16 18:31 . 2011-07-16 18:31 -------- d-----w- C:\Temp
2011-07-16 17:28 . 2011-07-16 17:28 -------- d-----w- c:\users\CHRISTELLE\AppData\Local\Samsung
2011-07-16 17:18 . 2011-06-07 09:13 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2011-07-16 17:18 . 2011-06-07 09:13 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2011-07-16 17:14 . 2011-07-16 22:44 -------- d-----w- c:\users\CHRISTELLE\AppData\Local\Downloaded Installations
2011-07-16 17:13 . 2011-06-28 05:32 81122288 ----a-w- c:\users\CHRISTELLE\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe
2011-07-16 15:57 . 2011-07-16 15:57 -------- d-----w- c:\windows\system32\EventProviders
2011-07-16 14:57 . 2010-09-09 07:43 16392 ----a-w- c:\windows\system32\drivers\TFsExDisk.sys
2011-07-16 14:57 . 2009-04-07 07:39 24064 ----a-w- c:\windows\SysWow64\FsExService64.Exe
2011-07-16 14:57 . 2009-04-07 07:39 16392 ----a-w- c:\windows\SysWow64\drivers\TFsExDisk.Sys
2011-07-16 14:55 . 2011-07-16 20:54 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2011-07-16 14:52 . 2011-07-16 20:51 -------- d-----w- c:\users\CHRISTELLE\AppData\Roaming\Samsung
2011-07-16 14:52 . 2011-07-16 14:52 -------- d-----w- c:\program files (x86)\MarkAny
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-04 09:52 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-08-04 09:52 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-16 21:18 . 2007-10-25 15:26 5632 ----a-w- c:\windows\SysWow64\drivers\StarOpen.sys
2011-07-16 04:26 . 2011-08-11 20:26 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-06-24 05:17 . 2011-05-14 15:35 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-15 11:50 . 2011-06-15 11:50 156 ----a-w- c:\users\CHRISTELLE\AppData\Local\GLF1255.tmp
2011-06-11 03:07 . 2011-07-13 09:29 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-06-07 09:13 . 2011-06-07 09:13 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2011-06-07 09:13 . 2011-06-07 09:13 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-06-07 09:13 . 2011-06-07 09:13 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2011-06-07 09:13 . 2011-06-07 09:13 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2011-06-07 09:13 . 2011-06-07 09:13 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2011-06-07 09:13 . 2011-06-07 09:13 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2011-06-07 09:13 . 2011-06-07 09:13 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2011-06-07 09:13 . 2011-06-07 09:13 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2011-06-07 09:13 . 2011-06-07 09:13 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2011-06-07 09:13 . 2011-06-07 09:13 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2011-06-07 09:13 . 2011-06-07 09:13 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2011-06-07 09:13 . 2011-06-07 09:13 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2011-06-07 09:13 . 2011-06-07 09:13 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-06-07 09:13 . 2011-06-07 09:13 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-06-07 09:13 . 2011-06-07 09:13 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2011-06-07 09:13 . 2011-06-07 09:13 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2011-06-07 09:13 . 2011-06-07 09:13 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2011-06-07 09:13 . 2011-06-07 09:13 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2011-06-07 09:13 . 2011-06-07 09:13 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2011-06-07 09:13 . 2011-06-07 09:13 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2011-06-07 09:13 . 2011-06-07 09:13 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2011-06-07 09:13 . 2011-06-07 09:13 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2011-06-07 09:13 . 2011-06-07 09:13 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2011-06-07 09:13 . 2011-06-07 09:13 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2011-06-07 09:13 . 2011-06-07 09:13 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2011-06-07 09:13 . 2011-06-07 09:13 40960 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2011-06-07 09:13 . 2011-06-07 09:13 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2011-06-07 09:13 . 2011-06-07 09:13 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2011-06-01 19:24 . 2011-06-15 11:49 1524112 ------w- c:\windows\SysWow64\bandoolmx.dll
2011-05-24 17:14 . 2011-04-17 16:08 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-24 11:42 . 2011-06-29 08:43 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-29 08:43 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-29 08:43 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-29 08:43 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-29 08:43 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-04-16 39408]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"BitComet"="c:\program files (x86)\BitComet\BitComet.exe" [2011-04-22 12401968]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-06-24 941968]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-06-24 3373968]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-06-24 20880]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-07-16 102400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePDRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"Nikon Transfer Monitor"="c:\program files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-12-16 479232]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984]
"IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368]
"PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-01-21 281768]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-5-17 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 51727736]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-09-09 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2011-01-21 339624]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-08-10 136360]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-08-10 421032]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [2011-02-16 101048]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2011-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 12:10]
.
2011-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 12:10]
.
2011-08-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1972273453-3807663751-171534141-1000Core.job
- c:\users\CHRISTELLE\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-16 12:04]
.
2011-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1972273453-3807663751-171534141-1000UA.job
- c:\users\CHRISTELLE\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-16 12:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\christelle.exe\CF9170.cfxxe" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-15 9644576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-28 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-28 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-28 415256]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: Tout télécharger avec BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: Télécharger avec BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\CHRISTELLE\AppData\Roaming\Mozilla\Firefox\Profiles\7wdew2mp.default\
FF - prefs.js: browser.search.selectedEngine - Recherche sécurisée
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-NPSStartup - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1972273453-3807663751-171534141-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*]%*ê*]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1972273453-3807663751-171534141-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*]%*ê*\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
.
**************************************************************************
.
Heure de fin: 2011-08-13 18:04:37 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-08-13 16:04
.
Avant-CF: 62 253 268 992 octets libres
Après-CF: 65 971 683 328 octets libres
.
- - End Of File - - C46FCF0DFB46F65F51DB32B2A5926461
0
Réponse 6 / 9
Utilisateur anonyme
13 août 2011 à 18:35
MaFee est tres mal desinstallé

