Votre question

Besoin aide gomeo et autre ...

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Février 2011 15:31:11

Bonjour à tous

Je ne suis pas une spécialiste de l'informatique et je rencontre un problème je ne peux plus me connecter avec mozilla je suis obliger de passer par IE.

Et sur IE je suis rediriger sur gomeo et autres pubs

Merci de m'aider en langage simple

Autres pages sur : besoin aide gomeo

19 Février 2011 15:38:08

Bonjour
à mon avis c'est ça:
http://forum.malekal.com/trojan-bamital-aka-son-nom-gen...

++++++++++++



  • Télécharge OTL (de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • sous Personnalisation (dans le cadre blanc), copie_colle le contenu du cadre ci dessous:


    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    userinit.exe
    winlogon.exe
    wininit.exe
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT



  • Enfin, clique sur le bouton Analyse. Laisse travailler l'outil.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    Contenus similaires
    19 Février 2011 16:03:08

    re

    1



    telecharge sur ton bureau http://support.kaspersky.com/downloads/utils/tdsskiller... , dezippe le et execute le , un rapport sera crée ici:

    C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu

    tu as aussi directement l'executable là : http://support.kaspersky.com/downloads/utils/tdsskiller...

    o execute le , La fenêtre suivante va s'ouvrir::



    o Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
    o Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:



    o Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

    o Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.

    o Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.

    o Si Suspicious file est indiqué, laisse l'option cochée sur Skip

    o Clique sur Continue puis sur Reboot now pour redémarrer le PC.

    o Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).

    tutoriel--> http://support.kaspersky.com/viruses/solutions?qid=2082...





    2

    Désactive ton antivirus et tout autre type de protection.
    Télécharge ComboFix de sUBs : Combofix
    Sauvegarde-le sur ton bureau et pas ailleurs!

