J'ai enfin réussi!!! Et maintenant l'ordi est de nouveau super rapide, c'est agréable.
*
ComboFix 12-05-09.01 - nico 12/05/2012 17:35:54.2.1 - x64
Lancé depuis: c:\users\nico\Desktop\winx.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\nico\1036.MST
c:\users\nico\AppData\Local\7c6ec52e\U
c:\users\nico\AppData\Local\7c6ec52e\U\000000cb.@
c:\users\nico\AppData\Local\7c6ec52e\U\80000000.@
c:\users\nico\AppData\Local\7c6ec52e\U\800000cb.@
c:\users\nico\AppData\Local\7c6ec52e\U\800000cf.@
c:\users\nico\Desktop\Internet Explorer.lnk
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\assembly\tmp\U
c:\windows\assembly\tmp\U\00000001.@
c:\windows\assembly\tmp\U\000000c0.@
c:\windows\assembly\tmp\U\000000cb.@
c:\windows\assembly\tmp\U\000000cf.@
c:\windows\assembly\tmp\U\80000000.@
c:\windows\assembly\tmp\U\800000c0.@
c:\windows\assembly\tmp\U\800000cb.@
c:\windows\assembly\tmp\U\800000cf.@
c:\windows\system32\dds_log_trash.cmd
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-04-14 au 2012-05-14 ))))))))))))))))))))))))))))))))))))
.
.
2012-05-14 10:41 . 2012-05-14 10:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-05 17:19 . 2012-05-06 08:41 -------- d-----w- c:\users\nico\DoctorWeb
2012-04-24 15:34 . 2012-05-02 15:05 -------- d-----w- C:\TDSSKiller_Quarantine
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 17:36 . 2009-07-13 23:31 2048 ----a-w- c:\windows\system32\consrv.dll
2012-05-05 14:09 . 2012-03-10 09:30 0 --sha-w- c:\windows\system32\dds_log_ad13.cmd
2012-04-04 13:56 . 2012-03-26 15:48 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-17 08:53 . 2012-03-17 08:53 110080 ----a-r- c:\users\nico\AppData\Roaming\Microsoft\Installer\{5B210B8A-B66E-4702-B44D-0D6F388D29EB}\IconF7A21AF7.exe
2012-03-17 08:53 . 2012-03-17 08:53 110080 ----a-r- c:\users\nico\AppData\Roaming\Microsoft\Installer\{5B210B8A-B66E-4702-B44D-0D6F388D29EB}\IconD7F16134.exe
2012-03-17 08:53 . 2012-03-17 08:53 110080 ----a-r- c:\users\nico\AppData\Roaming\Microsoft\Installer\{5B210B8A-B66E-4702-B44D-0D6F388D29EB}\Icon1226A4C5.exe
2012-03-06 06:43 . 2012-04-11 12:00 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-06 05:59 . 2012-04-11 12:00 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-06 05:59 . 2012-04-11 12:00 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-02 18:41 . 2012-03-02 18:41 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-02 18:41 . 2012-03-02 18:41 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-02 18:41 . 2012-03-02 18:41 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-02 18:41 . 2012-03-02 18:41 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-02 18:41 . 2012-03-02 18:41 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-02 18:41 . 2012-03-02 18:41 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-02 18:41 . 2012-03-02 18:41 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-02 18:41 . 2012-03-02 18:41 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-02 18:41 . 2012-03-02 18:41 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-02 18:41 . 2012-03-02 18:41 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-02 18:41 . 2012-03-02 18:41 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-02 18:41 . 2012-03-02 18:41 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-02 18:41 . 2012-03-02 18:41 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-02 18:41 . 2012-03-02 18:41 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-02 18:41 . 2012-03-02 18:41 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-02 18:41 . 2012-03-02 18:41 448512 ----a-w- c:\windows\system32\html.iec
2012-03-02 18:41 . 2012-03-02 18:41 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-02 18:41 . 2012-03-02 18:41 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-02 18:41 . 2012-03-02 18:41 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-02 18:41 . 2012-03-02 18:41 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-02 18:41 . 2012-03-02 18:41 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-02 18:41 . 2012-03-02 18:41 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-02 18:41 . 2012-03-02 18:41 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-02 18:41 . 2012-03-02 18:41 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-02 18:41 . 2012-03-02 18:41 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-02 18:41 . 2012-03-02 18:41 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-02 18:41 . 2012-03-02 18:41 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-02 18:41 . 2012-03-02 18:41 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-02 18:41 . 2012-03-02 18:41 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-02 18:41 . 2012-03-02 18:41 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-02 18:41 . 2012-03-02 18:41 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-02 18:41 . 2012-03-02 18:41 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-02 18:41 . 2012-03-02 18:41 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-02 18:41 . 