utilise cette page pour le desinstaller convenablement

Désinstallation Antivirus , Parefeu , Antispyware



__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
KillAll::

DeQuarantine::
c:\windows\SysWow64\muzapp.exe

Folder::
c:\windows\AutoKMS

File::
c:\windows\KMSEmulator.exe
c:\windows\SysWow64\bandoolmx.dll

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate"=-
"PaperPort PTD"=-
"IndexSearch"=-
"ControlCenter3"=-
"QuickTime Task"=-
"Adobe Reader Speed Launcher"=-

RegLock::
[HKEY_USERS\S-1-5-21-1972273453-3807663751-171534141-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*]%*ê*]
[HKEY_USERS\S-1-5-21-1972273453-3807663751-171534141-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*]%*ê*\OpenWithList]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

RegLockDel::
[HKEY_LOCAL_MACHINE\software\McAfee]



------------------------------------------------------------------

▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes

▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix

▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt


==================================

desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu

Ferme toutes tes appilications en cours

telecharge et enregistre ceci sur ton bureau :

Pre_Scan

mirroir :

http://www.archive-host.com

s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau

Avertissement: Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.

si 'outil est bloqué par l'infection utilise cette version : Version .pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan

▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)

clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
0
Réponse 7 / 9
cristal88 Messages postés 23 Date d'inscription mardi 9 juin 2009 Statut Membre Dernière intervention 14 mai 2021
14 août 2011 à 14:06
bonjour voici le rapport combofix