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer

    <@_@>


    19 Février 2011 16:20:36

    Je n'ai rien eu au niveau du scan voici le rapport

    je vais continuer la pocédure


    2011/02/19 16:17:27.0506 5756 TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20
    2011/02/19 16:17:27.0818 5756 ================================================================================
    2011/02/19 16:17:27.0818 5756 SystemInfo:
    2011/02/19 16:17:27.0818 5756
    2011/02/19 16:17:27.0818 5756 OS Version: 6.0.6002 ServicePack: 2.0
    2011/02/19 16:17:27.0818 5756 Product type: Workstation
    2011/02/19 16:17:27.0818 5756 ComputerName: PC-DE-FAMILLEPA
    2011/02/19 16:17:27.0818 5756 UserName: FAMILLE PAGES
    2011/02/19 16:17:27.0818 5756 Windows directory: C:\Windows
    2011/02/19 16:17:27.0818 5756 System windows directory: C:\Windows
    2011/02/19 16:17:27.0818 5756 Processor architecture: Intel x86
    2011/02/19 16:17:27.0818 5756 Number of processors: 2
    2011/02/19 16:17:27.0818 5756 Page size: 0x1000
    2011/02/19 16:17:27.0818 5756 Boot type: Normal boot
    2011/02/19 16:17:27.0818 5756 ================================================================================
    2011/02/19 16:17:28.0193 5756 Initialize success
    2011/02/19 16:17:32.0295 3764 ================================================================================
    2011/02/19 16:17:32.0295 3764 Scan started
    2011/02/19 16:17:32.0295 3764 Mode: Manual;
    2011/02/19 16:17:32.0295 3764 ================================================================================
    2011/02/19 16:17:34.0058 3764 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    2011/02/19 16:17:34.0167 3764 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    2011/02/19 16:17:34.0230 3764 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    2011/02/19 16:17:34.0277 3764 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    2011/02/19 16:17:34.0292 3764 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    2011/02/19 16:17:34.0386 3764 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
    2011/02/19 16:17:34.0479 3764 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    2011/02/19 16:17:34.0526 3764 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    2011/02/19 16:17:34.0573 3764 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    2011/02/19 16:17:34.0604 3764 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    2011/02/19 16:17:34.0635 3764 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    2011/02/19 16:17:34.0667 3764 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    2011/02/19 16:17:34.0713 3764 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    2011/02/19 16:17:34.0745 3764 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
    2011/02/19 16:17:34.0885 3764 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    2011/02/19 16:17:34.0947 3764 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    2011/02/19 16:17:35.0041 3764 ArcSoftKsUFilter (cf3a922857b052c3f073b72c905e4c89) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
    2011/02/19 16:17:35.0135 3764 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/02/19 16:17:35.0197 3764 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    2011/02/19 16:17:35.0275 3764 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    2011/02/19 16:17:35.0353 3764 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    2011/02/19 16:17:35.0447 3764 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
    2011/02/19 16:17:35.0478 3764 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    2011/02/19 16:17:35.0509 3764 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    2011/02/19 16:17:35.0556 3764 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    2011/02/19 16:17:35.0587 3764 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    2011/02/19 16:17:35.0618 3764 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    2011/02/19 16:17:35.0649 3764 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    2011/02/19 16:17:35.0665 3764 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    2011/02/19 16:17:35.0727 3764 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/02/19 16:17:35.0774 3764 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    2011/02/19 16:17:35.0821 3764 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    2011/02/19 16:17:35.0868 3764 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    2011/02/19 16:17:35.0930 3764 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    2011/02/19 16:17:35.0961 3764 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
    2011/02/19 16:17:35.0993 3764 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    2011/02/19 16:17:36.0024 3764 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    2011/02/19 16:17:36.0133 3764 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    2011/02/19 16:17:36.0242 3764 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    2011/02/19 16:17:36.0320 3764 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
    2011/02/19 16:17:36.0367 3764 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    2011/02/19 16:17:36.0398 3764 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
    2011/02/19 16:17:36.0461 3764 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    2011/02/19 16:17:36.0507 3764 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/02/19 16:17:36.0539 3764 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    2011/02/19 16:17:36.0663 3764 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    2011/02/19 16:17:36.0819 3764 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    2011/02/19 16:17:36.0882 3764 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    2011/02/19 16:17:37.0147 3764 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    2011/02/19 16:17:37.0209 3764 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    2011/02/19 16:17:37.0272 3764 fbxusb (504e93682655a7b3af1fb5bff3f44322) C:\Windows\system32\DRIVERS\fbxusb32.sys
    2011/02/19 16:17:37.0303 3764 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    2011/02/19 16:17:37.0365 3764 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    2011/02/19 16:17:37.0381 3764 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    2011/02/19 16:17:37.0412 3764 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    2011/02/19 16:17:37.0459 3764 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    2011/02/19 16:17:37.0615 3764 fssfltr (8e307583e6b45f1accf762fe22a61c0d) C:\Windows\system32\DRIVERS\fssfltr.sys
    2011/02/19 16:17:37.0677 3764 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/02/19 16:17:37.0709 3764 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    2011/02/19 16:17:37.0771 3764 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    2011/02/19 16:17:37.0865 3764 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
    2011/02/19 16:17:37.0927 3764 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2011/02/19 16:17:37.0974 3764 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    2011/02/19 16:17:37.0989 3764 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    2011/02/19 16:17:38.0036 3764 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
    2011/02/19 16:17:38.0083 3764 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    2011/02/19 16:17:38.0161 3764 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    2011/02/19 16:17:38.0192 3764 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    2011/02/19 16:17:38.0239 3764 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    2011/02/19 16:17:38.0270 3764 iaStor (580bfec487c55264bfe3d60c3c24eee1) C:\Windows\system32\drivers\iastor.sys