2012-03-02 18:41 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-01 06:54 . 2012-04-11 12:00 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:45 . 2012-04-11 12:00 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:40 . 2012-04-11 12:00 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:35 . 2012-04-11 12:00 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:49 . 2012-04-11 12:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:45 . 2012-04-11 12:00 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:40 . 2012-04-11 12:00 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-11 12:01 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-11 12:01 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-11 12:01 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-11 12:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-11 12:01 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-11 12:01 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-11 12:01 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-11 12:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-25 10:27 . 2012-02-25 10:27 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-15 06:27 . 2012-03-14 09:37 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-15 05:44 . 2012-03-14 09:37 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-15 04:47 . 2012-03-14 09:37 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-15 04:46 . 2012-03-14 09:37 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files (x86)\Softonic_France\tbSoft.dll" [2010-06-13 2734688]
.
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
2010-06-13 17:10 2734688 ----a-w- c:\program files (x86)\Softonic_France\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files (x86)\Softonic_France\tbSoft.dll" [2010-06-13 2734688]
.
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
"DeskSpace"="c:\program files (x86)\DeskSpace\deskspace.exe" [2008-12-04 1621232]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-10-08 107864]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-03-15 39408]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-09 1086760]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"BboxUpdate"="c:\program files (x86)\BboxUpdate\eStantAutoRunV.exe" [2008-04-14 6144]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Notification de cadeaux MSN.lnk - c:\users\nico\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2010-9-20 135680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15 136176]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2009-09-21 16392]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 eStantLaunchService;BboxUpdate;c:\program files (x86)\BboxUpdate\eSRunService.exe [2008-04-29 20480]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-05-14 c:\windows\Tasks\AWC Startup.job
- c:\program files (x86)\IObit\Advanced SystemCare 3\AWC.exe [2010-09-13 12:52]
.
2012-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15 13:11]
.
2012-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15 13:11]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-02-12 136136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SE2Bmdfl
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~2\MIF5BA~1\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-NPSStartup - (no file)
SafeBoot-12524049.sys
SafeBoot-84140053.sys
Toolbar-Locked - (no file)
WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-3898950029-172046650-1322706024-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{99563356-8B5A-1882-0E03-DBEE909D6A22}*]
"padogdpoknlddmihepbijjclnjgcoppc"=hex:6a,61,69,6c,65,69,62,6e,62,61,62,67,66,
6b,6a,63,69,6f,65,6c,00,00
"abjdbbgdfeilmcpkpkocjjgbgiehgigigb"=hex:6a,61,69,6c,61,69,66,6d,6a,66,6b,6c,
67,6b,6b,6b,70,64,6c,62,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\BboxUpdate\BTLiveUpdate.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Heure de fin: 2012-05-14 14:23:35 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-05-14 12:23
.
Avant-CF: 82 965 536 768 octets libres
Après-CF: 82 894 217 216 octets libres
.
- - End Of File - - A021AFEB951451AD655A987EE96A3842
Demander de l'aide
RSS
Profil
MYO : Le brassard qui vous fera dire adieu à votre souris
Aidoweb est maintenant sous la protection de CloudFlare
Kim Dotcom, plein d'idées folles
Et si iPhone n'était plus iPhone ?
Disney fait encore des siennes en rachetant la société Lucasfilm.
Les Pays-Bas inscrivent la neutralité du net dans la loi
Facebook Messenger: Plus besoin d'un navigateur web pour discuter sur le chat Facebook
Google Drive: Google lancerait bientôt un service de stockage en ligne
Un tiers des divorces en Angleterre seraient liés à Facebook
Des photos privées de Mark Zuckerberg dévoilées à cause d'une faille de sécurité Facebook
Création barre (type userbar)
Achetez et vendez votre matériel multimédia d'occasion sur notre service de petites annonces informatiques gratuites