ComboFix 11-08-13.02 - CHRISTELLE 13/08/2011 19:33:44.2.2 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3893.2376 [GMT 2:00]
Lancé depuis: c:\users\CHRISTELLE\Desktop\christelle.exe.exe
Commutateurs utilisés :: c:\users\CHRISTELLE\Desktop\CFScript.txt.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\KMSEmulator.exe"
"c:\windows\SysWow64\bandoolmx.dll"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\AutoKMS
c:\windows\AutoKMS\AutoKMS.ini
c:\windows\KMSEmulator.exe
c:\windows\SysWow64\bandoolmx.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-07-14 au 2011-08-14 ))))))))))))))))))))))))))))))))))))
.
.
2011-08-13 17:41 . 2011-08-13 17:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-12 23:59 . 2011-08-12 23:59 -------- d-----w- c:\users\CHRISTELLE\AppData\Roaming\Malwarebytes
2011-08-12 23:59 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-12 23:59 . 2011-08-12 23:59 -------- d-----w- c:\programdata\Malwarebytes
2011-08-12 23:59 . 2011-08-12 23:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-12 23:59 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-12 23:22 . 2011-08-12 23:22 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-08-12 10:06 . 2011-07-20 07:44 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C992928C-FB3A-4C68-B1C6-3FA16729618D}\mpengine.dll
2011-08-12 00:34 . 2011-08-12 00:34 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-08-11 20:25 . 2011-07-16 05:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-11 20:25 . 2011-07-16 05:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-11 20:25 . 2011-07-16 04:15 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-08-11 20:25 . 2011-07-16 04:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-08-11 20:25 . 2011-07-16 02:21 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-08-11 20:25 . 2011-07-16 02:21 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-08-11 20:25 . 2011-06-21 06:34 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-11 20:25 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-08-11 20:25 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-11 20:25 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-08-10 20:35 . 2011-08-10 20:35 -------- d-----w- c:\users\CHRISTELLE\AppData\Roaming\Avira
2011-08-10 20:12 . 2011-08-10 20:12 -------- d-----w- c:\windows\fr
2011-08-10 20:06 . 2011-01-21 07:42 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-08-10 20:06 . 2011-01-21 07:42 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-08-10 20:06 . 2011-01-21 07:42 126792 ----a-w- c:\windows\system32\drivers\avfwot.sys
2011-08-10 20:06 . 2010-06-17 12:23 98120 ----a-w- c:\windows\system32\drivers\avfwim.sys
2011-08-10 20:06 . 2011-08-10 20:06 -------- d-----w- c:\program files (x86)\Avira
2011-08-10 20:05 . 2011-08-10 20:05 -------- d-----w- c:\windows\en
2011-08-10 20:05 . 2011-08-10 20:05 -------- d-----w- c:\windows\ar
2011-08-10 20:05 . 2011-08-10 20:05 -------- d-----w- c:\windows\bg
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\cs
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\da
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\de
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\el
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\es
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\fi
2011-08-10 20:04 . 2011-08-10 20:04 -------- d-----w- c:\windows\he
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\hr
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\hu
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\it
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\ko
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\lt
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\lv
2011-08-10 20:03 . 2011-08-10 20:03 -------- d-----w- c:\windows\nl
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\no
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\pt-br
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\pt-pt
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\ro
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\ru
2011-08-10 20:02 . 2011-08-10 20:02 -------- d-----w- c:\windows\sk
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\sl
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\sr-latn-cs
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\sv
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\th
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\tr
2011-08-10 20:01 . 2011-08-10 20:01 -------- d-----w- c:\windows\zh-cn
2011-08-10 20:00 . 2011-08-10 20:00 -------- d-----w- c:\windows\zh-tw
2011-08-10 19:09 . 2011-08-10 19:09 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-10 19:08 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-08-10 19:08 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-08-10 19:08 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-08-10 19:08 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-08-10 19:07 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-08-10 19:07 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2011-08-10 19:05 . 2011-08-10 19:05 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7282832c1cc579001\MeshBetaRemover.exe
2011-08-10 17:44 . 2011-08-10 20:06 -------- d-----w- c:\programdata\Avira
2011-08-04 09:40 . 2011-08-04 09:40 -------- d-----w- c:\windows\system32\SPReview
2011-07-24 20:00 . 2011-07-24 20:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-07-24 19:59 . 2011-07-24 19:58 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-07-24 19:58 . 2011-07-24 19:58 -------- d-----w- c:\program files (x86)\Java