    2011/02/19 16:17:38.0301 3764 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    2011/02/19 16:17:38.0333 3764 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    2011/02/19 16:17:38.0411 3764 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Acer\Empowering Technology\eRecovery\int15.sys
    2011/02/19 16:17:38.0551 3764 IntcAzAudAddService (4c01298060cf930d26a75a86b874b6ae) C:\Windows\system32\drivers\RTKVHDA.sys
    2011/02/19 16:17:38.0629 3764 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    2011/02/19 16:17:38.0676 3764 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    2011/02/19 16:17:38.0723 3764 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/02/19 16:17:38.0785 3764 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    2011/02/19 16:17:38.0801 3764 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    2011/02/19 16:17:38.0847 3764 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    2011/02/19 16:17:38.0879 3764 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    2011/02/19 16:17:38.0925 3764 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    2011/02/19 16:17:38.0972 3764 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    2011/02/19 16:17:38.0988 3764 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    2011/02/19 16:17:39.0050 3764 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\Windows\system32\DRIVERS\k750bus.sys
    2011/02/19 16:17:39.0097 3764 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2011/02/19 16:17:39.0128 3764 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
    2011/02/19 16:17:39.0191 3764 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    2011/02/19 16:17:39.0315 3764 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/02/19 16:17:39.0378 3764 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    2011/02/19 16:17:39.0393 3764 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    2011/02/19 16:17:39.0425 3764 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    2011/02/19 16:17:39.0456 3764 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    2011/02/19 16:17:39.0487 3764 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    2011/02/19 16:17:39.0549 3764 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    2011/02/19 16:17:39.0627 3764 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    2011/02/19 16:17:39.0659 3764 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    2011/02/19 16:17:39.0690 3764 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    2011/02/19 16:17:39.0721 3764 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
    2011/02/19 16:17:39.0752 3764 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    2011/02/19 16:17:39.0799 3764 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    2011/02/19 16:17:39.0830 3764 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    2011/02/19 16:17:39.0846 3764 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    2011/02/19 16:17:39.0893 3764 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    2011/02/19 16:17:39.0939 3764 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/02/19 16:17:39.0971 3764 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/02/19 16:17:39.0986 3764 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/02/19 16:17:40.0033 3764 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
    2011/02/19 16:17:40.0049 3764 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    2011/02/19 16:17:40.0111 3764 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    2011/02/19 16:17:40.0173 3764 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    2011/02/19 16:17:40.0220 3764 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/02/19 16:17:40.0251 3764 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/02/19 16:17:40.0267 3764 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    2011/02/19 16:17:40.0314 3764 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    2011/02/19 16:17:40.0345 3764 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    2011/02/19 16:17:40.0376 3764 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    2011/02/19 16:17:40.0423 3764 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    2011/02/19 16:17:40.0485 3764 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    2011/02/19 16:17:40.0595 3764 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    2011/02/19 16:17:40.0641 3764 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    2011/02/19 16:17:40.0673 3764 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    2011/02/19 16:17:40.0719 3764 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    2011/02/19 16:17:40.0751 3764 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    2011/02/19 16:17:40.0782 3764 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    2011/02/19 16:17:40.0844 3764 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    2011/02/19 16:17:40.0907 3764 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    2011/02/19 16:17:40.0953 3764 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    2011/02/19 16:17:40.0985 3764 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    2011/02/19 16:17:41.0063 3764 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    2011/02/19 16:17:41.0109 3764 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
    2011/02/19 16:17:41.0141 3764 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    2011/02/19 16:17:41.0156 3764 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    2011/02/19 16:17:41.0219 3764 NVENETFD (b896fb556b4dc1e1d2943559ea79c5c5) C:\Windows\system32\DRIVERS\nvmfdx32.sys
    2011/02/19 16:17:41.0312 3764 NVHDA (f3ef6cb754c908c5e79fe5bb4a7e39ba) C:\Windows\system32\drivers\nvhda32v.sys
    2011/02/19 16:17:41.0484 3764 nvlddmkm (35b7985d727974c7f6046b215ee01048) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    2011/02/19 16:17:41.0562 3764 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    2011/02/19 16:17:41.0593 3764 nvrd32 (73f84853274c0f633425b102b4edd631) C:\Windows\system32\drivers\nvrd32.sys
    2011/02/19 16:17:41.0624 3764 nvsmu (7ec12a73067baca25a8e3e2a58ae83d8) C:\Windows\system32\DRIVERS\nvsmu.sys
    2011/02/19 16:17:41.0655 3764 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    2011/02/19 16:17:41.0687 3764 nvstor32 (a136ba7eb1eebe4b2469f123f4607518) C:\Windows\system32\drivers\nvstor32.sys
    2011/02/19 16:17:41.0749 3764 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    2011/02/19 16:17:41.0858 3764 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
    2011/02/19 16:17:41.0905 3764 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    2011/02/19 16:17:41.0936 3764 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    2011/02/19 16:17:41.0967 3764 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    2011/02/19 16:17:42.0030 3764 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    2011/02/19 16:17:42.0077 3764 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
    2011/02/19 16:17:42.0123 3764 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    2011/02/19 16:17:42.0170 3764 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    2011/02/19 16:17:42.0279 3764 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/02/19 16:17:42.0295 3764 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    2011/02/19 16:17:42.0357 3764 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    2011/02/19 16:17:42.0389 3764 PSDFilter (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys
    2011/02/19 16:17:42.0404 3764 PSDNServ (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys
    2011/02/19 16:17:42.0435 3764 psdvdisk (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys
    2011/02/19 16:17:42.0498 3764 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    2011/02/19 16:17:42.0513 3764 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    2011/02/19 16:17:42.0560 3764 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    2011/02/19 16:17:42.0591 3764 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/02/19 16:17:42.0623 3764 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/02/19 16:17:42.0685 3764 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/02/19 16:17:42.0732 3764 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/02/19 16:17:42.0779 3764 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/02/19 16:17:42.0794 3764 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/02/19 16:17:42.0841 3764 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    2011/02/19 16:17:42.0857 3764 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    2011/02/19 16:17:42.0919 3764 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
    2011/02/19 16:17:42.0981 3764 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/02/19 16:17:43.0044 3764 s115mdfl (e24113fc13b8737c94cf4e3415488c76) C:\Windows\system32\DRIVERS\s115mdfl.sys
    2011/02/19 16:17:43.0106 3764 s115mdm (4029e49e7c673aa0670bd206b0af1b5b) C:\Windows\system32\DRIVERS\s115mdm.sys
    2011/02/19 16:17:43.0153 3764 s115mgmt (eb02ab4ca8bccecfde236cad8fc6e135) C:\Windows\system32\DRIVERS\s115mgmt.sys
    2011/02/19 16:17:43.0184 3764 s115obex (089869db9ffd2ac807fa87fe82ac7761) C:\Windows\system32\DRIVERS\s115obex.sys
    2011/02/19 16:17:43.0231 3764 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    2011/02/19 16:17:43.0309 3764 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2011/02/19 16:17:43.0340 3764 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
    2011/02/19 16:17:43.0387 3764 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
    2011/02/19 16:17:43.0403 3764 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    2011/02/19 16:17:43.0465 3764 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    2011/02/19 16:17:43.0481 3764 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    2011/02/19 16:17:43.0512 3764 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    2011/02/19 16:17:43.0527 3764 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    2011/02/19 16:17:43.0574 3764 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    2011/02/19 16:17:43.0605 3764 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    2011/02/19 16:17:43.0637 3764 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    2011/02/19 16:17:43.0699 3764 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    2011/02/19 16:17:43.0746 3764 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    2011/02/19 16:17:43.0793 3764 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
    2011/02/19 16:17:43.0824 3764 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
    2011/02/19 16:17:43.0839 3764 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/02/19 16:17:43.0902 3764 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    2011/02/19 16:17:43.0933 3764 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    2011/02/19 16:17:43.0949 3764 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    2011/02/19 16:17:43.0980 3764 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    2011/02/19 16:17:44.0073 3764 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
    2011/02/19 16:17:44.0167 3764 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/02/19 16:17:44.0214 3764 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    2011/02/19 16:17:44.0245 3764 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    2011/02/19 16:17:44.0292 3764 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    2011/02/19 16:17:44.0323 3764 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    2011/02/19 16:17:44.0370 3764 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    2011/02/19 16:17:44.0448 3764 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/02/19 16:17:44.0479 3764 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    2011/02/19 16:17:44.0510 3764 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/02/19 16:17:44.0557 3764 tvicport (97dd70feca64fb4f63de7bb7e66a80b1) C:\Windows\system32\drivers\tvicport.sys
    2011/02/19 16:17:44.0588 3764 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    2011/02/19 16:17:44.0651 3764 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    2011/02/19 16:17:44.0697 3764 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    2011/02/19 16:17:44.0744 3764 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    2011/02/19 16:17:44.0775 3764 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    2011/02/19 16:17:44.0807 3764 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    2011/02/19 16:17:44.0838 3764 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    2011/02/19 16:17:44.0900 3764 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
    2011/02/19 16:17:44.0947 3764 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/02/19 16:17:44.0978 3764 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    2011/02/19 16:17:45.0041 3764 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    2011/02/19 16:17:45.0072 3764 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    2011/02/19 16:17:45.0119 3764 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
    2011/02/19 16:17:45.0150 3764 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    2011/02/19 16:17:45.0197 3764 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    2011/02/19 16:17:45.0259 3764 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2011/02/19 16:17:45.0290 3764 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    2011/02/19 16:17:45.0337 3764 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
    2011/02/19 16:17:45.0368 3764 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/02/19 16:17:45.0415 3764 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    2011/02/19 16:17:45.0431 3764 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    2011/02/19 16:17:45.0446 3764 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    2011/02/19 16:17:45.0477 3764 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    2011/02/19 16:17:45.0509 3764 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    2011/02/19 16:17:45.0571 3764 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    2011/02/19 16:17:45.0602 3764 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    2011/02/19 16:17:45.0633 3764 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    2011/02/19 16:17:45.0665 3764 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    2011/02/19 16:17:45.0711 3764 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/02/19 16:17:45.0743 3764 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/02/19 16:17:45.0789 3764 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    2011/02/19 16:17:45.0821 3764 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    2011/02/19 16:17:45.0977 3764 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    2011/02/19 16:17:46.0101 3764 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    2011/02/19 16:17:46.0164 3764 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/02/19 16:17:46.0242 3764 WSVD (0d0367919d12143739cd7ec67a65b6eb) C:\Windows\system32\drivers\WSVD.sys
    2011/02/19 16:17:46.0289 3764 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2011/02/19 16:17:46.0335 3764 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\Windows\system32\drivers\zntport.sys
    2011/02/19 16:17:46.0554 3764 ================================================================================
    2011/02/19 16:17:46.0554 3764 Scan finished
    2011/02/19 16:17:46.0554 3764 ================================================================================
    19 Février 2011 16:37:26