2011-07-21 16:28 . 2011-07-21 16:28 -------- d-----w- c:\users\CHRISTELLE\AppData\Local\Deployment
2011-07-16 21:24 . 2011-07-16 21:24 -------- d-----w- c:\users\CHRISTELLE\AppData\Roaming\PC Suite
2011-07-16 21:24 . 2011-07-16 21:24 -------- d-----w- c:\programdata\PC Suite
2011-07-16 20:54 . 2007-05-02 14:33 66560 ----a-w- c:\windows\system32\nmwcdclsx64.dll
2011-07-16 20:54 . 2011-07-16 20:54 -------- d-----w- c:\program files\DIFX
2011-07-16 20:54 . 2007-09-17 13:53 29184 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2011-07-16 20:54 . 2011-07-16 20:54 -------- dc----w- c:\windows\system32\DRVSTORE
2011-07-16 20:52 . 2011-07-16 20:54 -------- d-----w- c:\windows\SysWow64\Samsung_USB_Drivers
2011-07-16 18:31 . 2011-07-16 18:31 -------- d-----w- C:\Temp
2011-07-16 17:28 . 2011-07-16 17:28 -------- d-----w- c:\users\CHRISTELLE\AppData\Local\Samsung
2011-07-16 17:18 . 2011-06-07 09:13 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2011-07-16 17:18 . 2011-06-07 09:13 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2011-07-16 17:14 . 2011-07-16 22:44 -------- d-----w- c:\users\CHRISTELLE\AppData\Local\Downloaded Installations
2011-07-16 17:13 . 2011-06-28 05:32 81122288 ----a-w- c:\users\CHRISTELLE\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe
2011-07-16 15:57 . 2011-07-16 15:57 -------- d-----w- c:\windows\system32\EventProviders
2011-07-16 14:57 . 2010-09-09 07:43 16392 ----a-w- c:\windows\system32\drivers\TFsExDisk.sys
2011-07-16 14:57 . 2009-04-07 07:39 24064 ----a-w- c:\windows\SysWow64\FsExService64.Exe
2011-07-16 14:57 . 2009-04-07 07:39 16392 ----a-w- c:\windows\SysWow64\drivers\TFsExDisk.Sys
2011-07-16 14:55 . 2011-07-16 20:54 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2011-07-16 14:52 . 2011-07-16 20:51 -------- d-----w- c:\users\CHRISTELLE\AppData\Roaming\Samsung
2011-07-16 14:52 . 2011-07-16 14:52 -------- d-----w- c:\program files (x86)\MarkAny
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-04 09:52 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-08-04 09:52 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-16 21:18 . 2007-10-25 15:26 5632 ----a-w- c:\windows\SysWow64\drivers\StarOpen.sys
2011-07-16 04:26 . 2011-08-11 20:26 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-06-24 05:17 . 2011-05-14 15:35 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-15 11:50 . 2011-06-15 11:50 156 ----a-w- c:\users\CHRISTELLE\AppData\Local\GLF1255.tmp
2011-06-11 03:07 . 2011-07-13 09:29 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-06-07 09:13 . 2011-06-07 09:13 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2011-06-07 09:13 . 2011-06-07 09:13 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-06-07 09:13 . 2011-06-07 09:13 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2011-06-07 09:13 . 2011-06-07 09:13 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2011-06-07 09:13 . 2011-06-07 09:13 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2011-06-07 09:13 . 2011-06-07 09:13 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2011-06-07 09:13 . 2011-06-07 09:13 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2011-06-07 09:13 . 2011-06-07 09:13 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2011-06-07 09:13 . 2011-06-07 09:13 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2011-06-07 09:13 . 2011-06-07 09:13 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2011-06-07 09:13 . 2011-06-07 09:13 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2011-06-07 09:13 . 2011-06-07 09:13 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2011-06-07 09:13 . 2011-06-07 09:13 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-06-07 09:13 . 2011-06-07 09:13 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-06-07 09:13 . 2011-06-07 09:13 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2011-06-07 09:13 . 2011-06-07 09:13 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2011-06-07 09:13 . 2011-06-07 09:13 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2011-06-07 09:13 . 2011-06-07 09:13 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2011-06-07 09:13 . 2011-06-07 09:13 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2011-06-07 09:13 . 2011-06-07 09:13 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2011-06-07 09:13 . 2011-06-07 09:13 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2011-06-07 09:13 . 2011-06-07 09:13 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2011-06-07 09:13 . 2011-06-07 09:13 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2011-06-07 09:13 . 2011-06-07 09:13 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2011-06-07 09:13 . 2011-06-07 09:13 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2011-06-07 09:13 . 2011-06-07 09:13 40960 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2011-06-07 09:13 . 2011-06-07 09:13 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2011-06-07 09:13 . 2011-06-07 09:13 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2011-05-24 17:14 . 2011-04-17 16:08 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-24 11:42 . 2011-06-29 08:43 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-29 08:43 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-29 08:43 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-29 08:43 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-29 08:43 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-08-13_15.58.04 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-08-13 15:30 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-08-14 12:00 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-08-13 15:30 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-14 12:00 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-08-13 15:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-14 12:00 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2011-08-13 17:19 53368 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-04-16 11:46 . 2011-08-13 17:19 11530 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1972273453-3807663751-171534141-1000_UserData.bin
- 2011-08-13 15:54 . 2011-08-13 15:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-08-13 17:42 . 2011-08-13 17:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-13 15:54 . 2011-08-13 15:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-13 17:42 . 2011-08-13 17:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-24 23:04 . 2011-08-14 12:00 261858 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 05:01 . 2011-08-13 17:41 489328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-08-13 15:52 489328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-04-16 12:20 . 2011-08-13 17:41 17147512 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1972273453-3807663751-171534141-1000-8192.dat
- 2011-04-16 12:20 . 2011-08-13 15:52 17147512 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1972273453-3807663751-171534141-1000-8192.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-04-16 39408]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"BitComet"="c:\program files (x86)\BitComet\BitComet.exe" [2011-04-22 12401968]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-06-24 941968]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-06-24 3373968]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-06-24 20880]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-07-16 102400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePDRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"Nikon Transfer Monitor"="c:\program files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-12-16 479232]
"PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-01-21 281768]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-5-17 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 51727736]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-09-09 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2011-01-21 339624]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-08-10 136360]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-08-10 421032]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2011-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 12:10]
.
2011-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 12:10]
.
2011-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1972273453-3807663751-171534141-1000Core.job
- c:\users\CHRISTELLE\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-16 12:04]
.
2011-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1972273453-3807663751-171534141-1000UA.job
- c:\users\CHRISTELLE\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-16 12:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-15 9644576]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-28 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-28 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-28 415256]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: Tout télécharger avec BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: Télécharger avec BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\CHRISTELLE\AppData\Roaming\Mozilla\Firefox\Profiles\7wdew2mp.default\
FF - prefs.js: browser.search.selectedEngine - Recherche sécurisée
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1972273453-3807663751-171534141-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*]%*ê*]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1972273453-3807663751-171534141-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*]%*ê*\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
.
**************************************************************************
.
Heure de fin: 2011-08-14 14:04:25 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-08-14 12:04
ComboFix2.txt 2011-08-13 16:04
.
Avant-CF: 66 225 041 408 octets libres
Après-CF: 66 180 608 000 octets libres
.
- - End Of File - - 04868A83BAD18B4549A7E2B85BE44AA6
0
Réponse 8 / 9
cristal88 Messages postés 23 Date d'inscription mardi 9 juin 2009 Statut Membre Dernière intervention 14 mai 2021
14 août 2011 à 14:23
voici le lien contenant le pre scan

http://www.cijoint.fr/cjlink.php?file=cj201108/cijFhwTID2.txt
0
Réponse 9 / 9
Utilisateur anonyme
15 août 2011 à 10:14
re

desinstalle adobe reader 9

===========================

fais glisser une icone n'importe quel fichier sur Pre_scan , pre_script va apparaitre

ouvre Pre_script et colle ce qui suit en gras, à l'interieur du texte qui s'ouvre ,
sans les lignes , en une seule fois en le mettant en surbrillance :
___________________________________________________
Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar]
"Locked"=-
[-HKEY_CURRENT_USER\Software\grep]
[-HKEY_CURRENT_USER\Software\vhosts]

file::
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT

folder::
C:\ProgramData\regid.1986-12.com.adobe

attrib::
___________________________________________________

copie-le (ctrl+c ou clique droit sur la selection puis => copier)

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail

si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
0

Discussions similaires

Comment enlever connecté wise control
Mamina -
bazfile -

2 réponses