    ComboFix 11-02-18.05 - FAMILLE PAGES 19/02/2011 16:24:55.1.2 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2815.1716 [GMT 1:00]
    Lancé depuis: c:\users\FAMILLE PAGES\Desktop\ComboFix.exe
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ADS - Windows: deleted 72 bytes in 1 streams.

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\diskheckrt
    c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
    c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
    C:\sysmon
    c:\users\FAMILLE PAGES\AppData\Local\lchecz.exe
    c:\users\FAMILLE PAGES\AppData\Local\ognoxh.exe
    c:\users\FAMILLE PAGES\AppData\Roaming\avdrn.dat
    c:\users\FAMILLE PAGES\AppData\Roaming\dwm.exe
    c:\users\FAMILLE PAGES\AppData\Roaming\Microsoft\conhost.exe
    c:\windows\system32\twunk_32.exe

    ----- BITS: Il y a peut-être des sites infectés -----

    hxxp://wlxindex
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-01-19 au 2011-02-19 ))))))))))))))))))))))))))))))))))))
    .

    2011-02-19 14:00 . 2011-02-19 14:11 -------- d-----w- C:\Ad-Remover
    2011-02-17 13:25 . 2011-02-17 13:25 143 ----a-w- c:\users\FAMILLE PAGES\AppData\Roaming\Microsoft\gb_22012848.bat
    2011-02-09 04:21 . 2010-12-31 13:57 2039808 ----a-w- c:\windows\system32\win32k.sys
    2011-01-30 08:01 . 2011-02-15 18:54 -------- d-----w- c:\program files\Unlocker
    2011-01-30 07:38 . 2011-01-30 07:38 -------- d-----w- c:\users\FAMILLE PAGES\AppData\Local\Mozilla
    2011-01-29 21:47 . 2011-01-29 21:47 -------- d-----w- c:\programdata\Driver Mender
    2011-01-29 21:38 . 2011-01-29 21:38 -------- d-----w- c:\users\FAMILLE PAGES\AppData\Roaming\Uniblue
    2011-01-29 21:38 . 2011-01-29 21:38 -------- d-----w- c:\users\FAMILLE PAGES\AppData\Local\PackageAware
    2011-01-29 21:22 . 2011-01-29 21:22 -------- d-----w- c:\program files\ArcSoft
    2011-01-29 08:28 . 2011-01-29 08:28 -------- d-----w- c:\program files\Enigma Software Group
    2011-01-29 08:27 . 2011-01-29 09:03 -------- d-----w- c:\windows\41EBC322660F4D16A0DF53147210CBDB.TMP
    2011-01-29 08:27 . 2011-01-29 08:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-12-28 15:55 . 2011-01-12 11:18 413696 ----a-w- c:\windows\system32\odbc32.dll
    2010-12-14 14:49 . 2011-01-12 11:18 1169408 ----a-w- c:\windows\system32\sdclt.exe
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2008-03-04 22:38 121392 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-21 39408]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]
    "Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
    "PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-22 13535776]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-22 92704]
    "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
    "NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-05-06 196128]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 136600]
    "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 528384]
    "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
    "Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]

    c:\users\FAMILLE PAGES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Notification de cadeaux MSN.lnk - c:\users\FAMILLE PAGES\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2010-7-29 135680]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    ASETRES.EXE [2008-4-14 20480]
    Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-3-21 535336]
    Magic-i Visual Effects.lnk - c:\program files\Hama\Hama Webcam Suite\Magic-i Visual Effects\Magic-i Visual Effects.exe [2009-11-14 330240]
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 135664]
    R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
    R3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
    R3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2007-07-16 30752]
    R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
    R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
    R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
    R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
    R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2007-12-16 75776]
    S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448]
    S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2007-05-30 16640]


    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contenu du dossier 'Tâches planifiées'

    2011-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 08:27]

    2011-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 08:27]

    2011-02-19 c:\windows\Tasks\User_Feed_Synchronization-{A08F2B82-8066-4FA8-90FC-5C9C38270FAB}.job
    - c:\windows\system32\msfeedssync.exe [2011-02-09 04:47]
    .
    .
    ------- Examen supplémentaire -------
    .
    uInternet Settings,ProxyOverride = *.local
    uInternet Settings,ProxyServer = http=127.0.0.1:55778
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - hxxps://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
    FF - ProfilePath - c:\users\FAMILLE PAGES\AppData\Roaming\Mozilla\Firefox\Profiles\6hii0n9l.default\
    FF - prefs.js: network.proxy.http - 127.0.0.1
    FF - prefs.js: network.proxy.http_port - 55778
    FF - prefs.js: network.proxy.type - 1
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
    HKCU-Run-diskheckrt.exe - c:\diskheckrt\diskheckrt.exe
    HKLM-Run-eRecoveryService - (no file)
    HKLM-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe
    HKLM-Run-Apanel - c:\acersw\config\NewSetApanel.cmd
    HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe
    HKLM-Run-conhost - c:\users\FAMILLE PAGES\AppData\Roaming\Microsoft\conhost.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-02-19 16:31
    Windows 6.0.6002 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'Explorer.exe'(5580)
    c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
    c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\system32\nvvsvc.exe
    c:\windows\system32\rundll32.exe
    c:\windows\system32\conime.exe
    c:\windows\RtHDVCpl.exe
    c:\windows\System32\rundll32.exe
    c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    c:\acer\Empowering Technology\ePerformance\MemCheck.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
    c:\program files\Common Files\LightScribe\LSSrvc.exe
    c:\program files\CyberLink\Shared Files\RichVideo.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
    c:\windows\system32\WUDFHost.exe
    c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\ehome\ehmsas.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    c:\program files\iPod\bin\iPodService.exe
    c:\program files\Common Files\Teleca Shared\Generic.exe
    c:\program files\Skype\Plugin Manager\skypePM.exe
    c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
    c:\program files\Internet Explorer\iexplore.exe
    c:\program files\Internet Explorer\iexplore.exe
    c:\program files\Internet Explorer\iexplore.exe
    c:\program files\Internet Explorer\iexplore.exe
    c:\program files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    c:\progra~1\Java\jre6\bin\ssvagent.exe
    c:\progra~1\Java\jre6\bin\ssvagent.exe
    .
    **************************************************************************
    .
    Heure de fin: 2011-02-19 16:35:03 - La machine a redémarré
    ComboFix-quarantined-files.txt 2011-02-19 15:34

    Avant-CF: 76 197 199 872 octets libres
    Après-CF: 76 029 693 952 octets libres

    - - End Of File - - 233C9EF1BD02DED38EA4314D8598C49E
    19 Février 2011 19:46:50

    Plus personne pour m'aider :sweat: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS